boke例子:用户登录
boke例子:用户登录
1.首先创建user表,authority表(角色),user_authority,表(用户角色表)
Authority实体类,需要继承:GrantedAuthority类,
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;import org.springframework.security.core.GrantedAuthority;/*** 权限* @author **/
@Entity
public class Authority implements GrantedAuthority {private static final long serialVersionUID = 1L;@Id@GeneratedValue(strategy=GenerationType.IDENTITY)private Long id;@Column(nullable=false, length=20)private String name;@Overridepublic String getAuthority() {// TODO Auto-generated method stubreturn name;}public Long getId() {return id;}public void setId(Long id) {this.id = id;}public void setName(String name) {this.name = name;}}
User类.需要继承security的UserDetails类:
并复写:isAccountNonExpired,isAccountNonLocked,isCredentialsNonExpired, isEnabled返回true值
同事复写:
@Overridepublic Collection<? extends GrantedAuthority> getAuthorities() { //需将 List<Authority> 转成 List<SimpleGrantedAuthority>,否则前端拿不到角色列表名称List<SimpleGrantedAuthority> simpleGrantedAuthorities = new ArrayList<>();for(GrantedAuthority authority: this.authorities){simpleGrantedAuthorities.add(new SimpleGrantedAuthority(authority.getAuthority()));}return simpleGrantedAuthorities; }
如下:
import java.io.Serializable;
import java.util.ArrayList;
import java.util.Collection;
import java.util.List;import javax.persistence.CascadeType;
import javax.persistence.Column;
import javax.persistence.Entity;
import javax.persistence.FetchType;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.JoinColumn;
import javax.persistence.JoinTable;
import javax.persistence.ManyToMany;
import javax.validation.constraints.Size;import org.hibernate.validator.constraints.Email;
import org.hibernate.validator.constraints.NotEmpty;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;@Entity
public class User implements UserDetails,Serializable {/*** */private static final long serialVersionUID = 1L;//private AtomicLong atomicLong = new AtomicLong();@Id@GeneratedValue(strategy=GenerationType.IDENTITY)private Long id;@NotEmpty(message="姓名不能为空")@Size(min=2, max=20)@Column(nullable=false, length=20)private String name;@NotEmpty(message="邮箱不能为空")@Size(max=50)@Email(message="邮箱格式不正确")@Column(nullable=false, length=50, unique=true)private String email; @NotEmpty(message="账号不能为空")@Size(min=3, max=20)@Column(nullable=false, length=20, unique=true)private String username;@NotEmpty(message="密码不能为空")@Size(min=3, max=20)@Column(nullable=false, length=20)private String password;@Column(length=200)private String avatar;//权限多对多 @ManyToMany(cascade = CascadeType.DETACH, fetch = FetchType.EAGER)@JoinTable(name = "user_authority", joinColumns = @JoinColumn(name = "user_id", referencedColumnName = "id"), inverseJoinColumns = @JoinColumn(name = "authority_id", referencedColumnName = "id"))private List<Authority> authorities;public User() {}public User(Long id, String name, String email, String username, String password) { this.id = id;this.name = name;this.email = email;this.username = username; this.password = password;} public Long getId() {return id;}public void setId(Long id) {this.id = id;}public String getName() {return name;}public void setName(String name) {this.name = name;}public String getEmail() {return email;}public void setEmail(String email) {this.email = email;}public String getUsername() {return username;}public void setUsername(String username) {this.username = username;}public String getPassword() {return password;}public void setPassword(String password) {this.password = password;}public String getAvatar() {return avatar;}public void setAvatar(String avatar) {this.avatar = avatar;}@Overridepublic String toString() {return "User [id=" + id + ", name=" + name + ", email=" + email + ", username=" + username + "]";}@Overridepublic Collection<? extends GrantedAuthority> getAuthorities() { //需将 List<Authority> 转成 List<SimpleGrantedAuthority>,否则前端拿不到角色列表名称List<SimpleGrantedAuthority> simpleGrantedAuthorities = new ArrayList<>();for(GrantedAuthority authority: this.authorities){simpleGrantedAuthorities.add(new SimpleGrantedAuthority(authority.getAuthority()));}return simpleGrantedAuthorities; }public void setAuthorities(List<Authority> authorities) {this.authorities = authorities;}@Overridepublic boolean isAccountNonExpired() {// TODO Auto-generated method stubreturn true;}@Overridepublic boolean isAccountNonLocked() {// TODO Auto-generated method stubreturn true;}@Overridepublic boolean isCredentialsNonExpired() {// TODO Auto-generated method stubreturn true;}@Overridepublic boolean isEnabled() {// TODO Auto-generated method stubreturn true;}}
