用户认证
获取用户名密码的方式:
- 通过配置文件
- 通过配置类
- 自定义编写实现类
通过配置文件配置
在配置文件中加入用户名密码的配置:
spring:security:user:name: testpassword: test
通过配置类配置
示例:
创建一个配置类,继承 WebSecurityConfigurerAdapter 并实现 configure方法
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.inMemoryAuthentication() // 从内存中读取
.withUser("test") // 用户名
.password("tiger") // 密码
.roles("admin"); // 角色
}
}
如果要将密码加密,可以使用 BCryptPasswordEncoder进行加密:
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
// 将密码使用BCryptPasswordEncoder进行加密
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
String passwordEncode = encoder.encode("tiger");
auth.inMemoryAuthentication().withUser("test").password(passwordEncode).roles("admin");
}
// 将 BCryptPasswordEncoder 作为PasswordEncoder类型的Bean加入spring容器
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
自定义实现类设置
配置步骤:
- 创建配置类,设置使用哪个UserDetailsService实现类
- 编写实现类,返回User对象,User对象有用户名和密码操作权限
创建UserDetailsService的实现类:
@Service("userDetailsService")
public class MyUserDetailService implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// TODO 查询数据库获取用户的密码
String password = "tiger";
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
String passwordEncode = encoder.encode(password);
// TODO 查询数据库获取用户的权限
List<GrantedAuthority> roleList = AuthorityUtils.commaSeparatedStringToAuthorityList("testRole");
return new User(username, passwordEncode, roleList);
}
}
将PasswordEncoder加入Spring容器,并将UserDetailsService、PasswordEncoder配置到auth中
@Configuration
public class SecurityConfigUser extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService) // 使用的用户名配置类
.passwordEncoder(passwordEncoder()); // 使用的密码配置类
}
@Bean
PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
整合Mybatis-Plus
- 加入pom依赖
<dependency> <groupId>com.baomidou</groupId> <artifactId>mybatis-plus-boot-starter</artifactId> <version>3.4.2</version> </dependency> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> </dependency> <dependency> <groupId>com.oracle.ojdbc</groupId> <artifactId>ojdbc8</artifactId> </dependency> <dependency> <groupId>com.oracle.ojdbc</groupId> <artifactId>orai18n</artifactId> </dependency>
- 创建表
create table User_Info ( userid int, username varchar2(200), password varchar2(20) );
- 加入数据库配置
spring: datasource: url: jdbc:oracle:thin:@localhost:1521/orcl username: myData password: tiger driver-class-name: oracle.jdbc.OracleDriver
- 创建实体类
@Data public class UserInfo { private Integer userid; private String username; private String password; }
- 编写mapper
@Repository public interface UserInfoMapper extends BaseMapper<UserInfo> { }
在主启动类加上MapperScan注解 ```java @SpringBootApplication @MapperScan public class SpringSecurity01Application {
public static void main(String[] args) {
SpringApplication.run(SpringSecurity01Application.class, args);}
}
7.
在自定义UserDetailsService类中使用Mybatis-plus进行数据库查询
```java
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// 查询数据库获取用户的密码
QueryWrapper<UserInfo> wrapper = new QueryWrapper<>();
wrapper.eq("username", username);
UserInfo userInfo = userInfoMapper.selectOne(wrapper);
if(userInfo == null) {
// 该用户不存在
throw new UsernameNotFoundException("user[" + username + "]不存在");
}
String password = userInfo.getPassword();
// ......
}
若有收获,就点个赞吧
0 人点赞
