SpringSecurity--2.整合Mybatis框架

目錄

 

整合Mybatis框架

1、Maven依賴

2、application.yml

3、導入mapper

4、動態查詢賬號

5、密碼使用MD5加密

6、動態請求資源

---

整合Mybatis框架

1、Maven依賴

		<!-->spring-boot 整合security -->
		<dependency>
			<groupId>org.springframework.boot</groupId>
			<artifactId>spring-boot-starter-security</artifactId>
		</dependency>
		<!-- springboot 整合mybatis框架 -->
		<dependency>
			<groupId>org.mybatis.spring.boot</groupId>
			<artifactId>mybatis-spring-boot-starter</artifactId>
			<version>1.3.2</version>
		</dependency>
		<!-- alibaba的druid數據庫連接池 -->
		<dependency>
			<groupId>com.alibaba</groupId>
			<artifactId>druid-spring-boot-starter</artifactId>
			<version>1.1.9</version>
		</dependency>
		<dependency>
			<groupId>mysql</groupId>
			<artifactId>mysql-connector-java</artifactId>
		</dependency>

2、application.yml

# 配置freemarker
spring:
  freemarker:
    # 設置模板後綴名
    suffix: .ftl
    # 設置文檔類型
    content-type: text/html
    # 設置頁面編碼格式
    charset: UTF-8
    # 設置頁面緩存
    cache: false
    # 設置ftl文件路徑
    template-loader-path:
      - classpath:/templates
  # 設置靜態文件路徑，js,css等
  mvc:
    static-path-pattern: /static/**
####整合數據庫層    
  datasource:
    name: test
    url: jdbc:mysql://127.0.0.1:3306/rbac_db
    username: root
    password: root
    # druid 連接池
    type: com.alibaba.druid.pool.DruidDataSource
    driver-class-name: com.mysql.jdbc.Driver

3、導入mapper

public interface UserMapper {
	// 查詢用戶信息
	@Select(" select * from sys_user where username = #{userName}")
	User findByUsername(@Param("userName") String userName);

	// 查詢用戶的權限
	@Select(" select permission.* from sys_user user" + " inner join sys_user_role user_role"
			+ " on user.id = user_role.user_id inner join "
			+ "sys_role_permission role_permission on user_role.role_id = role_permission.role_id "
			+ " inner join sys_permission permission on role_permission.perm_id = permission.id where user.username = #{userName};")
	List<Permission> findPermissionByUsername(@Param("userName") String userName);
}

public interface PermissionMapper {

	// 查詢蘇所有權限
	@Select(" select * from sys_permission ")
	List<Permission> findAllPermission();

}

4、動態查詢賬號

使用UserDetailsService實現動態查詢數據庫驗證賬號

@Component
public class MyUserDetailsService implements UserDetailsService {
	@Autowired
	private UserMapper userMapper;

	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
		// 1.根據數據庫查詢，用戶是否登陸
		User user = userMapper.findByUsername(username);
		// 2.查詢該用戶信息權限
		if (user != null) {
			// 設置用戶權限
			List<Permission> listPermission = userMapper.findPermissionByUsername(username);
			System.out.println("用戶信息權限:" + user.getUsername() + ",權限:" + listPermission.toString());
			if (listPermission != null && listPermission.size() > 0) {
				List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
				for (Permission permission : listPermission) {
					// 添加用戶權限
					authorities.add(new SimpleGrantedAuthority(permission.getPermTag()));
				}
				// 設置用戶權限
				user.setAuthorities(authorities);
			}

		}
		return user;
	}

}

protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//		// 添加admin賬號
//		auth.inMemoryAuthentication().withUser("admin").password("123456").
//		authorities("showOrder","addOrder","updateOrder","deleteOrder");
//		// 添加userAdd賬號
//		auth.inMemoryAuthentication().withUser("userAdd").password("123456").authorities("showOrder","addOrder");
//		// 如果想實現動態賬號與數據庫關聯 在該地方改爲查詢數據庫
		auth.userDetailsService(myUserDetailsService);

	}

5、密碼使用MD5加密

public class MD5Util {

	private static final String SALT = "mayikt";

	public static String encode(String password) {
		password = password + SALT;
		MessageDigest md5 = null;
		try {
			md5 = MessageDigest.getInstance("MD5");
		} catch (Exception e) {
			throw new RuntimeException(e);
		}
		char[] charArray = password.toCharArray();
		byte[] byteArray = new byte[charArray.length];

		for (int i = 0; i < charArray.length; i++)
			byteArray[i] = (byte) charArray[i];
		byte[] md5Bytes = md5.digest(byteArray);
		StringBuffer hexValue = new StringBuffer();
		for (int i = 0; i < md5Bytes.length; i++) {
			int val = ((int) md5Bytes[i]) & 0xff;
			if (val < 16) {
				hexValue.append("0");
			}

			hexValue.append(Integer.toHexString(val));
		}
		return hexValue.toString();
	}

	public static void main(String[] args) {
		System.out.println(MD5Util.encode("123456"));

	}
}

	auth.userDetailsService(myUserDetailsService).passwordEncoder(new PasswordEncoder() {
			
		    //驗證密碼
			public boolean matches(CharSequence rawPassword, String encodedPassword) {
			    String rawPass= MD5Util.encode((String)rawPassword);
			    boolean result = rawPass.equals(encodedPassword);
				return result;
			}
			
			// 加密密碼
			public String encode(CharSequence rawPassword) {
				return MD5Util.encode((String)rawPassword);
			}
		});

6、動態請求資源

	// 配置攔截請求資源
	protected void configure(HttpSecurity http) throws Exception {
		ExpressionUrlAuthorizationConfigurer<HttpSecurity>.ExpressionInterceptUrlRegistry authorizeRequests = http
				.authorizeRequests();

		// 查詢數據庫獲取權限列表
		List<Permission> listPermission = permissionMapper.findAllPermission();
		for (Permission permission : listPermission) {
			authorizeRequests.antMatchers(permission.getUrl()).hasAuthority(permission.getPermTag());
		}
		authorizeRequests.antMatchers("/login").permitAll().antMatchers("/**").fullyAuthenticated().and().formLogin()
				.loginPage("/login").successHandler(successHandler).failureHandler(failureHandler).and().csrf()
				.disable();
	}