同事创建user的userservice及userserviceImpl实现类,serviceImple继承userService和security的UserDetailsService
UserService:
import org.springframework.data.domain.Page;
import org.springframework.data.domain.Pageable;
import com.muyang.boke2.entity.User;/*** 用户服务接口* @author feeyo**/
public interface UserService {/*** 保持用户* @param user* @return*/User saveOrUpdateUser(User user);/*** 注册用户* @param user* @return*/User registerUser(User user);/*** 删除用户* @param id*/void removeUser(Long id);/*** 根据id查找用户* @param id* @return*/User findById(Long id);/*** 根据用户的姓名分页查找用户* @param name* @param pageable* @return*/Page<User> listUsersByName(String name, Pageable pageable);/*** 按分页查找数据* @param pageable* @return*/Page<User> findAll(Pageable pageable);
}
UserServiceImpl:
继承security的UserDetailsService ,复写loadUserByUsername方法
/*** 用户服务接口实现* @author feeyo**/
@Service
public class UserServiceImpl implements UserService, UserDetailsService {@AutowiredUserRepository userRepository;@Transactional@Overridepublic User saveOrUpdateUser(User user) {// TODO Auto-generated method stubreturn userRepository.save(user);}@Transactional@Overridepublic User registerUser(User user) {// TODO Auto-generated method stubreturn userRepository.save(user);}@Transactional@Overridepublic void removeUser(Long id) {// TODO Auto-generated method stubuserRepository.delete(id);}@Overridepublic User findById(Long id) {// TODO Auto-generated method stubreturn userRepository.findOne(id);}@Overridepublic Page<User> listUsersByName(String name, Pageable pageable) {// TODO Auto-generated method stubname = "%" + name + "%";Page<User> users = userRepository.findByNameLike(name, pageable);return users;}@Overridepublic Page<User> findAll(Pageable pageable) {// TODO Auto-generated method stubPage<User> users = userRepository.findAll(pageable);return users;}@Overridepublic UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {// TODO Auto-generated method stubreturn userRepository.findByUsername(username);}}
SecurityConfig网站全局配置/登录配置
@EnableWebSecurity
//启用全局post安全方法设置
@EnableGlobalMethodSecurity(prePostEnabled=true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {private static final String key = "muyang.my";@Autowiredprivate UserDetailsService userDetailsService;/*** 加密方法* @return*/@Beanpublic PasswordEncoder passwordEncoder(){return new BCryptPasswordEncoder();}@Beanpublic AuthenticationProvider authenticationProvider() {//从数据库获取信息DaoAuthenticationProvider authenticationProvider = new DaoAuthenticationProvider();authenticationProvider.setUserDetailsService(userDetailsService);//密码加密方式authenticationProvider.setPasswordEncoder(passwordEncoder());return authenticationProvider;}@Overrideprotected void configure(HttpSecurity http) throws Exception {// TODO Auto-generated method stub//super.configure(http);//关闭csrf验证:跨站攻击//http.csrf().disable();//权限设置http.authorizeRequests() //定义那些url需要保护,哪些不需要保护.antMatchers("/static/**").permitAll() //都可以访问.antMatchers("/user/**").hasRole("ADMIN") //需要登陆才能访问.and() .headers().frameOptions().disable() //解决js跨站把x-frame-options disable即可.and().formLogin() //基于FORM表单登陆验证.loginPage("/login").failureUrl("/login-error") //自定义登陆界面//自定义登陆错误页面.and().rememberMe().key(key) //记住我.and().exceptionHandling().accessDeniedPage("/403"); // 处理异常,拒绝访问就重定向到 403 页面}/*** 认证信息管理* @param auth* @throws Exception*/@Autowiredpublic void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {// TODO Auto-generated method stub//super.configure(auth);//auth.inMemoryAuthentication().withUser("admin").password("123456").roles("ADMIN");auth.userDetailsService(userDetailsService);auth.authenticationProvider(authenticationProvider());}/*** 自动加载security-taglibs* @return*/@Bean@ConditionalOnMissingBean(ClassPathTldsLoader.class)public ClassPathTldsLoader classPathTldsLoader(){return new ClassPathTldsLoader();}}
boke例子:用户登录相关推荐
- Flask初识,第五篇 ,做一个用户登录之后查看学员信息的小例子
Flask最强攻略 - 第五篇 做一个用户登录之后查看学员信息的小例子 需求: 1. 用户名: oldboy 密码: oldboy123 2. 用户登录成功之后跳转到列表页面 3. 失败有消息提示,重 ...
