SpringBoot集成Spring Security(二)注册 、密码加密、修改密码
SpringBoot集成Spring Security(一)登录注销
写在前面
上一节创建了项目并且利用Spring Security完成了登录注销功能,这里继续说一下注册、密码加密和找回密码,代码注释较清晰。
一、web层
控制
StudentController.java
package com.jxnu.os.controller;
import com.jxnu.os.model.RespBean;
import com.jxnu.os.model.Student;
import com.jxnu.os.service.StudentService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;
import java.util.List;
/**
* @author xiao
*/
@RestController
@RequestMapping("/student")
public class StudentController {
@Autowired
StudentService studentService;
/**
* 注册
* @param student
* @return
*/
@PostMapping("/register")
public RespBean register(Student student) {
if(studentService.register(student)){
return RespBean.ok("注册成功",student);
}else{
return RespBean.error("注册失败,用户名已存在");
}
}
/**
* 修改密码
* @param sno
* @param password
* @param rePassword
* @return
*/
@PutMapping("/modifyPass")
public RespBean modifyPass(String sno,String password,String rePassword) {
if(studentService.modifyPass(sno,password,rePassword)){
return RespBean.ok("修改成功");
}else{
return RespBean.error("修改失败,原密码错误");
}
}
}
二、service层
注册时对密码进行加密,修改密码时则需先解密后验证
StudentService.java
package com.jxnu.os.service;
import com.jxnu.os.mapper.StudentMapper;
import com.jxnu.os.model.Student;
import com.jxnu.os.utils.StudentUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import java.util.List;
/**
* @author xiao
*/
@Service
public class StudentService implements UserDetailsService {
@Autowired
StudentMapper studentMapper;
/**
* 注册
* @param student
* @return
*/
public boolean register(Student student) {
Student existUser = studentMapper.loadUserBySno(student.getUsername());
if (existUser != null) {
//如果用户名已存在
return false;
} else {
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
String encode = encoder.encode(student.getPassword());
student.setPassword(encode);
studentMapper.insert(student);
return true;
}
}
/**
* 修改密码
* @param sno
* @param password
* @param rePassword
* @return
*/
public boolean modifyPass(String sno,String password,String rePassword) {
Student student = studentMapper.loadUserBySno(sno);
BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
if(encoder.matches(password,student.getPassword())) {
String encode = encoder.encode(rePassword);
rePassword = encode;
studentMapper.modifyPass(sno,rePassword);
return true;
}else {
return false;
}
}
}
三、mapper层
StudentMapper.java
package com.jxnu.os.mapper;
import com.jxnu.os.model.Student;
import org.apache.ibatis.annotations.Param;
import java.util.List;
/**
* @author xiao
*/
public interface StudentMapper {
int insert(Student student);
int modifyPass(String sno,String rePassword);
}
StudentMapper.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.jxnu.os.mapper.StudentMapper">
<resultMap id="BaseResultMap" type="com.jxnu.os.model.Student">
<id column="id" property="id" jdbcType="INTEGER"/>
<result column="username" property="username" jdbcType="VARCHAR"/>
<result column="sno" property="sno" jdbcType="VARCHAR"/>
<result column="s_sex" property="s_sex" jdbcType="CHAR"/>
<result column="t_id" property="t_id" jdbcType="INTEGER"/>
<result column="password" property="password" jdbcType="VARCHAR"/>
</resultMap>
<update id="modifyPass" parameterType="com.jxnu.os.model.Student">
update student set password = #{rePassword} where sno=#{sno}
</update>
<insert id="insert" parameterType="com.jxnu.os.model.Student">
insert into student (username,password)
values (#{username,jdbcType=VARCHAR},
#{password,jdbcType=VARCHAR})
</insert>
</mapper>
