web权限方案
设置登录的用户名和密码(用户认证)
- 通过配置文件(application.properties)
spring.security.user.name = csear
spring.security.user.password = 123456
- 通过配置类
@Configuration
//继承WebSecurityConfigurerAdapter类
public class SecurityConfig extends WebSecurityConfigurerAdapter {
//重写configure方法
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//密码加密
BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
String password = passwordEncoder.encode("666666");
//设置登录的用户名和密码
auth.inMemoryAuthentication().withUser("cesar").password(password).roles("admin");
}
//如果直接运行以上代码 在输入密码时,console会出现java.lang.IllegalArgumentException: There is no PasswordEncoder mapped for the id "null"的错误
//这是因为需要实现PasswordEncoder接口
@Bean
PasswordEncoder password(){
return new BCryptPasswordEncoder();
}
}
第二种方式不实用,因此开发中需要采用第三种方式自定义编写实现类
- 自定义编写实现类
第一步编写配置类
@Configuration
public class SecurityConfigNew extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(password());
}
@Bean
PasswordEncoder password(){
return new BCryptPasswordEncoder();
}
}
第二步 编写UserDetailsService实现类
@Service("userDetailsService")
public class MyUserDetailsService implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
List<GrantedAuthority> auths = AuthorityUtils.commaSeparatedStringToAuthorityList("role");
return new User("mary",new BCryptPasswordEncoder().encode("666666"),auths);
}
}
查询数据库完成认证
- 第一步整合mybatis-plus
<!-- mybatis-plus -->
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.4.3<