- 在demo01的基础上继续开发
- web模块编写CustomUserDetailsService
@Component("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService {
// 日志
Logger logger = LoggerFactory.getLogger(getClass());
@Autowired
PasswordEncoder passwordEncoder;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
logger.info("请求认证的用户名: " + username);
// 1. 通过请求的用户名去数据库中查询用户信息
if(!"admin".equalsIgnoreCase(username)) {
throw new UsernameNotFoundException("用户名或密码错误");
}
// 假设当前这个用户在数据库当中存储的密码是admin
String password = passwordEncoder.encode("admin");
// 2. 查询该用户有哪一些权限
// 3. 封装用户信息和权限信息
// username 用户名, password 是数据库中这个用户存储的密码,
// authorities 是权限资源标识, springsecurity会自动的判断用户是否合法,
return new User(username, password,
AuthorityUtils.commaSeparatedStringToAuthorityList("ADMIN"));
}
}
- core模块的SpringSecurityConfig类中注入
@Autowired
UserDetailsService customUserDetailsService;
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(customUserDetailsService);
}
- base模块新建工具类MengxueguResult
@Data
public class MengxueguResult {
// 响应业务状态
private Integer code;
// 响应消息
private String message;
// 响应中的数据
private Object data;
public MengxueguResult() {
}
public MengxueguResult(Object data) {
this.code = 200;
this.message = "OK";
this.data = data;
}
public MengxueguResult(String message, Object data) {
this.code = 200;
this.message = message;
this.data = data;
}
public MengxueguResult(Integer code, String message, Object data) {
this.code = code;
this.message = message;
this.data = data;
}
public static MengxueguResult ok() {
return new MengxueguResult(null);
}
public static MengxueguResult ok(String message) {
return new MengxueguResult(message, null);
}
public static MengxueguResult ok(Object data) {
return new MengxueguResult(data);
}
public static MengxueguResult ok(String message, Object data) {
return new MengxueguResult(message, data);
}
public static MengxueguResult build(Integer code, String message) {
return new MengxueguResult(code, message, null);
}
public static MengxueguResult build(Integer code, String message, Object data) {
return new MengxueguResult(code, message, data);
}
public String toJsonString() {
return JSON.toJSONString(this);
}
/**
* JSON字符串转成 MengxueguResult 对象
* @param json
* @return
*/
public static MengxueguResult format(String json) {
try {
return JSON.parseObject(json, MengxueguResult.class);
} catch (Exception e) {
e.printStackTrace();
}
return null;
}
}
- core模块新建CustomAuthenticationSuccessHandler、CustomAuthenticationFailureHandler
@Component("customAuthenticationSuccessHandler")
public class CustomAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
@Override
public void onAuthenticationSuccess(HttpServletRequest request,
HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
System.out.println("CustomAuthenticationSuccessHandler ---> success");
}
}
@Component("customAuthenticationFailureHandler")
public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
@Override
public void onAuthenticationFailure(HttpServletRequest request,
HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
System.out.println("CustomAuthenticationFailureHandler ---> error");
}
}
- 在SpringSecurityConfig类中注入并使用
@Autowired
private AuthenticationSuccessHandler customAuthenticationSuccessHandler;
@Autowired
private AuthenticationFailureHandler customAuthenticationFailureHandler;
.successHandler(customAuthenticationSuccessHandler)
.failureHandler(customAuthenticationFailureHandler)
# 认证成功时,控制台打印
05:57:06.092 INFO 16552 --- [nio-8080-exec-8] c.y.s.service.CustomUserDetailsService : 请求认证的用户名: admin
CustomAuthenticationSuccessHandler ---> success