SpringSecurity实现登录注册
-
-
- SpringSecurity
-
- 安装依赖
- Config
- 配置文件
-
- properties文件配置
- 继承WebSecurityConfigureAdapter配置
- 基于jdbc的用户存储
-
- 连接mysql
- entity(对应数据库表)
- mapper接口(增删改查)
- service(UserDetailsService)
- 运行
-
SpringSecurity
安装依赖
mybatis-plus、lombok、springweb、Thymeleaf、springsecurity、
<dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-security</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId></dependency>
<!--mybatis--><dependency><groupId>com.baomidou</groupId><artifactId>mybatis-plus-boot-starter</artifactId><version>3.0.5</version></dependency>
<!--mysql--><dependency><groupId>mysql</groupId><artifactId>mysql-connector-java</artifactId></dependency>
<!--lomok--><dependency><groupId>org.projectlombok</groupId><artifactId>lombok</artifactId></dependency>
运行,默认用户名user,查看默认的密码
创建成功
查看localhost
Config
继承 WebSecurityConfigurerAdapter
package com.yma16.config;import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowiredprivate UserDetailsService userDetailsService;@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(password());//加密}@BeanPasswordEncoder password(){
return new BCryptPasswordEncoder();//注解}@Overrideprotected void configure(HttpSecurity http) throws Exception{
http.formLogin().and().authorizeRequests().anyRequest().authenticated();//身份验证}
}
配置文件
- 基于内存的用户配置
- 基于JDBC的用户存储
- 以LDAP作为后端的用户存储
- 自定义用户详情服务
properties文件配置
server.port=2234
spring.security.user.name=yma16
spring.security.user.password=123456
继承WebSecurityConfigureAdapter配置
重写configure方法
package com.yma16.springsecurity;import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {
// super.configure(auth);//继承重写//添加用户auth.inMemoryAuthentication().withUser("yma16").password("123456").authorities("ROLE_USER").and().withUser("sxy").password("12345").authorities("ROLE_USER");}
}
基于jdbc的用户存储
连接mysql
properties配置文件
server.port=1998
#spring.security.user.name=yma16
#spring.security.user.password=123456
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/springsecurity?serverTimezone=GMT%2B8
spring.datasource.username=root
spring.datasource.password=123456
entity(对应数据库表)
users类
package com.yma16.entity;
import lombok.Data;//简便生成get、set方法 lombok@Data
public class Users {
private Integer id;private String username,password;
}
mapper接口(增删改查)
UsersMapper接口继承BaseMapper
package com.yma16.mapper;import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.yma16.entity.Users;
import org.springframework.stereotype.Repository;@Repository
public interface UsersMapper extends BaseMapper<Users> {
//增删改查}
service(UserDetailsService)
package com.yma16.service;import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.yma16.entity.Users;
import com.yma16.mapper.UsersMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;import java.util.List;@Service("userDetailsService")
public class MyUserDetailsService implements UserDetailsService {
@Autowiredprivate UsersMapper usersMapper;// Reposotory@Overridepublic UserDetails loadUserByUsername(String username) throws UsernameNotFoundException{
//根据用户名查询QueryWrapper<Users> wrapper=new QueryWrapper();//where 语句 where usename=?wrapper.eq("username",username);Users users=usersMapper.selectOne(wrapper);if(users==null){
//没有该用户throw new UsernameNotFoundException("没有该用户!");//抛出错误}List<GrantedAuthority> auths= AuthorityUtils.commaSeparatedStringToAuthorityList("role");return new User(users.getUsername(),new BCryptPasswordEncoder().encode(users.getPassword()),auths);//
// return new User("yma16",new BCryptPasswordEncoder().encode("123456"),auths);}
}
运行
登录
ok,没问题,下一步开始配置前端界面。