Springboot 整合SpringSecurity

• 老规矩 先引入maven

       <dependency>
            <groupId>org.springframework.boot</groupId>
            <artifactId>spring-boot-starter-security</artifactId>
        </dependency>

• 创建一个MyUserDatailService 这里提供了登录数据，每当有登录时 会调用 这个类 的loadUserByUsername 方法

@Service
public class MyUserDatailService implements UserDetailsService{

    @Autowired
    UserService service;

    @Autowired
    private BCryptPasswordEncoder passwordEncoder;


    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
    
     
        List<GrantedAuthority> authorities = new ArrayList<>();
        // 角色必须以`ROLE_`开头，数据库中没有
        authorities.add(new SimpleGrantedAuthority("ROLE_" + "ADMIN"));
        //这里我们设置一个固定密码 权限为ADMIN
        return new User(
                username,
                passwordEncoder.encode("admin"),
                authorities
        );

    }
}

• 创建两个处理器

public class OnSucessHandle implements AuthenticationSuccessHandler {
    @Override
    public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication 				authentication) throws IOException, ServletException {
        response.getWriter().write("登录成功");
    }
}

public class OnFaildHandle implements AuthenticationFailureHandler {
    @Override
    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
        response.getWriter().write("登录失败");
    }
}

• 创建配置类

@Configuration
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private MyUserDatailService userDatailService;

    /**
     * 指定加密方式
     */


    @Override
    protected void configure(HttpSecurity http) throws Exception {
        //如何有验证码加上这行
        http.addFilterBefore(new VerCodeFilter("/Login/Login"), UsernamePasswordAuthenticationFilter.class);

        http.formLogin().
        		 loginProcessingUrl("/Login/Login") //自定义登录接口
                .successHandler(new OnSucessHandle()) //登录成功处理器
                .failureHandler(new OnFaildHandle()). //登录失败处理器

                and() 
                .authorizeRequests()
                .antMatchers("/Login/**").permitAll() // 放行Login/ 开头的接口
                .anyRequest().authenticated() // 剩下接口全部需要先登录才能请求
                .and()
                .csrf().disable();// post请求要关闭csrf验证,不然访问报错；实际开发中开启，需要前端配合传递其他参数
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.
                 userDetailsService(userDatailService)
                .passwordEncoder(new BCryptPasswordEncoder());
    }
}

• 如果你的登录有验证码 记着加上过滤器

public class VerCodeFilter  extends AbstractAuthenticationProcessingFilter {

    private final String LoginURL="/Login/Login";

    public VerCodeFilter(String defaultFilterProcessesUrl) {
        super(defaultFilterProcessesUrl);
    }

    @Override
    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {

        HttpServletRequest req = (HttpServletRequest) request;
        HttpServletResponse res=(HttpServletResponse)response;
        if(LoginURL.equals(req.getServletPath()) && "POST".equalsIgnoreCase(req.getMethod())){
            HttpSession session = req.getSession();

            if (session.getAttribute("code")==null ||!session.getAttribute("code").equals(req.getParameter("Code"))){
                res.getWriter().write("验证码错误");
                return;
            }
        }
        chain.doFilter(request, response);
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
        return null;
    }
}

• 权限认证

	@PreAuthorize("hasAnyRole('ADMIN')")
    @GetMapping("/queryUserPage")
   	public String getTest(){
        return "asdasd";
    }