SpringSecurity 自定义数据库模型认证与授权---仅需要实现自定义的UserDetailsService
程序员文章站
2024-03-19 14:02:22
...
package com.zcw.demospringsecurity.demo4;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
/**
* @ClassName : MyDemoApplication
* @Description : 启动类
* @Author : Zhaocunwei
* @Date: 2020-04-10 18:49
*/
@SpringBootApplication
@MapperScan("com.zcw.mapper") //指定要扫描的映射文件目录
public class MyDemoApplication {
public static void main(String [] args){
SpringApplication.run(MyDemoApplication.class,args);
}
}
package com.zcw.demospringsecurity.demo4;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.List;
/**
* @ClassName : MyUserDetailsService
* @Description :
* @Author : Zhaocunwei
* @Date: 2020-04-10 18:55
*/
@Service
public class MyUserDetailsService implements UserDetailsService {
@Autowired
private UserMapper userMapper;
@Override
public UserDetails loadUserByUsername(String s) throws UsernameNotFoundException {
//从数据库获取用户信息
User user = userMapper.findByUserName(s);
if(user == null){
throw new UsernameNotFoundException("数据不存在");
}
/**
* 数据库中user对象 赋值给UserDetails的权限集
* AuthorityUtils.commaSeparatedStringToAuthorityList是SpringSecurity
* 提供的,该方法用于逗号隔开的权限集字符串切割
*/
user.setAuthorities(AuthorityUtils.commaSeparatedStringToAuthorityList(user.getRoles()));
return user;
}
//权限转换
private List<GrantedAuthority> generateAuthorities(String roles){
List<GrantedAuthority> authorities = new ArrayList<>();
String [] arrstr = roles.split(";");
if(roles !=null && !"".equals(arrstr)){
for(String role :arrstr){
authorities.add(new SimpleGrantedAuthority(role));
}
}
return authorities;
}
}
package com.zcw.demospringsecurity.demo4;
import lombok.Data;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.Collection;
import java.util.List;
/**
* @ClassName : User
* @Description : 创建User实体
* @Author : Zhaocunwei
* @Date: 2020-04-10 18:38
*/
@Data
public class User implements UserDetails {
private Long id;
private String username;
private String password;
private String roles;
private boolean enable;
private List<GrantedAuthority> authorityList;
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return this.enable;
}
public void setAuthorities(List<GrantedAuthority> authorityList){
this.authorityList = authorityList;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return this.authorityList;
}
}
package com.zcw.demospringsecurity.demo4;
import org.apache.ibatis.annotations.Param;
import org.apache.ibatis.annotations.Select;
import org.springframework.stereotype.Component;
/**
* @ClassName : UserMapper
* @Description :
* @Author : Zhaocunwei
* @Date: 2020-04-10 18:56
*/
@Component
public interface UserMapper {
@Select("SELECT * FROM USERS WHERE USERNAME= #{username}")
User findByUserName(@Param("username") String username);
}
上一篇: 浅析php变量作用域的一些问题
下一篇: 保证数据正确性,乐观锁的控制!