展开
拓展 关闭
订阅号推广码
GitHub
视频
公告栏 关闭

动态数据认证与认证处理

  • 在demo01的基础上继续开发
  • web模块编写CustomUserDetailsService
@Component("customUserDetailsService")
public class CustomUserDetailsService implements UserDetailsService {

    // 日志
    Logger logger = LoggerFactory.getLogger(getClass());

    @Autowired
    PasswordEncoder passwordEncoder;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        logger.info("请求认证的用户名: " + username);
        // 1. 通过请求的用户名去数据库中查询用户信息
        if(!"admin".equalsIgnoreCase(username)) {
            throw new UsernameNotFoundException("用户名或密码错误");
        }
        // 假设当前这个用户在数据库当中存储的密码是admin
        String password = passwordEncoder.encode("admin");
        // 2. 查询该用户有哪一些权限
        // 3. 封装用户信息和权限信息
        // username 用户名, password 是数据库中这个用户存储的密码,
        // authorities 是权限资源标识, springsecurity会自动的判断用户是否合法,
        return new User(username, password,
                AuthorityUtils.commaSeparatedStringToAuthorityList("ADMIN"));
    }

}
  • core模块的SpringSecurityConfig类中注入
@Autowired
UserDetailsService customUserDetailsService;

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.userDetailsService(customUserDetailsService);
}
  • base模块新建工具类MengxueguResult
@Data
public class MengxueguResult {

    // 响应业务状态
    private Integer code;

    // 响应消息
    private String message;

    // 响应中的数据
    private Object data;

    public MengxueguResult() {
    }
    
    public MengxueguResult(Object data) {
        this.code = 200;
        this.message = "OK";
        this.data = data;
    }
    
    public MengxueguResult(String message, Object data) {
        this.code = 200;
        this.message = message;
        this.data = data;
    }

    public MengxueguResult(Integer code, String message, Object data) {
        this.code = code;
        this.message = message;
        this.data = data;
    }

    public static MengxueguResult ok() {
        return new MengxueguResult(null);
    }
    
    public static MengxueguResult ok(String message) {
        return new MengxueguResult(message, null);
    }
    
    public static MengxueguResult ok(Object data) {
        return new MengxueguResult(data);
    }
    
    public static MengxueguResult ok(String message, Object data) {
        return new MengxueguResult(message, data);
    }

    public static MengxueguResult build(Integer code, String message) {
        return new MengxueguResult(code, message, null);
    }

    public static MengxueguResult build(Integer code, String message, Object data) {
        return new MengxueguResult(code, message, data);
    }

    public String toJsonString() {
        return JSON.toJSONString(this);
    }

    /**
     * JSON字符串转成 MengxueguResult 对象
     * @param json
     * @return
     */
    public static MengxueguResult format(String json) {
        try {
            return JSON.parseObject(json, MengxueguResult.class);
        } catch (Exception e) {
            e.printStackTrace();
        }
        return null;
    }

}
  • core模块新建CustomAuthenticationSuccessHandler、CustomAuthenticationFailureHandler
@Component("customAuthenticationSuccessHandler")
public class CustomAuthenticationSuccessHandler implements AuthenticationSuccessHandler {
    @Override
    public void onAuthenticationSuccess(HttpServletRequest request,
        HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
        System.out.println("CustomAuthenticationSuccessHandler ---> success");
    }
}

@Component("customAuthenticationFailureHandler")
public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
    @Override
    public void onAuthenticationFailure(HttpServletRequest request,
            HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
        System.out.println("CustomAuthenticationFailureHandler ---> error");
    }
}
  • 在SpringSecurityConfig类中注入并使用
@Autowired
private AuthenticationSuccessHandler customAuthenticationSuccessHandler;

@Autowired
private AuthenticationFailureHandler customAuthenticationFailureHandler;

.successHandler(customAuthenticationSuccessHandler)
.failureHandler(customAuthenticationFailureHandler)
  • 测试成功
# 认证成功时,控制台打印
05:57:06.092  INFO 16552 --- [nio-8080-exec-8] c.y.s.service.CustomUserDetailsService   : 请求认证的用户名: admin
CustomAuthenticationSuccessHandler ---> success
posted @ 2022-06-24 06:03  DogLeftover  阅读(39)  评论(0)    收藏  举报