Spring Security结合MyBatis的用户及角色简单

介绍

what is Spring Security.png
这是Spring Security官方文档的一段介绍，大概是讲Spring Security为基于Java开发的应用程序提供了全面的安全服务，建议我们结合Spring去使用，现在有很多身份验证都是通过第三方的，但是Spring Security提供了自己的一组身份验证特性。具体来说，Spring Security目前支持所有这些技术的身份验证集成；

运行原理

security.png

大概画了security的主要拦截器的流程图。

代码实现

1. 添加依赖

   <dependency>
     <groupId>org.mybatis.spring.boot</groupId>
     <artifactId>mybatis-spring-boot-starter</artifactId>
     <version>1.3.1</version>
   </dependency>
   <dependency>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-security</artifactId>
   </dependency>
   <dependency>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-thymeleaf</artifactId>
   </dependency>
   <dependency>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-web</artifactId>
   </dependency>
   
   <dependency>
     <groupId>mysql</groupId>
     <artifactId>mysql-connector-java</artifactId>
     <scope>runtime</scope>
   </dependency>
   <dependency>
     <groupId>org.springframework.boot</groupId>
     <artifactId>spring-boot-starter-test</artifactId>
     <scope>test</scope>
   </dependency>
   <dependency>
     <groupId>org.projectlombok</groupId>
     <artifactId>lombok</artifactId>
   </dependency>
   <dependency>
     <groupId>org.springframework.security</groupId>
     <artifactId>spring-security-test</artifactId>
     <scope>test</scope>
   </dependency>
   

2. yml配置

   server:
     port: 80
   spring:
     datasource:
       driver-class-name: com.mysql.jdbc.Driver
       url: jdbc:mysql://localhost:3306/securite?useUnicode=true&characterEncoding=utf8
       username: root
       password: 123
   mybatis:
     configuration:
       map-underscore-to-camel-case: true
   

3. 数据库

   
   user.png

   roles 表示角色，多个角色用“，”隔开，前缀是ROLE_。

4. 实体类

   @Data
   public class UserModel {
   
       private int id;
       private String name;
       private String password;
       private int age;
       private String address;
       private String roles;
   }
   

5. mapper层

   @Mapper
   public interface UserMapper {
       @Select("select * from user where name = #{name}")
       UserModel getUserByName(String name);
   }
   

6. service 层

   @Service
   public class UserService {
   
       @Autowired
      private UserMapper userMapper;
   
       public UserModel getUserByName(String name) {
           return userMapper.getUserByName(name);
       }
   }
   

7. UserDetailsService具体实现（这里就是具体校验过程）

   @Service
   public class MyUserDetailsService implements UserDetailsService {
   
       @Autowired
       private UserService userService;
   
       @Override
       public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
           UserModel userModel = userService.getUserByName(s);
           if (userModel == null) {
               throw new UsernameNotFoundException("用户不存在");
           }
   
           return new User(userModel.getName(), userModel.getPassword(),
                   createAuthority(userModel.getRoles()));
   
       }
       //这里是将数据库的角色分割，构造GrantedAuthority
       private List<SimpleGrantedAuthority> createAuthority(String roles) {
           String[] roleArray = roles.split(",");
           List<SimpleGrantedAuthority> authorityList = new ArrayList<>();
           for (String role : roleArray) {
               authorityList.add(new SimpleGrantedAuthority(role));
           }
           return authorityList;
       }
   }
   

8. 拦截规则设置

   @EnableWebSecurity
   @Configuration
   public class MyWebSecuriteConfig extends WebSecurityConfigurerAdapter {
   
       @Autowired
       private MyUserDetailsService myUserDetailsService;
       @Override
       protected void configure(HttpSecurity http) throws Exception {
           http.authorizeRequests()//拦截
                   .antMatchers("/", "/home").permitAll()//允许/、/home的访问
                   .antMatchers("/user/**").hasAnyRole("USER")//用户USER角色的用户访问有关/user下面的所有
                   .antMatchers("/admin/**").hasAnyRole("ADMIN")//同上
                   .anyRequest().authenticated()//其它所有访问都拦截
                   .and()
                   .formLogin()//添加登陆
                   .loginPage("/login").permitAll()//登陆页面“/login"允许访问
                   .defaultSuccessUrl("/buy")//成功默认跳转/buy
                   .permitAll()
                   .and()
                   .logout().logoutUrl("/logout")
                   .logoutSuccessUrl("/login")
                   .permitAll();//同上
   
       }
   
       @Override
       protected void configure(AuthenticationManagerBuilder auth) throws Exception {
           auth.userDetailsService(myUserDetailsService);//添加实现的UserDetailsService
       }
   }
   

9. controller

   @Configuration
   public class MvcConfig extends WebMvcConfigurerAdapter {
   
       @Override
       public void addViewControllers(ViewControllerRegistry registry) {
           registry.addViewController("/").setViewName("home");
           registry.addViewController("/home").setViewName("home");
           registry.addViewController("/login").setViewName("login");
           registry.addViewController("/buy").setViewName("buy");
       }
   }
   

10. 页面就不贴出来了,请看源码

源码

Demo源码