package com.example.springbootmybatis.config;
import com.example.springbootmybatis.user.pojo.UserVo;
import com.example.springbootmybatis.user.service.UserService;
import jakarta.servlet.ServletException;
import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import java.io.IOException;
/**
* @ClassName:SecurityConfig
* @Author: xuli
* @Date: 2024/10/21 19:59
* @Description: security配置类
*/
@EnableWebSecurity
@Configuration
public class SecurityConfig {
@Autowired
private UserService userService;
/**
* 定义过滤器拦截
* @param http
* @return
* @throws Exception
*/
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception{
http.authorizeHttpRequests(auth->auth
.requestMatchers("/").permitAll() // 公开访问
.requestMatchers("/user/**").hasAnyAuthority("user_admin")//资源需具有的权限
.requestMatchers("/teaType/**").hasAnyAuthority("guest","user_admin")
.anyRequest().authenticated())//每个请求都要认证
.formLogin((form)-> form.loginPage("/login")//登录页面
// .successForwardUrl("/main")//登录成功跳转页面,如无效也可使用AuthenticationSuccessHandler
.successHandler(authenticationSuccessHandler())
.failureUrl("/login?error=true")//登录失败重定向登录页面,并提示错误信息
.permitAll()
).logout(logout->logout.logoutUrl("/loginOut"));//推出登录;
http.exceptionHandling(handling->handling.accessDeniedHandler(new MyAccessDeniedHandler()));//权限不足返回页面
return http.build();
}
private AuthenticationSuccessHandler authenticationSuccessHandler(){
return new AuthenticationSuccessHandler() {
@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
response.sendRedirect("/main");
}
};
}
/**
* 获取用户信息
* @param passwordEncoder
* @return
*/
@Bean
public UserDetailsService userDetailsService(PasswordEncoder passwordEncoder){
return new UserDetailsService() {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
UserDetails user=null;
if(!username.isBlank()){
UserVo userVo= userService.getUserByName(username);
if (userVo!=null){
user= User.builder()
.username(userVo.getUserName())
.password(passwordEncoder.encode(userVo.getPassword()))
.authorities(userVo.getAuth())
.build();
}
}
return user;
}
};
}
/**
* 定义加密算法
* @return
*//*
*/
@Bean
public PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder(10);//使用BCrypt,加密强度,值越大安全性越高
}
}
没有合适的资源?快使用搜索试试~ 我知道了~
资源推荐
资源详情
资源评论
收起资源包目录
springBootMybatis.rar (72个子文件)
springBootMybatis
HELP.md 2KB
mvnw.cmd 7KB
pom.xml 4KB
src
test
java
com
example
springbootmybatis
SpringBootMybatisApplicationTests.java 241B
main
resources
templates
userManagePage.html 207B
main.html 244B
noPermission.html 190B
error
loginError.html 171B
login.html 750B
teaType.html 1001B
Mapper
UserMapper.xml 701B
TeaTypeMapper.xml 1KB
static
application.yml 491B
java
com
example
springbootmybatis
SpringBootMybatisApplication.java 356B
user
mapper
UserMapper.java 619B
UserController.java 2KB
pojo
UserVo.java 570B
service
UserService.java 394B
UserServiceImpl.java 801B
teaTypeFunction
mapper
TeaTypeMapper.java 790B
controller
TeaTypeController.java 1KB
TeaTypePageController.java 2KB
pojo
ResponseMessage.java 708B
TeaType.java 369B
service
TeaTypeServiceImpl.java 1001B
TeaTypeService.java 796B
config
SecurityConfig.java 4KB
WebConfig.java 757B
MyAccessDeniedHandler.java 874B
login
LoginController.java 3KB
.mvn
wrapper
maven-wrapper.properties 951B
.idea
jarRepositories.xml 864B
uiDesigner.xml 9KB
sqldialects.xml 236B
vcs.xml 188B
workspace.xml 9KB
misc.xml 487B
inspectionProfiles
Project_Default.xml 987B
compiler.xml 795B
.gitignore 184B
encodings.xml 191B
target
classes
templates
userManagePage.html 207B
main.html 244B
noPermission.html 190B
error
loginError.html 171B
login.html 750B
teaType.html 1001B
Mapper
UserMapper.xml 701B
TeaTypeMapper.xml 1KB
application.yml 491B
com
example
springbootmybatis
SpringBootMybatisApplication.class 798B
user
mapper
UserMapper.class 476B
pojo
UserVo.class 4KB
service
UserService.class 392B
UserServiceImpl.class 1KB
UserController.class 2KB
teaTypeFunction
mapper
TeaTypeMapper.class 1KB
controller
TeaTypePageController.class 2KB
TeaTypeController.class 2KB
pojo
TeaType.class 3KB
ResponseMessage.class 4KB
service
TeaTypeServiceImpl.class 2KB
TeaTypeService.class 642B
config
SecurityConfig$1.class 1KB
WebConfig.class 1KB
SecurityConfig.class 7KB
MyAccessDeniedHandler.class 1KB
SecurityConfig$2.class 3KB
login
LoginController.class 4KB
test-classes
com
example
springbootmybatis
SpringBootMybatisApplicationTests.class 596B
generated-test-sources
test-annotations
generated-sources
annotations
mvnw 10KB
.gitignore 395B
共 72 条
- 1
资源评论
ciku
- 粉丝: 201
- 资源: 3
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
最新资源
- 基于mosquitto的android mqtt客户端详细文档+全部资料.zip
- 基于mqtt的消息推送系统,单点推送,分组推送详细文档+全部资料.zip
- 基于MQTT的聊天系统演示详细文档+全部资料.zip
- 基于mqtt的遥控器,在app上点击按钮,将码(空调码,电视码,风扇码)发送到mqqt,mqtt通过WiFi发给esp8266,esp8266解析转为红外,发出
- 基于Mqtt实现的简单推送服务的服务端详细文档+全部资料.zip
- 基于mqtt实现的即时通讯IM服务详细文档+全部资料.zip
- 基于mqtt开发sdk源码详细文档+全部资料.zip
- 基于MQTT实现的局域网通讯,模仿微信详细文档+全部资料.zip
- 最简单优雅的SQL操作类库
- 基于MQTT物联网用户终端程序详细文档+全部资料.zip
- 基于MQTT协议,物联网云平台的智慧路灯管理系统,在PC机上进行项目软件的Web开发,采集端的数据采用MQTT.fx进行模拟,数据通过MQTT协议进行传输到服务
- 基于MQTT协议的一个即时通讯安卓APP详细文档+全部资料.zip
- 基于MQTT协议的底层通讯SDK详细文档+全部资料.zip
- 基于MQTT协议的物联网健康监测系统详细文档+全部资料.zip
- 基于netty, spring boot, redis等开源项目实现的物联网框架, 支持tcp, udp底层协议和http, mqtt, modbus等上层协议
- 基于MQTT协议实现消息的即时推送Android开发详细文档+全部资料.zip
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功