让SpringSecurity走自己定义的用户名密码校验 

自定义一个UserDetailsService,让SpringSecurity使用我们的UserDetailsService。我们自己的UserDetailsService可以从数据库中查询用户名和密码

mapper

package com.security.mapper;

import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.security.domain.User;

public interface UserMapper extends BaseMapper<User> {
}

启动类添加包扫描

@MapperScan(basePackages = "com.security.mapper")

 

创建UserDetailsService实现类

复制代码
package com.security.service.impl;

import com.baomidou.mybatisplus.core.conditions.query.LambdaQueryWrapper;
import com.security.domain.LoginUser;
import com.security.domain.User;
import com.security.mapper.UserMapper;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Component;
import java.util.Objects;

@Component
public class UserDetailsServiceImpl implements UserDetailsService {

    @Autowired
    private UserMapper userMapper;

    @Override
    public UserDetails loadUserByUsername(String userName) throws UsernameNotFoundException {

        //查询用户信息
        LambdaQueryWrapper<User> queryWrapper = new LambdaQueryWrapper<>();
        queryWrapper.eq(User::getUserName,userName);
        User user = userMapper.selectOne(queryWrapper);
        //没有查询到用户抛出异常
        if(Objects.isNull(user)){
            //异常会被ExceptionTranslationFilter捕获到
           throw new RuntimeException("用户名或者密码错误");
        }

        //todo 查询对应的权限信息

        //把数据封装成UserDetails返回
        return new LoginUser(user);
    }
}
复制代码

 

访问接口时需要登录:http://localhost:8080/login

 

登录成功后,接口正常返回

 

因为UserDetailsService方法的返回值是UserDetails类型,所以需要定义一个类,实现该接口,把用户信息封装在其中。

复制代码
package com.security.domain;

import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import java.util.Collection;

@Data
@AllArgsConstructor
@NoArgsConstructor
public class LoginUser implements UserDetails {

    private User user;

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return null;
    }

    @Override
    public String getPassword() {
        return user.getPassword();
    }

    @Override
    public String getUsername() {
        return user.getUserName();
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    @Override
    public boolean isEnabled() {
        return true;
    }
}
复制代码

 

posted @   iTao0128  阅读(484)  评论(0编辑  收藏  举报
相关博文:
·  登陆接口实现返回token
·  密码加密存储
·  实现权限登录
·  数据库校验用户准备工作与数据库校验用户核心代码实现
·  UserDetailsService 接口
阅读排行:
· 震惊!C++程序真的从main开始吗?99%的程序员都答错了
· 【硬核科普】Trae如何「偷看」你的代码?零基础破解AI编程运行原理
· 单元测试从入门到精通
· 上周热点回顾(3.3-3.9)
· winform 绘制太阳,地球,月球 运作规律
历史上的今天:
2021-08-17 idea激活码
点击右上角即可分享
微信分享提示
AI IDE Trae