6.springsecurity+mybatis实现登录验证
Posted 结构化思维wz
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了6.springsecurity+mybatis实现登录验证相关的知识,希望对你有一定的参考价值。
springsecurity+mybatis实现登录验证
1.设计数据库表
本章不再单独设计表,继续使用jpa的表:
2.创建工程
3.创建目录结构
4.配置mybatis
#配置数据库
spring.datasource.url=jdbc:mysql://localhost:3306/withjpa?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai
spring.datasource.username=root
spring.datasource.password=123456
mybatis.mapper-locations=classpath:mapper/*.xml
5.编写实体类
user
package com.example.mybatisandsecurity.model;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;
/**
* @author: 王泽
*/
public class User implements UserDetails {
private Long id;
private String username;
private String password;
private List<Role> roles;
private boolean accountNonExpired;
private boolean accountNonLocked;
private boolean credentialsNonExpired;
private boolean enabled;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public void setUsername(String username) {
this.username = username;
}
public void setPassword(String password) {
this.password = password;
}
public List<Role> getRoles() {
return roles;
}
public void setRoles(List<Role> roles) {
this.roles = roles;
}
public void setAccountNonExpired(boolean accountNonExpired) {
this.accountNonExpired = accountNonExpired;
}
public void setAccountNonLocked(boolean accountNonLocked) {
this.accountNonLocked = accountNonLocked;
}
public void setCredentialsNonExpired(boolean credentialsNonExpired) {
this.credentialsNonExpired = credentialsNonExpired;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
List<SimpleGrantedAuthority> authorities=new ArrayList<>(roles.size());
for (Role role : roles) {
authorities.add(new SimpleGrantedAuthority(role.getName()));
}
return authorities;
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return accountNonExpired;
}
@Override
public boolean isAccountNonLocked() {
return accountNonLocked;
}
@Override
public boolean isCredentialsNonExpired() {
return credentialsNonExpired;
}
@Override
public boolean isEnabled() {
return enabled;
}
}
Role
package com.example.mybatisandsecurity.model;
import java.io.Serializable;
/**
* @author: 王泽
*/
public class Role implements Serializable {
private Long id;
private String name;
private String nameZh;
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getNameZh() {
return nameZh;
}
public void setNameZh(String nameZh) {
this.nameZh = nameZh;
}
}
6.编写dao层
UserMapper
package com.example.mybatisandsecurity.mapper;
import com.example.mybatisandsecurity.model.Role;
import com.example.mybatisandsecurity.model.User;
import org.apache.ibatis.annotations.Mapper;
import java.util.List;
/**
* @author: 王泽
*/
@Mapper
public interface UserMapper {
User loadUserByUsername(String username);
List<Role> getRolesByUserid(Long id);
}
UserMapper.xml
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper
PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
"http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.example.mybatisandsecurity.mapper.UserMapper">
<select id="loadUserByUsername" resultType="com.example.mybatisandsecurity.model.User">
select * from t_user where username=#{username};
</select>
<select id="getRolesByUserid" resultType="com.example.mybatisandsecurity.model.Role">
select * from t_role r,t_user_roles tur where tur.`roles_id`=r.`id` AND tur.`t_user_id`=#{id};
</select>
</mapper>
7.编写service
package com.example.mybatisandsecurity.service;
import com.example.mybatisandsecurity.mapper.UserMapper;
import com.example.mybatisandsecurity.model.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
/**
* @author: 王泽
*/
@Service
public class UserService implements UserDetailsService {
@Autowired
UserMapper userMapper;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = userMapper.loadUserByUsername(username);
if(user==null){
throw new UsernameNotFoundException("用户不存在");
}
user.setRoles(userMapper.getRolesByUserid(user.getId()));
return user;
}
}
8.配置security
package com.example.mybatisandsecurity.config;
import com.example.mybatisandsecurity.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
/**
* @author: 王泽
*/
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
UserService userService;
@Bean //密码加密
PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userService);
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.anyRequest().authenticated()//所有用户必须登录才能访问
.and().formLogin()
.permitAll()
.and().csrf().disable();
}
}
9.编写controller测试
@RestController
public class HelloController {
@GetMapping("/hello")
public String hello(){
return "hello, security + mybatis!!";
}
}
以上是关于6.springsecurity+mybatis实现登录验证的主要内容,如果未能解决你的问题,请参考以下文章