當前位置：首頁 > 编程资源 > 编程问答 >内容正文

编程问答

springboot+springsecurity+mybatis plus之用户认证

發布時間：2024/10/5 编程问答 28 豆豆

生活随笔收集整理的這篇文章主要介紹了 springboot+springsecurity+mybatis plus之用户认证小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

一、權限管理的概念

另一個安全框架shiro：shiro之權限管理的描述

導入常用坐標

<dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-test</artifactId><scope>test</scope></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId><version>2.3.6.RELEASE</version></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-security</artifactId><version>2.3.9.RELEASE</version></dependency>

二、spring security用戶認證

1.用戶認證之application.properties配置文件

spring.security.user.name=admin spring.security.user.password=admin

2.用戶認證之自定義配置文件

@Configuration public class SecurityConfig extends WebSecurityConfigurerAdapter {@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();String encode = passwordEncoder.encode("admin");auth.inMemoryAuthentication().withUser("admin").password(encode).roles();}@BeanPasswordEncoder passwordEncoder() {return new BCryptPasswordEncoder();} }

3.數據庫查詢（這一種也是最常用的）

1.使用mybatis plus框架處理dao層

<dependency><groupId>org.projectlombok</groupId><artifactId>lombok</artifactId></dependency><dependency><groupId>mysql</groupId><artifactId>mysql-connector-java</artifactId></dependency><dependency><groupId>com.baomidou</groupId><artifactId>mybatis-plus-boot-starter</artifactId><version>3.4.1</version></dependency>

2.創建數據庫表

3.編寫mapper文件

@Repository public interface UserMapper extends BaseMapper<Users> {}

4.編寫service

package com.zsh.security.service;import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper; import com.zsh.security.mapper.UserMapper; import com.zsh.security.pojo.Users; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.GrantedAuthority; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service;import java.util.List;/*** @author:抱著魚睡覺的喵喵* @date:2021/3/12* @description:*/ @Service("userDetailsService") public class UserDetailServiceImpl implements UserDetailsService {@Autowiredprivate UserMapper userMapper;@Overridepublic UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {QueryWrapper<Users> wrapper = new QueryWrapper<>();wrapper.eq("username", s);Users users = userMapper.selectOne(wrapper);if (users == null) {throw new UsernameNotFoundException("賬號或密碼錯誤!");} else {List<GrantedAuthority> auths = AuthorityUtils.commaSeparatedStringToAuthorityList("role");return new User(users.getUsername(), new BCryptPasswordEncoder().encode(users.getPassword()), auths);}} }

5.編寫配置文件

6.配置數據庫連接

spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver spring.datasource.url=jdbc:mysql://127.0.0.1:3306/springsecurity?serverTimezone=UTC spring.datasource.username=root spring.datasource.password=admin

7.運行

過濾器鏈

三、自定義登錄界面

1.在SecurityConfig2中加入有關http的實現方法

package com.zsh.security.config;import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;/*** @author:抱著魚睡覺的喵喵* @date:2021/3/12* @description:*/ @Configuration public class SecurityConfig2 extends WebSecurityConfigurerAdapter {@Autowiredprivate UserDetailsService userDetailsService;@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());}@Overrideprotected void configure(HttpSecurity http) throws Exception {http.formLogin().loginPage("/login.html") //設置登錄界面.loginProcessingUrl("/user/login") //登錄界面url.defaultSuccessUrl("/test/index") //默認登錄成功界面.and().authorizeRequests() //哪些資源可以直接訪問.antMatchers("/","/test/hello","/user/loin").permitAll() //不做處理.anyRequest().authenticated() //所有請求都可以訪問.and().csrf().disable(); //關閉CSRF}@BeanPasswordEncoder passwordEncoder() {return new BCryptPasswordEncoder();}}

2.login.html

<!DOCTYPE html> <html lang="en"> <head><meta charset="UTF-8"><title>Title</title> </head> <body> <form action="/user/login" method="post">username:<input type="text" name="username"> <br>password:<input type="password" name="password"><br><input type="submit" value="提交"></form> </body> </html>

3.controller

@RestController @RequestMapping("/test") public class SecurityController {@RequestMapping("/hello")public String hello() {return "hello! Spring Security!";}@RequestMapping("/index")public String index() {return "hello index!";} }

4.訪問http://localhost:8080/test/hello

5.訪問http://localhost:8080/login.html

總結

以上是生活随笔為你收集整理的springboot+springsecurity+mybatis plus之用户认证的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。

上一篇： springboot集成spring s
下一篇： springboot+springsec