一、Maven配置
本示例基於security5 + mybatis-plus + lombok
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-data-jdbc</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-actuator</artifactId>
</dependency>
<dependency>
<groupId>com.baomidou</groupId>
<artifactId>mybatis-plus-boot-starter</artifactId>
<version>3.2.0</version>
</dependency>
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
<optional>true</optional>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
二、application.properties配置
spring.datasource.driver-class-name=com.mysql.cj.jdbc.Driver
spring.datasource.url=jdbc:mysql://localhost:3306/test?useUnicode=true&characterEncoding=utf8&serverTimezone=UTC
spring.datasource.username=root
spring.datasource.password=123456
三、數據庫創表語句
CREATE TABLE `org_member` (
`id` VARCHAR(64) NOT NULL PRIMARY key,
`username` VARCHAR(128) NULL DEFAULT NULL,
`password` VARCHAR(128) NULL DEFAULT NULL,
`enable` BIT(1) NULL DEFAULT NULL,
`roles` VARCHAR(128) NULL DEFAULT NULL
)
四、security代碼
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests()
.antMatchers("/admin/api/**").hasRole("ADMIN")
.antMatchers("/user/api/**").hasRole("USER")
.antMatchers("/app/api/**").permitAll()
.anyRequest().authenticated()
.and()
.formLogin()
.and()
.csrf().disable();
}
@Bean
public PasswordEncoder passwordEncoder() {
return new MessageDigestPasswordEncoder("MD5");
}
}
@Service
public class UserDetailsService implements org.springframework.security.core.userdetails.UserDetailsService, InitializingBean {
@Autowired
private PasswordEncoder passwordEncoder;
@Autowired
private SnakeFakeId snakeFakeId;
@Autowired
private OrgMemberManager orgMemberManager;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
OrgMember orgMember = orgMemberManager.getOrgMemberByUsername(username);
if (orgMember == null) {
throw new UsernameNotFoundException("用戶不存在!");
}
List<GrantedAuthority> grantedAuthorities = AuthorityUtils.commaSeparatedStringToAuthorityList(orgMember.getRoles());
return User.withUsername(orgMember.getUsername()).password(orgMember.getPassword()).authorities(grantedAuthorities).build();
}
@Override
public void afterPropertiesSet() throws Exception {
OrgMember root = orgMemberManager.getOrgMemberByUsername("root");
if (root == null) {
OrgMember orgMember = new OrgMember();
orgMember.setId(String.valueOf(snakeFakeId.nextId()));
orgMember.setUsername("root");
orgMember.setPassword(passwordEncoder.encode("root"));
orgMember.setEnable(true);
orgMember.setRoles("ROLE_ADMIN");
orgMemberManager.saveOrgMember(orgMember);
}
OrgMember chopper = orgMemberManager.getOrgMemberByUsername("chopper");
if (chopper == null) {
OrgMember orgMember = new OrgMember();
orgMember.setId(String.valueOf(snakeFakeId.nextId()));
orgMember.setUsername("chopper");
orgMember.setPassword(passwordEncoder.encode("123456"));
orgMember.setEnable(true);
orgMember.setRoles("ROLE_USER");
orgMemberManager.saveOrgMember(orgMember);
}
}
}
五、測試接口
@RestController
public class AdminController {
@RequestMapping("/admin/api/hello")
public String hello() {
return "hello, admin!";
}
}
@RestController
public class AppController {
@RequestMapping("/app/api/hello")
public String hello() {
return "hello, app!";
}
}
@RestController
public class UserController {
@RequestMapping("/user/api/hello")
public String hello() {
return "hello, user!";
}
}