- Python_49模块及模块导入_OS模块_SYS模块_hashlib模块_用户登录密码加密验证的例子...
一个py文件就可以是一个模块 Python导入模块名的查找:先去该文件目录下找 Pycharm 里面查找 安装包查找 import 自写模块的时候需要把模块的全部地址尽量写出写全 例如:模块 ...
- 第四篇 做一个用户登录之后查看学员信息的小例子
需求: 1. 用户名: oldboy 密码: oldboy123 2. 用户登录成功之后跳转到列表页面 3. 失败有消息提示,重新登录 4.点击学生名称之后,可以看到学生的详细信息 后端: 1 fro ...
- 微信小程序例子——获取用户登录信息
1.效果展示 2.关键代码 .wxml布局文件代码 用户昵称:{{nickName}} 用户头像: 性别:{{sex}} 所在地址(省):{{province}} 所在地址(市):{{city}} . ...
- 使用SSH框架实现用户登录验证
今天,写一个非常简单的通过struts+hibernate+spring的集成来实现用户登录验证的例子,让大家了解一下三者是如何是整合的. 我们可以通过myeclipse的向导,生成相应的环境搭建,如 ...
- 基于Servlet+JSP+JavaBean开发模式的用户登录注册
基于Servlet+JSP+JavaBean开发模式的用户登录注册 一.Servlet+JSP+JavaBean开发模式(MVC)介绍 Servlet+JSP+JavaBean模式(MVC)适合开发复 ...
- php 单用户登录,Linux 系统的单用户模式、修复模式、跨控制台登录在系统修复中的运用...
一.单用户模式: 单用户模式要求我们输入root用户的密码,否则您无法登录单用户模式:如果您丢失了root用户的密码,并不能用单用户模式来重设您的root密码: 另外单用户模式还有一个前提是您的gru ...
- 使用 utmpdump 监控 CentOS 用户登录历史
-Utmpdump的使用及其输出说明18% -Utmpdump使用样例41% 保留.维护和分析日志(如某个特定时期内发生过的,或正在发生的帐号事件),是Linux系统管理员最基础和最重要的任务之一.对 ...
- api可以主动采集用户数据吗_现在的前端框架全是通过API获得数据,如何记录用户登录状态?...
很多答案都提到了 JWT.Session.Cookie,但是我发现常常有人混淆这三个概念.或者说不同的语境下大家对 Session 会有不同的理解. 首先这三个名词表示的是三个纬度的东西,不能简单地说 ...
最新文章
- H.264 中的相关问题
- observable java_Observable基本用法(RxJava)
- 阿里数据库内核月报:2015年06月
- 用python求期望_Python——EM(期望极大算法)教学(附详细代码与注解)
- OPPO副总裁曝光Reno十倍变焦规格 能用上的安卓机皇不超过两个
- C++11之 Move semantics(移动语义)(转)
- IT小天博客APP版本
- 做到这五点,才算是好用户体验
- 服务器上的文件夹访问被拒绝,修改windows文件权限,解决“拒绝访问”或无法删除的问题-文件访问被拒绝...
- pwnable tw Starbound writeup
- 我的世界虚无2可直连服务器IP,我的世界虚无世界服务器1.7.10
- 《用户体验要素——以用户为中心的产品设计》读书笔记
- java 文件上传乱码_java上传txt文件,出现中文乱码
- 浅谈UAC ByPass
- Request method ‘GET‘ not supported 405错误辨析总结
- Apache原理详解
- 安装phpnow服务[Apache_pn]提示失败的解决方法
- 训练小米叫,让狗狗叫还真的不容易!
- error.GitError: Cannot fetch openembedded/bitbake update-ref: fatal: not a valid SHA1
- 关于序列化不成功的bug处理