1、创建maven项目,写下各种路径
2、先在pom.xml文件中导入依赖
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
</dependencies>
3、下一步写个启动类Application
package com.hopu.boot;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
@SpringBootApplication
public class Application {
public static void main(String[] args) {
SpringApplication.run(Application.class, args);
}
}
4、然后设置权限,用户名和密码
@Service("userDetailsService")
public class MyUserDetailService implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
// 权限
List<GrantedAuthority> grantedAuthorities =
AuthorityUtils.commaSeparatedStringToAuthorityList("admins");
// 用户名、密码、权限
User user = new User
("admin",
new BCryptPasswordEncoder().encode("123456"),
grantedAuthorities);
return user;
}
}
5、写登录页面
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
</head>
<body>
<form action="/user/login" method="post">
用户名:<input type="text" name="username"> <br>
密码:<input type="password" name="password"> <br>
<input type="submit" value="login">
</form>
</body>
</html>
6、之后自定义用户名和密码、自定义登录页面;下一步给密码加密
@Configuration
public class MyConfig extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// 1、表示使用那个UserDetailService: 自定义认证(用户名和密码)
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
// 2、自定义登录页面
http.formLogin()
.loginPage("/login.html")
.loginProcessingUrl("/user/login")
.defaultSuccessUrl("/success").permitAll()
.and().authorizeRequests()
.antMatchers("/login", "/user/login").permitAll()
.anyRequest().authenticated()
.and().csrf().disable();
}
// 3、给密码加密
@Bean
PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
7、跳转成功的请求
@RestController
public class HelloController {
@RequestMapping("/success")
public String success() {
return "success";
}
}