目录
2、创建application.yml配置文件,编写druid的配置,以及在application.properties里面配置mybatis
5、mapper里面编写UserMapper接口,并写一个查询方法
6、在resources下面创建的mybatis\mapper里面编写UserMapper.xml实现UserMapper类里面的方法
7、在service里面编写UserService接口和UserServiceImpl实现类
11、在整合mybatis和添加druid的步骤中,不需要对MyController和ShiroConfig两个类进行改变
注意:整个项目到目前为止,需要注意一些类或接口里面的spring的注解。(很重要)
在springboot-07-shiro配置好了登录认证的基础上做的改变,就是添加了真实数据库,用户名、密码从数据库中取出。以及加上了driud数据源
pojo、mapper、service
测试ok,代表底层代码没问题
因为是从UserRealm类这一步开始从数据库中拿数据,之前的是伪造的数据
数据库中的数据
- "1.0" encoding="UTF-8"?>
- <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
- <modelVersion>4.0.0modelVersion>
- <parent>
- <groupId>org.springframework.bootgroupId>
- <artifactId>spring-boot-starter-parentartifactId>
- <version>2.7.4version>
- <relativePath/>
- parent>
- <groupId>com.zhougroupId>
- <artifactId>shiro-springbootartifactId>
- <version>0.0.1-SNAPSHOTversion>
- <name>shiro-springbootname>
- <description>shiro-springbootdescription>
- <properties>
- <java.version>1.8java.version>
- properties>
- <dependencies>
- <dependency>
- <groupId>mysqlgroupId>
- <artifactId>mysql-connector-javaartifactId>
- dependency>
-
- <dependency>
- <groupId>com.alibabagroupId>
- <artifactId>druidartifactId>
- <version>1.1.21version>
- dependency>
- <dependency>
- <groupId>log4jgroupId>
- <artifactId>log4jartifactId>
- <version>1.2.17version>
- dependency>
-
- <dependency>
- <groupId>org.mybatis.spring.bootgroupId>
- <artifactId>mybatis-spring-boot-starterartifactId>
- <version>2.1.1version>
- dependency>
-
- <dependency>
- <groupId>org.projectlombokgroupId>
- <artifactId>lombokartifactId>
- dependency>
-
-
-
-
-
- <dependency>
- <groupId>org.apache.shirogroupId>
- <artifactId>shiro-springartifactId>
- <version>1.4.1version>
- dependency>
-
- <dependency>
- <groupId>org.thymeleafgroupId>
- <artifactId>thymeleaf-spring5artifactId>
- dependency>
- <dependency>
- <groupId>org.thymeleaf.extrasgroupId>
- <artifactId>thymeleaf-extras-java8timeartifactId>
- dependency>
- <dependency>
- <groupId>org.springframework.bootgroupId>
- <artifactId>spring-boot-starter-webartifactId>
- dependency>
-
- <dependency>
- <groupId>org.springframework.bootgroupId>
- <artifactId>spring-boot-starter-testartifactId>
- <scope>testscope>
- dependency>
- dependencies>
-
- <build>
- <plugins>
- <plugin>
- <groupId>org.springframework.bootgroupId>
- <artifactId>spring-boot-maven-pluginartifactId>
- plugin>
- plugins>
- build>
-
- project>
- spring:
- datasource:
- driver-class-name: com.mysql.cj.jdbc.Driver
- # 假如时区报错了,就增加一个时区的配置就ok了 serverTimezone=UTC
- url: jdbc:mysql://localhost:3306/mybatis?serverTimezone=UTC&useUnicode=true&characterEncoding=utf-8
- username: root
- password: 123456
- type: com.alibaba.druid.pool.DruidDataSource # 自定义源数据
-
- #Spring Boot 默认是不注入这些属性值的,需要自己绑定
- #druid 数据源专有配置
- initialSize: 5
- minIdle: 5
- maxActive: 20
- maxWait: 60000
- timeBetweenEvictionRunsMillis: 60000
- minEvictableIdleTimeMillis: 300000
- validationQuery: SELECT 1 FROM DUAL
- testWhileIdle: true
- testOnBorrow: false
- testOnReturn: false
- poolPreparedStatements: true
-
- #配置监控统计拦截的filters,stat:监控统计、log4j:日志记录、wall:防御sql注入
- #如果允许时报错 java.lang.ClassNotFoundException: org.apache.log4j.Priority
