SpringSecurity_连接mysql（初出茅庐）

SpringSecurity

安装依赖

mybatis-plus、lombok、springweb、Thymeleaf、springsecurity、

        <dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-security</artifactId></dependency><dependency><groupId>org.springframework.boot</groupId><artifactId>spring-boot-starter-web</artifactId></dependency>
<!--mybatis--><dependency><groupId>com.baomidou</groupId><artifactId>mybatis-plus-boot-starter</artifactId><version>3.0.5</version></dependency>
<!--mysql--><dependency><groupId>mysql</groupId><artifactId>mysql-connector-java</artifactId></dependency>
<!--lomok--><dependency><groupId>org.projectlombok</groupId><artifactId>lombok</artifactId></dependency>

运行，默认用户名user，查看默认的密码

创建成功
查看localhost

Config

继承 WebSecurityConfigurerAdapter

package com.yma16.config;import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Autowiredprivate UserDetailsService userDetailsService;@Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(userDetailsService).passwordEncoder(password());//加密}@BeanPasswordEncoder password(){
    return new BCryptPasswordEncoder();//注解}@Overrideprotected void configure(HttpSecurity http) throws Exception{
    http.formLogin().and().authorizeRequests().anyRequest().authenticated();//身份验证}
}

配置文件

• 基于内存的用户配置
• 基于JDBC的用户存储
• 以LDAP作为后端的用户存储
• 自定义用户详情服务

properties文件配置

server.port=2234
spring.security.user.name=yma16
spring.security.user.password=123456

继承WebSecurityConfigureAdapter配置

重写configure方法

package com.yma16.springsecurity;import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Overrideprotected void configure(AuthenticationManagerBuilder auth) throws Exception {
    
// super.configure(auth);//继承重写//添加用户auth.inMemoryAuthentication().withUser("yma16").password("123456").authorities("ROLE_USER").and().withUser("sxy").password("12345").authorities("ROLE_USER");}
}

基于jdbc的用户存储

连接mysql

properties配置文件

server.port=1998
#spring.security.user.name=yma16
#spring.security.user.password=123456
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/springsecurity?serverTimezone=GMT%2B8
spring.datasource.username=root
spring.datasource.password=123456

entity（对应数据库表）

users类

package com.yma16.entity;
import lombok.Data;//简便生成get、set方法 lombok@Data
public class Users {
    private Integer id;private String username,password;
}

mapper接口（增删改查）

UsersMapper接口继承BaseMapper

package com.yma16.mapper;import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.yma16.entity.Users;
import org.springframework.stereotype.Repository;@Repository
public interface UsersMapper extends BaseMapper<Users> {
    //增删改查}

service（UserDetailsService）

package com.yma16.service;import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.yma16.entity.Users;
import com.yma16.mapper.UsersMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;import java.util.List;@Service("userDetailsService")
public class MyUserDetailsService implements UserDetailsService {
    @Autowiredprivate UsersMapper usersMapper;// Reposotory@Overridepublic UserDetails loadUserByUsername(String username) throws UsernameNotFoundException{
    //根据用户名查询QueryWrapper<Users> wrapper=new QueryWrapper();//where 语句 where usename=?wrapper.eq("username",username);Users users=usersMapper.selectOne(wrapper);if(users==null){
    //没有该用户throw new UsernameNotFoundException("没有该用户！");//抛出错误}List<GrantedAuthority> auths= AuthorityUtils.commaSeparatedStringToAuthorityList("role");return new User(users.getUsername(),new BCryptPasswordEncoder().encode(users.getPassword()),auths);//
// return new User("yma16",new BCryptPasswordEncoder().encode("123456"),auths);}
}

运行

登录

ok，没问题，下一步开始配置前端界面。