引入依賴
spring security web mybatis druid連接池 mysql
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>2.1.1</version>
</dependency>
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid-spring-boot-starter</artifactId>
<version>1.1.10</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
<version>5.1.28</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<resources>
<resource>
<directory>src/main/java</directory>
<includes>
<include>**/*.xml</include>
</includes>
</resource>
<resource>
<directory>src/main/resources</directory>
</resource>
</resources>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
application.properties
spring.datasource.username=**
spring.datasource.password=**
spring.datasource.type=com.alibaba.druid.pool.DruidDataSource
spring.datasource.url=jdbc:mysql://localhost:3306/vhr
server.port=8081
主配置類掃描xml文件和接口
@MapperScan(basePackages = "org.lyb.baiweiserver.mapper ") //掃描配置文件
Service查詢用戶
@Service
public class HrService implements UserDetailsService {
@Autowired
HrMapper hrMapper;
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
Hr hr = hrMapper.loadUserByUsername(s);
if (hr == null){
throw new UsernameNotFoundException("用戶不存在");
}
return hr;
}
}
Mapper
public interface HrMapper {
/**
* 根據用戶名登陸
* @param username 用戶名
* @return
*/
Hr loadUserByUsername(String username);
HrMapper.xml
<select id="loadUserByUsername" resultMap="BaseResultMap">
select * from hr where username=#{username};
</select>
config裏面
@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
HrService hrService;
/**
* 加密密碼編碼器
* @return
*/
@Bean
PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests() //授權
.anyRequest().authenticated() //任何請求要認證
.and()
.formLogin() //登錄
.loginProcessingUrl("/doLogin")//登陸要處理的請求
.successHandler(new AuthenticationSuccessHandler() { //身份驗證成功處理程序
/**
* 認證成功方法
* @param req Http Servlet請求
* @param resp 響應
* @param authentication 認證
* @throws IOException
* @throws ServletException
*/
@Override
public void onAuthenticationSuccess(HttpServletRequest req, HttpServletResponse resp,
Authentication authentication) throws IOException, ServletException {
resp.setContentType("application/json;charset=utf-8"); //響應字體
Hr hr =(Hr) authentication.getPrincipal(); //獲取對象認證
RespBean respBean = RespBean.ok("登錄成功", hr); //自定義封裝響應請求信息
ObjectMapper objectMapper = new ObjectMapper(); //轉換器
String s = objectMapper.writeValueAsString(respBean); //改成字符串
PrintWriter out = resp.getWriter(); //獲取流
out.write(s); //寫入
out.flush();
}
})
.failureHandler(new AuthenticationFailureHandler() {
/**
* 身份驗證失敗處
* @param req 請求
* @param resp 響應
* @param exception 驗證異常
* @throws IOException
* @throws ServletException
*/
@Override
public void onAuthenticationFailure(HttpServletRequest req,
HttpServletResponse resp, AuthenticationException exception) throws IOException, ServletException {
resp.setContentType("application/json;charset=utf-8");
RespBean respBean = RespBean.error("登陸失敗"); //自定義封裝異常
if (exception instanceof BadCredentialsException){
respBean.setMsg("用戶名或密碼錯誤");
}else if (exception instanceof DisabledException){
respBean.setMsg("賬戶被禁用,請聯繫管理員");
}
ObjectMapper objectMapper = new ObjectMapper();//轉換器
String s = objectMapper.writeValueAsString(respBean); //改字符串
PrintWriter writer = resp.getWriter();
writer.write(s); //失敗信息寫入流中
writer.flush();
writer.close();
}
})
.permitAll() //其它請求
.and()
.csrf()
.disable();
}
}
model
/**
*封裝請求信息
*/
public class RespBean {
private Integer status; //狀態碼
private String msg; //描敘
private Object obj; //可以帶對象
public static RespBean ok(String msg, Object obj) {
return new RespBean(200, msg, obj);
}
public static RespBean ok(String msg) {
return new RespBean(200, msg, null);
}
public static RespBean error(String msg, Object obj) {
return new RespBean(500, msg, obj);
}
public static RespBean error(String msg) {
return new RespBean(500, msg, null);
}
private RespBean() {
}
private RespBean(Integer status, String msg, Object obj) {
this.status = status;
this.msg = msg;
this.obj = obj;
}
public Integer getStatus() {
return status;
}
public void setStatus(Integer status) {
this.status = status;
}
public String getMsg() {
return msg;
}
public void setMsg(String msg) {
this.msg = msg;
}
public Object getObj() {
return obj;
}
public void setObj(Object obj) {
this.obj = obj;
}
}
http://localhost:8081/doLogin接下來和前端對接