- #则导入 log4j 依赖即可,Maven 地址:https://mvnrepository.com/artifact/log4j/log4j
- filters: stat,wall,log4j
- maxPoolPreparedStatementPerConnectionSize: 20
- useGlobalDataSourceStat: true
- connectionProperties: druid.stat.mergeSql=true;druid.stat.slowSqlMillis=500
- package com.zhou.config;
-
- import com.zhou.pojo.User;
- import com.zhou.service.UserService;
- import org.apache.shiro.authc.*;
- import org.apache.shiro.authz.AuthorizationInfo;
- import org.apache.shiro.realm.AuthorizingRealm;
- import org.apache.shiro.subject.PrincipalCollection;
- import org.springframework.beans.factory.annotation.Autowired;
-
- // 自定义的UserRealm extends AuthorizingRealm
- public class UserRealm extends AuthorizingRealm {
-
- @Autowired
- UserService userService;
-
- // 授权
- @Override
- protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
- System.out.println("执行了====>授权doGetAuthorizationInfo");
- return null;
- }
-
- // 认证
- @Override
- protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
- System.out.println("执行了====>认证doGetAuthorizationInfo");
-
- // // 用户名,密码 数据库中取出
- // String username = "root";
- // String password = "123456";
-
- UsernamePasswordToken userToken = (UsernamePasswordToken) token;
-
- // // 用户名判断
- // if (!userToken.getUsername().equals(username)){
- // return null; // 抛出异常 UnknownAccountException
- // }
-
- // 连接真实的数据库
- User user = userService.queryUserByName(userToken.getUsername());
- if (user == null){ // 没有这个人
- return null; // 抛出异常 UnknownAccountException
- }
-
- // 可以加密: MD5 MD5盐值加密
- // 密码认证 shiro做, 密码加密了
- // return new SimpleAuthenticationInfo("",password,"");
- return new SimpleAuthenticationInfo("", user.getPwd(), "");
- }
- }
- package com.zhou.controller;
-
- import org.apache.shiro.SecurityUtils;
- import org.apache.shiro.authc.IncorrectCredentialsException;
- import org.apache.shiro.authc.UnknownAccountException;
- import org.apache.shiro.authc.UsernamePasswordToken;
- import org.apache.shiro.subject.Subject;
- import org.springframework.stereotype.Controller;
- import org.springframework.ui.Model;
- import org.springframework.web.bind.annotation.RequestMapping;
-
- @Controller
- public class MyController {
-
- @RequestMapping({"/", "/index"})
- public String toIndex(Model model){
- model.addAttribute("msg", "hello,shiro");
- return "index";
- }
-
- @RequestMapping("/user/add")
- public String add(){
- return "user/add";
- }
-
- @RequestMapping("/user/update")
- public String update(){
- return "user/update";
- }
-
- @RequestMapping("/toLogin")
- public String toLogin(){
- return "login";
- }
-
- @RequestMapping("/login")
- public String login(String username, String password, Model model){
- // 获取当前的用户
- Subject subject = SecurityUtils.getSubject();
- // 封装用户的登录数据
- UsernamePasswordToken token = new UsernamePasswordToken(username, password);
-
- try{
- subject.login(token); // 执行登录的方法,如果没有异常就ok
- return "index";
- }catch (UnknownAccountException e){ // 用户名不存在
- model.addAttribute("msg", "用户名错误");
- return "login";
- }catch (IncorrectCredentialsException e){ // 密码不存在
- model.addAttribute("msg", "密码错误");
- return "login";
- }
-
- }
-
-
- }
controller类里面的@Controller
config类里面的@Configuration
mapper接口里的@Repository,@Mapper
service实现类里的@Service
调用接口时的@Autowired