[SpringSecurity]web权限方案_用户认证_查询数据库完成认证

Posted 唐火

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了[SpringSecurity]web权限方案_用户认证_查询数据库完成认证相关的知识,希望对你有一定的参考价值。

#mysql 数据库连接
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver 
spring.datasource.url=jdbc:mysql://localhost:3306/demo?serverTimezone=UTC
spring.datasource.username=root 
spring.datasource.password=root

package com.atguigu.securitydemo1.config;


import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration
public class SecurityConfigTest extends WebSecurityConfigurerAdapter 



    @Autowired
    private UserDetailsService userDetailsService;


    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception 

      auth.userDetailsService(userDetailsService).passwordEncoder(password());

    



    @Bean
    PasswordEncoder password()
    
        return new BCryptPasswordEncoder();

第一步 引入依赖

整合MyBatisPlus完成数据库操作

<dependencies>
 <dependency>
 <groupId>org.springframework.boot</groupId>
 <artifactId>spring-boot-starter-web</artifactId>
 </dependency>
 <dependency>
 <groupId>org.springframework.boot</groupId>
 <artifactId>spring-boot-starter-security</artifactId>
 </dependency>
 <dependency>
 <groupId>org.springframework.boot</groupId>
 <artifactId>spring-boot-starter-test</artifactId>
 <scope>test</scope>
 </dependency>
 <!--mybatis-plus-->
 <dependency>
 <groupId>com.baomidou</groupId>
 <artifactId>mybatis-plus-boot-starter</artifactId>
 <version>3.0.5</version>
 </dependency>
 <!--mysql-->
 <dependency>
 <groupId>mysql</groupId>
 <artifactId>mysql-connector-java</artifactId>
 </dependency>
 <!--lombok 用来简化实体类-->
 <dependency>
 <groupId>org.projectlombok</groupId>
 <artifactId>lombok</artifactId>
 </dependency>
</dependencies>

第二步 创建数据库和数据库表

第三步 创建users表对应实体类

package com.atguigu.securitydemo1.entity;

import lombok.Data;

@Data
public class Users 

    private Integer id;
    private String username;
    private String password;

第四步 整合mp,创建接口,继承mp的接口

package com.atguigu.securitydemo1.entity;

import lombok.Data;

@Data
public class Users 

    private Integer id;
    private String username;
    private String password;

第五步 在MyUserDetailsService调用mapper里面的方法查询数据库进行用户认证

package com.atguigu.securitydemo1.service;

import com.atguigu.securitydemo1.entity.Users;
import com.atguigu.securitydemo1.mapper.UsersMapper;
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;

import java.util.List;


@Service("userDetailsService")
public class MyUserDetailsService implements UserDetailsService 

    @Autowired
    private UsersMapper usersMapper;


    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException 

        //调用userMapper方法,根据用户名查询数据库
        QueryWrapper<Users> wrapper = new QueryWrapper<>();

        //where username = ?
        wrapper.eq("username",username);

        Users users = usersMapper.selectOne(wrapper);

        //判断
        if (users==null)//数据库没有用户名,认证失败
        
            throw new UsernameNotFoundException("用户名不存在!");
        



        List<GrantedAuthority> auths = AuthorityUtils.commaSeparatedStringToAuthorityList("rold");

        return new User(users.getUsername(),new BCryptPasswordEncoder().encode(users.getPassword()),auths);

第六步 在启动类添加注解MapperScan

package com.atguigu.securitydemo1;

import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;

@SpringBootApplication
@MapperScan("com.atguigu.securitydemo1.mapper")
public class Securitydemo1Application 

    public static void main(String[] args) 
        SpringApplication.run(Securitydemo1Application.class, args);

以上是关于[SpringSecurity]web权限方案_用户认证_查询数据库完成认证的主要内容,如果未能解决你的问题,请参考以下文章

[SpringSecurity]web权限方案_CSRF功能

[SpringSecurity]web权限方案_用户授权_基于权限访问控制_基于角色访问控制_hasAuthority和hasAnyAuthority_hasRole和hasAnyRole

[SpringSecurity]web权限方案_用户认证_自定义用户登录页面

[SpringSecurity]web权限方案_用户授权_注解使用

[SpringSecurity]web权限方案_用户认证_查询数据库完成认证

[SpringSecurity]web权限方案_自动登陆_原理分析和具体实现