SpringBootSecurity(一)登录用户表 user user 实体登录参数实体登录用户实体实现User

新建一个有Security的项目,引入数据库等所需的依赖
用户表

create table if not exists `sys_user` (
    `id` bigint not null auto_increment comment 'id',
    `user_name` varchar(64) not null default '' comment '用户名',
    `nick_name` varchar(64) not null default '' comment '昵称',
    `password` varchar(255) not null default '' comment '密码',
    `status` tinyint not null default 1 comment '状态 0-停用 1-正常',
    `create_time` datetime default null comment '创建时间',
    `update_time` datetime default null comment '更新时间',
    primary key (`id`)
)engine=InnoDB default charset=utf8mb4 comment = '用户表';

核心代码实现

密码加密 BCryptPasswordEncoder

BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
String crypt = bCryptPasswordEncoder.encode("123456");

实现 UserDetails

@Data
public class LoginUser implements UserDetails {

    private User user;

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return null;
    }

    @Override
    public String getPassword() {
        return user.getPassword();
    }

    @Override
    public String getUsername() {
        return user.getUserName();
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    @Override
    public boolean isEnabled() {
        return true;
    }
}

实现UserDetailsService方法

@Service
public class UserDetailsServiceImpl implements UserDetailsService {

    @Autowired
    private UserMapper userMapper;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

        // 查询用户信息
        LambdaQueryWrapper<User> lambdaQueryWrapper = new LambdaQueryWrapper<>();
        lambdaQueryWrapper.eq(Strings.isNotEmpty(username),User::getUserName,username);
        User user = userMapper.selectOne(lambdaQueryWrapper);
        if (Objects.isNull(user)) {
            throw new RuntimeException("用户名未找到!");
        }
        // 查询权限信息
        
        // 返回 UserDetails
        LoginUser loginUser = new LoginUser();
        loginUser.setUser(user);
        return loginUser;
    }
}

配置

@Configuration
@EnableWebSecurity
public class SecurityConfig {

    // 配置加密方式
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

    // 配置认证
    @Bean
    public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
        return authenticationConfiguration.getAuthenticationManager();
    }

    // 配置过滤
    @Bean
    public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
        httpSecurity
                .csrf().disable() // 关闭 csrf
                .sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS) // 关闭session 验证
                .and()
                .authorizeHttpRequests()
                .antMatchers("/api/login").permitAll()
                .anyRequest().authenticated();
        return httpSecurity.build();
    }

}

LoginService

public interface LoginService extends IService<User> {

    public GResponse login(User user);
}

LoginServiceImpl

@Service
public class LoginServiceImpl extends ServiceImpl<UserMapper, User> implements LoginService {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Override
    public GResponse login(User user) {
        // 用户认证
        UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(user.getUserName(),user.getPassword());
        Authentication authenticate = authenticationManager.authenticate(authenticationToken);
        // 判断认证结果
        if (Objects.isNull(authenticate)) {
            throw new RuntimeException("登录失败!");
        }
        LoginUser loginUser = (LoginUser) authenticate.getPrincipal();

        return GResponse.success("登录成功!",loginUser);
    }
}

LoginController

@PostMapping("/api/login")
public GResponse login(@RequestBody User user) {
    return loginService.login(user);
}

Postman

截屏2022-10-13 14.00.18.png