pom.xml
<?xml version="1.0" encoding="UTF-8"?> <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd"> <modelVersion>4.0.0</modelVersion> <parent> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-parent</artifactId> <version>2.5.4</version> <relativePath/> <!-- lookup parent from repository --> </parent> <groupId>com.woniu</groupId> <artifactId>springsecurityday01</artifactId> <version>0.0.1-SNAPSHOT</version> <name>springsecurityday01</name> <description>Demo project for Spring Boot</description> <properties> <java.version>1.8</java.version> </properties> <dependencies> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-web</artifactId> </dependency> <dependency> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> <optional>true</optional> </dependency> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-test</artifactId> <scope>test</scope> </dependency> <!--springboot integrated security coordinates--> <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> <!-- mysql-connector --> <dependency> <groupId>mysql</groupId> <artifactId>mysql-connector-java</artifactId> <version>8.0.32</version> </dependency> <!-- mybatis-plus --> <dependency> <groupId>com.baomidou</groupId> <artifactId>mybatis-plus-boot-starter</artifactId> <version>3.5.1</version> </dependency> <!--mybatis--> <dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.2.0</version> </dependency> </dependencies> <build> <plugins> <plugin> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-maven-plugin</artifactId> <configuration> <excludes> <exclude> <groupId>org.projectlombok</groupId> <artifactId>lombok</artifactId> </exclude> </excludes> </configuration> </plugin> </plugins> </build> </project>
application.yml
server: port: 8082 spring: datasource: driver-class-name: com.mysql.cj.jdbc.Driver url: jdbc:mysql://127.0.0.1:3306/test?useUnicode=true &characterEncoding=utf-8 &serverTimezone=UTC username: root password: 123456789 mybatis: mapper-locations: classpath:mapper/*Dao.xml record: level: com.woniu.dao: debug pattern: console: '%d{yyyy-MM-dd HH:mm:ss.SSS} [%thread] %-5level %logger{50} - %msg%n'
config
SecurityConfig.java
package com.x.springsecurityday01.config; import com.x.springsecurityday01.dao.UserDao; import com.x.springsecurityday01.service.SecurityService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter {<!-- --> @Autowired private SecurityService securityService; @Override public void configure(AuthenticationManagerBuilder auth) throws Exception {<!-- --> //BCryptPasswordEncoder passwordEncoder=new BCryptPasswordEncoder(); //String encode=passwordEncoder.encode("123"); //custom username and password // auth.inMemoryAuthentication().withUser("admin").password(encode).roles("admin"); auth. userDetailsService(securityService); } @Bean public PasswordEncoder passwordEncoder(){<!-- --> return new BCryptPasswordEncoder(); } }
controller
HelloController.java
package com.x.springsecurityday01.controller; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RestController; @RestController /** * @RequestBody + @Controller=@RestController */ public class HelloController {<!-- --> @RequestMapping("/hello") public String hello(){<!-- --> return "hello security"; } }
dao
UserDao.java
package com.x.springsecurityday01.dao; import com.x.springsecurityday01.domain.Users; import org.springframework.stereotype.Repository; @Repository public interface UserDao {<!-- --> /** * Check user information and permissions according to account */ Users getUserInfoByAccount(String account); }
domain
Users.java
package com.x.springsecurityday01.domain; import lombok. AllArgsConstructor; import lombok.Data; import lombok. NoArgsConstructor; import java.util.List; @Data @AllArgsConstructor @NoArgsConstructor public class Users {<!-- --> private Integer id; private String username; private String account; private String password; private List<String> anth;//Permissions owned by this user }
service
SecurityService.java
package com.x.springsecurityday01.service; import com.x.springsecurityday01.dao.UserDao; import com.x.springsecurityday01.domain.Users; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; import java.util.List; @Service public class SecurityService implements UserDetailsService {<!-- --> @Autowired private PasswordEncoder passwordEncoder; @Autowired private UserDao userDao; /** * username: The username passed from the page * @param username * @return * @throws UsernameNotFoundException */ @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {<!-- --> Users userInfo=userDao.getUserInfoByAccount(username); if(userInfo!=null){<!-- --> String join =String.join(",",userInfo.getAnth());//Collection with //According to username, go to the database to check the user information return new User(userInfo.getAccount(), passwordEncoder.encode(userInfo.getPassword()), AuthorityUtils.commaSeparatedStringToAuthorityList(join)); } else {<!-- --> throw new UsernameNotFoundException("User does not exist"); } } }
Startup class
package com.x.springsecurityday01; import org.mybatis.spring.annotation.MapperScan; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; @SpringBootApplication @MapperScan("com.x.springsecurityday01.dao") public class Springsecurityday01Application {<!-- --> public static void main(String[] args) {<!-- --> SpringApplication.run(Springsecurityday01Application.class, args); } }
resources/mapper/
UserDao.xml
<?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" > <mapper namespace="com.x.springsecurityday01.dao.UserDao"> <resultMap id="userMap" type="com.x.springsecurityday01.domain.Users"> <result property="id" column="id"></result> <result property="username" column="username"></result> <result property="account" column="account"></result> <result property="password" column="password"></result> <collection property="anth" ofType="java.lang.String"> <result column="anth_code"></result> </collection> </resultMap> <select id="getUserInfoByAccount" resultMap="userMap"> SELECT us.id, us. username, us.account, us.password, ta.anth_code FROM users us left join t_user_anth tua on us.id=tua.user_id left join t_anth ta on tua.anth_id=ta.id WHERE account=#{account} </select> </mapper>
Database