1.0 框架整合
1.1 创建模块
1.2 导入POM
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <artifactId>shiro_springboot</artifactId> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.2.1.RELEASE</version> <relativePath /> <!-- <relativePath /> 我这边不加这个会报错故加上 relativePath元素中的地址–本地仓库–远程仓库 设定一个空值将始终从仓库中获取,不从本地路径获取。--> </parent> <dependencies> <dependency> <groupId>org.apache.shiro</groupId> <artifactId>shiro-spring-boot-web-starter</artifactId> <version>1.9.0</version> </dependency> <!--mybatis-plus--> <dependency> <groupId>com.baomidou</groupId> <artifactId>mybatis-plus-boot-starter</artifactId> <version>3.0.5</version> </dependency> <!--mysql--> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.46</version> </dependency> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-thymeleaf</artifactId> </dependency> </dependencies> <properties> <maven.compiler.source>8</maven.compiler.source> <maven.compiler.target>8</maven.compiler.target> </properties> </project>
1.3、添加配置文件
添加配置文件 application.yml,添加基础配置
mybatis-plus: configuration: log-impl: org.apache.ibatis.logging.stdout.StdOutImpl mapper-locations: classpath:mapper/*.xml spring: datasource: type: com.zaxxer.hikari.HikariDataSource driver-class-name: com.mysql.jdbc.Driver url: jdbc:mysql://localhost:3306/shirodb?characterEncoding=utf8&useSSL=false username: root password: root jackson: date-format: yyyy-MM-dd HH:mm:ss time-zone: GMT+8 shiro: loginUrl: /myController/login
1.4、添加启动类
添加启动类
package com.yanwc.shiro; import org.mybatis.spring.annotation.MapperScan; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication @MapperScan("com.yanwc.shiro.mapper") public class ShiroApplication { public static void main(String[] args) { SpringApplication.run(ShiroApplication.class,args); } }
2.0、登录认证整合
2.1、登录实现认证准备
代码层级
(1)创建库表
CREATE DATABASE IF NOT EXISTS `shirodb` CHARACTER SET utf8mb4; USE `shirodb`; CREATE TABLE `user` ( `id` BIGINT(20) NOT NULL AUTO_INCREMENT COMMENT '编号', `name` VARCHAR(30) DEFAULT NULL COMMENT '用户名', `pwd` VARCHAR(50) DEFAULT NULL COMMENT '密码', `rid` BIGINT(20) DEFAULT NULL COMMENT '角色编号', PRIMARY KEY (`id`) ) ENGINE=INNODB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 COMMENT='用户表';
INSERT INTO `shirodb`.`user` (`id`, `name`, `pwd`, `rid`) VALUES (1, '张三', '7174f64b13022acd3c56e2781e098a5f', NULL);
账号:张三 密码:z3 经过加盐3次加密得出上面的(想用的这个账号起码配置的代码要和我一样的)
(2)创建实体
@Data @NoArgsConstructor @AllArgsConstructor public class User { private Integer id; private String name; private String pwd; private Integer rid; }
(3)创建 mapper
@Repository public interface UserMapper extends BaseMapper<User> { }
(4)创建 service
1、创建接口
public interface UserService { //用户登录 User getUserInfoByName(String name); }
2 创建实现类
@Service public class UserServiceImpl implements UserService { @Autowired private UserMapper userMapper; @Override public User getUserInfoByName(String name) { QueryWrapper<User> wrapper = new QueryWrapper<>(); wrapper.eq("name",name); User user = userMapper.selectOne(wrapper); return user; } }
(5)自定义realm
@Component public class MyRealm extends AuthorizingRealm { @Autowired private UserService userService; //自定义授权方法 @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { return null; } //自定义登录认证方法 @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { //1 获取用户身份信息 String name = token.getPrincipal().toString(); //2 调用业务层获取用户信息(数据库中) User user = userService.getUserInfoByName(name); //3 判断并将数据完成封装 if(user!=null){ AuthenticationInfo info = new SimpleAuthenticationInfo( token.getPrincipal(), user.getPwd(), ByteSource.Util.bytes("salt"), token.getPrincipal().toString() ); return info; } return null; } }
(6)编写配置类
@Configuration public class ShiroConfig { @Autowired private MyRealm myRealm; //配置 SecurityManager @Bean public DefaultWebSecurityManager defaultWebSecurityManager(){ //1 创建 defaultWebSecurityManager 对象 DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager(); //2 创建加密对象,并设置相关属性 HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(); //2.1 采用 md5 加密 matcher.setHashAlgorithmName("md5"); //2.2 迭代加密次数 matcher.setHashIterations(3); //3 将加密对象存储到 myRealm 中 myRealm.setCredentialsMatcher(matcher); //4 将 myRealm 存入 defaultWebSecurityManager 对象 defaultWebSecurityManager.setRealm(myRealm); //5 返回 return defaultWebSecurityManager; } //配置 Shiro 内置过滤器拦截范围 @Bean public DefaultShiroFilterChainDefinition shiroFilterChainDefinition(){ DefaultShiroFilterChainDefinition definition = new DefaultShiroFilterChainDefinition(); //设置不认证可以访问的资源 definition.addPathDefinition("/myController/userLogin","anon"); definition.addPathDefinition("/login","anon"); //设置需要进行登录认证的拦截范围 definition.addPathDefinition("/**","authc"); return definition; } }
(7)实现controller
@Controller @RequestMapping("myController") public class MyController { @GetMapping("userLogin") @ResponseBody public String userLogin(String name,String pwd){ //1 获取 Subject 对象 Subject subject = SecurityUtils.getSubject(); //2 封装请求数据到 token 对象中 AuthenticationToken token = new UsernamePasswordToken(name,pwd); //3 调用 login 方法进行登录认证 try { subject.login(token); return "登录成功"; } catch (AuthenticationException e) { e.printStackTrace(); System.out.println("登录失败"); return "登录失败"; } } }
(8)测试
访问地址:http://localhost:8080/myController/userLogin?name=张三&pwd=z3
即可成功;有问题可留言;大家在这里有些搞不清楚原因的请看后面章节;
