一、设置登录系统的账号密码
1、在application文件中设置
1. spring.security.user.name=tom 2. spring.security.user.password=123
但是密码明文写在文档中,总归是不好的。
2、编写类实现接口
@Configuration public class SecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); //给密码123加密 String password = passwordEncoder.encode("123"); auth.inMemoryAuthentication().withUser("tom").password(password).roles("admin"); } @Bean PasswordEncoder password() { return new BCryptPasswordEncoder(); } }
其实写在代码中也不是很好,一般我们都是从数据库中拿用户名和密码。
二、实现数据库认证完成用户登录
1、准备sql
CREATE TABLE users( id BIGINT PRIMARY KEY AUTO_INCREMENT, username VARCHAR(20) UNIQUE NOT NULL, PASSWORD VARCHAR(100) ); -- 密码 atguigu INSERT INTO users VALUES(1,'张 san','$2a$10$2R/M6iU3mCZt3ByG7kwYTeeW0w7/UqdeXrb27zkBIizBvAven0/na'); -- 密码 atguigu INSERT INTO users VALUES(2,'李 si','$2a$10$2R/M6iU3mCZt3ByG7kwYTeeW0w7/UqdeXrb27zkBIizBvAven0/na'); CREATE TABLE role( id BIGINT PRIMARY KEY AUTO_INCREMENT, NAME VARCHAR(20) ); INSERT INTO role VALUES(1,'管理员'); INSERT INTO role VALUES(2,'普通用户'); CREATE TABLE role_user( uid BIGINT, rid BIGINT ); INSERT INTO role_user VALUES(1,1); INSERT INTO role_user VALUES(2,2); CREATE TABLE menu( id BIGINT PRIMARY KEY AUTO_INCREMENT, NAME VARCHAR(20), url VARCHAR(100), parentid BIGINT, permission VARCHAR(20) ); INSERT INTO menu VALUES(1,'系统管理','',0,'menu:system'); INSERT INTO menu VALUES(2,'用户管理','',0,'menu:user'); CREATE TABLE role_menu( MID BIGINT, rid BIGINT ); INSERT INTO role_menu VALUES(1,1);
2、添加依赖
<!--mybatis-plus--> <dependency> <groupId>com.baomidou</groupId> <artifactId>mybatis-plus-boot-starter</artifactId> <version>3.0.5</version> </dependency> <!--mysql--> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>5.1.37</version> </dependency> <!--lombok 用来简化实体类--> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> </dependency>
3、实体类
@Data public class Users { private Integer id; private String username; private String password; }
4、mapper (使用mabtis-plus)
@Repository public interface UsersMapper extends BaseMapper<Users> { }
5、登录的实现类
@Service("UserDetailsService") public class MyUserDetailsService implements UserDetailsService { @Autowired private UsersMapper usersMapper; @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { QueryWrapper<Users> queryWrapper = new QueryWrapper<>(); queryWrapper.eq("username", username); Users users = usersMapper.selectOne(queryWrapper); if(users == null){ throw new UsernameNotFoundException("用户名不存在!"); } //数据库搜索获得数据 List<GrantedAuthority> auths = AuthorityUtils.commaSeparatedStringToAuthorityList("role"); return new User(users.getUsername(), new BCryptPasswordEncoder().encode(users.getPassword()), auths); } }
6、配置数据库
#mysql 数据库连接 spring.datasource.driver-class-name=com.mysql.jdbc.Driver spring.datasource.url=jdbc:mysql://localhost:3308/demo?serverTimezone=GMT%2B8 spring.datasource.username=root spring.datasource.password=root
