spring security笔记一
创建SecurityConfig类,加上@Configuration注解
添加授权方法:
/**
* 访问路径授权
*
* @param http
* @return
* @throws Exception
*/
@Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
// 自定义登录页面 loginPage指定登录页路径 loginProcessingUrl登录认证路径
http.formLogin().usernameParameter("username").passwordParameter("password").loginPage("/person/login")
.loginProcessingUrl("/login").successForwardUrl("/login/success").failureForwardUrl("/login/failure");
// 退出登录
http.logout().logoutUrl("/logout").logoutSuccessUrl("/index");
// 获取权限集合
List<Authority> list = this.authorityService.getAllAuthorityAndMatchResource();
if (!CollectionUtils.isEmpty(list) && list.size() > 0) {
list.forEach(authority -> {
try {
// 获取权限路径
List<String> resourceUrl = authority.getResourceUrl();
if (!CollectionUtils.isEmpty(resourceUrl) && resourceUrl.size() > 0) {
// 设置权限
http.authorizeHttpRequests((author) -> {
author.antMatchers(CommonUtils.listToArray(resourceUrl)).hasRole(authority.getCode());
}).httpBasic();
}
} catch (Exception e) {
e.printStackTrace();
}
});
}
return http.csrf().disable().build();
}
资源权限查询和结果映射:
<select id="getAllAuthorityAndMatchResource" resultMap="authAndMathResResult">
select t.*, r.url as url
from authority t
right join resource r on t.id = r.authority_id and r.status = 1
where t.status = 1
group by t.code, r.url
</select>
<resultMap id="authAndMathResResult" type="authority">
<id property="id" column="id"/>
<result property="code" column="code"/>
<result property="describes" column="describes"/>
<result property="status" column="status"/>
<collection property="resourceUrl" ofType="String" javaType="java.util.List">
<result column="url"/>
</collection>
</resultMap>
忽略权限的地址:
@Bean
public WebSecurityCustomizer webSecurityCustomizer() {
// 可配置无登录的路径,其他作用没想好
return (web) -> web.ignoring().antMatchers("/", "/index");
}
用户认证,从数据库拉取出来放到内存:
/**
* 用户认证
*
* @param //encoder 加密
* @return
*/
@Bean
public InMemoryUserDetailsManager userDetailsService(PasswordEncoder encoder) {
// 获取用户信息
List<UserInfo> userInfoList = this.personService.structLoginInfo(null);
List<UserDetails> userDetailsList = new ArrayList<>();
userInfoList.forEach(userInfo -> {
userDetailsList.add(User.withUsername(userInfo.getLoginName()).password(userInfo.getPassword())
.roles(userInfo.getAuthorityCode()).build());
});
return new InMemoryUserDetailsManager(userDetailsList);
}
继承加密类并实现:
import org.pro.service.encoder.PasswordEncoderService;
import org.pro.utils.CommonUtils;
import org.springframework.stereotype.Service;
/**
* @author Administrator
*/
@Service("passwordEncoderService")
public class PasswordEncoderServiceImpl implements PasswordEncoderService {
@Override
public String encode(CharSequence rawPassword) {
if (rawPassword != null) {
String str = rawPassword.toString();
return CommonUtils.doubleEncryption(str);
}
return "";
}
@Override
public boolean matches(CharSequence rawPassword, String encodedPassword) {
if (rawPassword != null && encodedPassword != null) {
return encodedPassword.equals(CommonUtils.doubleEncryption(rawPassword.toString()));
}
return false;
}
}
用户数据类:
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
/**
* @author Administrator
*/
@Data
@NoArgsConstructor
@AllArgsConstructor
public class UserInfo {
private Long userId;
private String loginName;
private String password;
private Long roleId;
private String authorityCode;
}
浙公网安备 33010602011771号