SpringSecurity认证——设置用户名与密码

一、第一种:配置文件

spring.security.user.name=admin
spring.security.user.password=123456

二、第二种:配置类

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //使用BCryptPasswordEncoder类对密码进行加密
        BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
        String encode = bCryptPasswordEncoder.encode("123456");
        //roles不可以为空,如果没有设置roles,就会报错
        auth.inMemoryAuthentication().withUser("lucy").password(encode).roles("admin");
    }

    //加密密码需要用到PasswordEncoder接口,需要设置PasswordEncoder实例化对象
    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }
}

三、第三种:自定义编写实现类

注:当SpringBoot在配置文件和配置类中都无法找到,才会在UserDetailsService接口中找

实现UserDetailsService接口

配置

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    UserDetailsService userDetailsService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        //设置使用的userDetailsService与passwordEncoder实现类
        auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
    }

    //加密密码需要用到PasswordEncoder接口,需要设置PasswordEncoder实例化对象
    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }
}

UserDetailsService实现类

这里是写死的用户名和密码

@Service("userDetailsService")
public class MyDetailService implements UserDetailsService {

    @Override
    public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
        List<GrantedAuthority> auth = AuthorityUtils.commaSeparatedStringToAuthorityList("admin");
        //返回User对象,User对象中有用户名、密码、操作权限
        return new User("aaa",new BCryptPasswordEncoder().encode("123"),auth);
    }
}

3.1、从数据库查询用户名对应的密码

这里是使用mybatis-plus查询的信息

导入依赖

        <dependency>
            <groupId>mysql</groupId>
            <artifactId>mysql-connector-java</artifactId>
            <version>5.1.47</version>
        </dependency>
        <dependency>
            <groupId>com.baomidou</groupId>
            <artifactId>mybatis-plus-boot-starter</artifactId>
            <version>3.3.2</version>
        </dependency>
        <dependency>
            <groupId>org.projectlombok</groupId>
            <artifactId>lombok</artifactId>
            <version>1.18.12</version>
            <scope>provided</scope>
        </dependency>

创建数据库表

创建实体类

@Data
@Component
public class Users {

    private int id;
    private String username;
    private String password;

}

创建mapper接口

@Repository
public interface UserMapper extends BaseMapper<Users> {
}

设置MapperScan

@SpringBootApplication
@MapperScan("com.springsecurity.setlogin.mapper")
public class SpringsecuritySetloginApplication {

    public static void main(String[] args) {
        SpringApplication.run(SpringsecuritySetloginApplication.class, args);
    }

}

配置数据库信息 

spring.datasource.driver-class-name=com.mysql.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/security?useSSL=false&serverTimezone=GMT%2B8
spring.datasource.username=root
spring.datasource.password=123456

 实现类

@Service("userDetailsService")
public class MyDetailService implements UserDetailsService {

    @Autowired
    UserMapper userMapper;

    @Override
    public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {

        //从数据库中查询对应用户名的密码
        QueryWrapper<Users> wrapper = new QueryWrapper();
        wrapper.eq("username", s);
        Users users = userMapper.selectOne(wrapper);
        
        //查出的用户信息为空时,报出异常
        if(users == null){
            throw new UsernameNotFoundException("用户名不存在");
        }

        List<GrantedAuthority> auth = AuthorityUtils.commaSeparatedStringToAuthorityList("admin");
        return new User(users.getUsername(),new BCryptPasswordEncoder().encode(users.getPassword()),auth);
    }
}

四、测试 

控制层

@RestController
public class loginController {

    @GetMapping("/hello")
    public String hello(){
        return "hello SpringSecurity";
    }
}

输入用户名和密码

结果


版权声明:本文为hjjjjjjj_原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
THE END
< <上一篇
下一篇>>