-
security登录实战
以下是一个基本的security登录实战代码示例,采用Java Spring框架:
- 配置security
- @Configuration
- @EnableWebSecurity
- public class SecurityConfig extends WebSecurityConfigurerAdapter {
- @Autowired
- private UserDetailServiceImpl userDetailsService;
- @Override
- protected void configure(HttpSecurity http) throws Exception {
- http
- .authorizeRequests()
- .antMatchers("/", "/home", "/register").permitAll()
- .antMatchers("/admin").hasRole("ADMIN")
- .anyRequest().authenticated()
- .and()
- .formLogin()
- .loginPage("/login")
- .defaultSuccessUrl("/dashboard")
- .permitAll()
- .and()
- .logout()
- .permitAll();
- }
- @Autowired
- public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
- auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
- }
- @Bean
- public PasswordEncoder passwordEncoder() {
- return new BCryptPasswordEncoder();
- }
- }
- 创建UserDetailsService实现类
- @Service
- public class UserDetailServiceImpl implements UserDetailsService {
- @Autowired
- private UserRepository userRepository;
- @Override
- public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
- User user = userRepository.findByUsername(username);
- if (user == null) {
- throw new UsernameNotFoundException("Invalid username or password.");
- }
- return new org.springframework.security.core.userdetails.User(user.getUsername(), user.getPassword(), getAuthorities(user));
- }
- private Set
getAuthorities(User user) { - Set
authorities = new HashSet<>(); - for (Role role : user.getRoles()) {
- authorities.add(new SimpleGrantedAuthority(role.getName()));
- }
- return authorities;
- }
- }
- 创建User实体和Role实体
- @Entity
- @Table(name = "users")
- public class User {
- @Id
- @GeneratedValue(strategy = GenerationType.IDENTITY)
- private Long id;
- @Column(name = "username", unique = true)
- private String username;
- @Column(name = "password")
- private String password;
- @ManyToMany(fetch = FetchType.EAGER)
- @JoinTable(
- name = "user_roles",
- joinColumns = @JoinColumn(name = "user_id"),
- inverseJoinColumns = @JoinColumn(name = "role_id"))
- private Set
roles = new HashSet<>(); - // getters and setters
- }
- @Entity
- @Table(name = "roles")
- public class Role {
- @Id
- @GeneratedValue(strategy = GenerationType.IDENTITY)
- private Long id;
- @Column(name = "name")
- private String name;
- @ManyToMany(mappedBy = "roles")
- private Set
users = new HashSet<>(); - // getters and setters
- }
- 创建登录页面
- html>
- <html lang="en">
- <head>
- <meta charset="UTF-8">
- <title>Login Pagetitle>
- head>
- <body>
- <h1>Login Pageh1>
- <form th:action="@{/login}" method="post">
- <div>
- <label for="username">Username:label>
- <input type="text" id="username" name="username" autofocus="true"/>
- div>
- <div>
- <label for="password">Password:label>
- <input type="password" id="password" name="password"/>
- div>
- <div>
- <input type="checkbox" id="remember-me" name="remember-me"/>
- <label for="remember-me">Remember melabel>
- div>
- <button type="submit" class="btn btn-default">Loginbutton>
- form>
- body>
- html>
- 创建注册页面
- html>
- <html lang="en">
- <head>
- <meta charset="UTF-8">
- <title>Register Pagetitle>
- head>
- <body>
- <h1>Register Pageh1>
- <form th:action="@{/register}" method="post">
- <div>
- <label for="username">Username:label>
- <input type="text" id="username" name="username" autofocus="true"/>
- div>
- <div>
- <label for="password">Password:label>
- <input type="password" id="password" name="password"/>
- div>
- <div>
- <label for="confirm-password">Confirm Password:label>
- <input type="password" id="confirm-password" name="confirm-password"/>
- div>
- <button type="submit" class="btn btn-default">Registerbutton>
- form>
- body>
- html>
- 创建控制器
- @Controller
- public class UserController {
- @Autowired
- private UserService userService;
- @GetMapping("/login")
- public String login() {
- return "login";
- }
- @GetMapping("/register")
- public String register() {
- return "register";
- }
- @PostMapping("/register")
- public String registerUser(UserDto userDto) {
- userService.save(userDto);
- return "redirect:/login";
- }
- @GetMapping("/dashboard")
- public String dashboard() {
- return "dashboard";
- }
- @GetMapping("/admin")
- public String admin() {
- return "admin";
- }
- }
- 创建服务类
- @Service
- public class UserServiceImpl implements UserService {
- @Autowired
- private UserRepository userRepository;
- @Autowired
- private PasswordEncoder passwordEncoder;
- @Override
- public void save(UserDto userDto) {
- User user = new User();
- user.setUsername(userDto.getUsername());
- user.setPassword(passwordEncoder.encode(userDto.getPassword()));
- Role role = new Role();
- role.setName("ROLE_USER");
- user.setRoles(Collections.singleton(role));
- userRepository.save(user);
- }
- }
这是一个基本的security登录实战示例,你可以根据自己的需要进行修改和拓展。
-
相关阅读:
教你vue-router命令视图应该怎么玩
ES6——尾递归优化
C++ //练习 10.37 给定一个包含10个元素的vector,将位置3到7之间的元素按逆序拷贝到一个list中。
基于Qt命令行处理XML文件读写
PrestoSQL, PrestoDB 和 Trino
Worthington核糖核酸酶B历史和化学性质说明
视频技术笔记-色差分量
温馨提示:不注意这几点,PDT(产品开发团队)就得散!
JVM源码剖析之线程的创建过程
01的token的年度总结
- 原文地址:https://blog.csdn.net/Stephen_CY666/article/details/134299554
