第四章 登录(上)
前言
这章的主要内容是通过 SpringSecurity 来实现一个简单的登录功能! 官网文档
一、引入依赖
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>启动项目,访问地址http://127.0.0.1:8888/upms,看到如下界面则表示成功
二、关联数据库
要实现动态的用户名密码,则需要实现 UserDetailsService 里面的 loadUserByUsername 方法。 新建一个 UserDetailsServiceImpl 的类,代码如下:
java
package com.ailot.cloud.upms.api.service.impl;
import cn.hutool.core.util.ArrayUtil;
import cn.hutool.core.util.ObjectUtil;
import cn.hutool.core.util.StrUtil;
import com.ailot.cloud.upms.api.service.SysUserService;
import com.ailot.cloud.upms.common.entity.SysUser;
import com.baomidou.mybatisplus.core.toolkit.Wrappers;
import lombok.AllArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.Arrays;
import java.util.Collection;
import java.util.HashSet;
import java.util.Set;
@Service
@AllArgsConstructor
public class UserDetailsServiceImpl implements UserDetailsService {
private final SysUserService sysUserService;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
SysUser sysUser = sysUserService.getOne(Wrappers.<SysUser>lambdaQuery().eq(SysUser::getUsername, username));
if (ObjectUtil.isEmpty(sysUser)){
throw new UsernameNotFoundException("用户不存在");
}
UserDetails userDetails = AssembleUserDetails(sysUser);
return userDetails;
}
/**
* 组装userDetails
* @param sysUser
* @return
*/
private UserDetails AssembleUserDetails(SysUser sysUser) {
// 初始一个空的权限,后期这个权限会从数据库里面查出来
Collection<? extends GrantedAuthority> authorities
= AuthorityUtils.createAuthorityList(new String[0]);
return new User(sysUser.getUsername(), sysUser.getPassword(),authorities);
}
/**
* 指定加解密算法
* @return
*/
@Bean
PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
}将数据库里面的明文密码1替换为通过 BCryptPasswordEncoder 加密后的密文,我们来写个测试用例来获取密文,代码如下:
java
package com.ailot.cloud.upms.api;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.test.context.junit4.SpringRunner;
@RunWith(SpringRunner.class)
@SpringBootTest
public class PasswordEncoder {
@Test
public void password() {
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
System.out.println(encoder.encode("1"));
}
}运行后得到密文(每次运行后的密文是不一样的),如图: 
数据库数据如下: 
新建一个登录成功后的回调方法,返回 true
java
package com.ailot.cloud.upms.api.controller;
import com.ailot.cloud.upms.common.entity.SysUser;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("/")
public class IndexController {
@GetMapping
public Boolean index() {
return true;
}
}启动项目,输入用户名:test 密码:1 执行登录操作,可以发现能够正常跳转,并在浏览器打印了 true 
当前版本 tag:1.0.2 代码仓库
三、 体验地址
后台数据库只给了部分权限,报错属于正常!
想学的老铁给点点关注吧!!!
我是阿咕噜,一个从互联网慢慢上岸的程序员,如果喜欢我的文章,记得帮忙点个赞哟,谢谢!