spring-security 手動驗證登錄 —— springboot

適用於某個操作，需要用戶驗證，可手動調用登錄驗證

1、注入AuthenticationManager

springboot2.0好像沒有自動注入了，需要手動注入

@EnableWebSecurity
@EnableConfigurationProperties(SecurityConfigProperty.class)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
	/**
     * 注入認證管理器
     *    -- 用於手動驗證用戶
     * @return am
     * @throws Exception
     */
    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
}

2、使用

 	@Autowired
    private AuthenticationManager authenticationManager;

	 /**
     * 用戶認證
     * @param username 用戶名
     * @param password 密碼
     * @return msg
     */
 	@Override
    public ReturnMessage auth(String username, String password){

        try {
            UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(username, password);
            authenticationManager.authenticate(token);
        }
        catch (InternalAuthenticationServiceException failed) {
			// do something .......
            return new ReturnMessage(ReturnMessage.ResultCode.ERROR, failed.getMessage());
        }
        catch (AuthenticationException failed) {
			// do something .......
            return new ReturnMessage(ReturnMessage.ResultCode.ERROR, failed.getMessage());
        }

        return new ReturnMessage(ReturnMessage.ResultCode.OK);
    }