Skip to content

Latest commit

 

History

History
158 lines (139 loc) · 4.37 KB

README.md

File metadata and controls

158 lines (139 loc) · 4.37 KB

simple_user_manage_demo

SpringBoot+SpringSecurity+Thymeleaf整合实践,完成一个很简单的用户信息管理系统。 目的是为了练习一下SpringSecurity的权限控制功能。

技术选型

  • SpringBoot
  • Mybatis
  • SpringSecurity
  • BootStrap
  • Thymeleaf

数据库表设计

  • Users表
username password knick_name phone address status
varchar varchar varchar varchar varchar int
  • Role表
id rolename
int varchar
  • users_role表(多对多关系中间表)
username role_id
varchar int

项目结构(未完全按照面向接口编程方法)

项目结构图片

项目配置过程,主要就是SpringSecurity的配置

  • mybatis配置略

  • SpringSecurity配置

    1. Users类的编写(注!需要实现UserDetails接口),重点是getAuthorities()方法。
     	package com.scathon.ssm.pojo;
     	//省略import
     	public class Users implements UserDetails {
     		private String username;
     		private String password;
     		private String knickName;
     		private String phone;
     		private String address;
     		private Integer status;
     		private List<Role> userRoleList;
     		@Override
     		public Collection<? extends GrantedAuthority> getAuthorities() {
     			List<GrantedAuthority> auths = new ArrayList<>();
     			this.getUserRoleList().forEach(role -> auths.add(new SimpleGrantedAuthority(role.getRoleName())));
     			return auths;
     		}
     		@Override
     		public String getPassword() {
     			return this.password;
     		}
     		@Override
     		public String getUsername() {
     			return this.username;
     		}
     		@Override
     		public boolean isAccountNonExpired() {
     			return true;
     		}
     		@Override
     		public boolean isAccountNonLocked() {
     			return true;
     		}
     		@Override
     		public boolean isCredentialsNonExpired() {
     			return true;
     		}
     		@Override
     		public boolean isEnabled() {
     			return true;
     		}
     	
     		public List<Role> getUserRoleList() {
     			return userRoleList;
     		}
     		//省略部分getter and setter
     	}
    
    
    1. 自定义UserDetailsService接口实现类,然后交由SpringSecurity使用获取用户相关信息(比如权限信息),其中userService中将用户的权限信息也set到了Users类的userRoleList中
     @Component
     public class ScathonUserDetailService implements UserDetailsService {
         @Autowired
         private UserService userService;
     
         @Override
         public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
             Users user = userService.findByUsername(username);
             if (user == null) {
                 throw new UsernameNotFoundException("用户名不存在!");
             }
             return user;
         }
     }
    

    3.继承WebSecurityConfigurerAdapter定制具体要求的权限控制功能,其中配置了具体请求路由对应的所需权限,例如下面代码,/admin/**请求将会需要ADMIN权限

     @Configuration
     //@EnableWebSecurity
     public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     	@Bean
     	public UserDetailsService userDetailService() {
     		return new ScathonUserDetailService();
     	}
    
     	@Override
     	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
     		//使用我们自己定义的方式进行用户权限相关的信息的获取
     		auth.userDetailsService(userDetailService());
     	}
    
     	@Override
     	protected void configure(HttpSecurity http) throws Exception {
     		http
     				.authorizeRequests()
     				.antMatchers("/admin/**").hasRole("ADMIN")
     				.antMatchers("/dev/**").hasAnyRole("ADMIN", "DEV")
     				.antMatchers("/user/**").hasAnyRole("ADMIN", "DEV", "USER")
     				.anyRequest().authenticated()
     				.and()
     				//定义登录界面的路径
     				.formLogin().loginPage("/login")
     				//定义登录成功的跳转路径
     				.defaultSuccessUrl("/index")
     				//定义登录失败的跳转路径
     				.failureUrl("/login?error=true")
     				.permitAll()
     				.and()
     				//登出,默认路径就是/logout
     				.logout()
     				.permitAll();
     	}
     }
    
    1. 为登录请求/login添加对应的request映射,这个继承方式在springboot2.x中被遗弃了
     @Configuration
     public class WebMvcConfig extends WebMvcConfigurerAdapter {
     	@Override
     	public void addViewControllers(ViewControllerRegistry registry) {
     		registry.addViewController("/login").setViewName("login");
     	}
     }