master
zwzw1219
parent
0ed9de7ec4
commit
35cf0df44e
|
|
@ -1,13 +1,17 @@
|
|||
package com.boot.security.server.config;
|
||||
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
||||
|
||||
import com.boot.security.server.service.UserDetailsServiceImpl;
|
||||
|
||||
@EnableGlobalMethodSecurity
|
||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
|
||||
|
|
@ -17,6 +21,8 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
private AuthenticationFailureHandler authenticationFailureHandler;
|
||||
@Autowired
|
||||
private LogoutSuccessHandler logoutSuccessHandler;
|
||||
@Autowired
|
||||
private UserDetailsServiceImpl userDetailsServiceImpl;
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
|
|
@ -25,7 +31,23 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
|||
"/webjars/**")
|
||||
.permitAll().anyRequest().authenticated().and().formLogin().loginProcessingUrl("/login")
|
||||
.successHandler(authenticationSuccessHandler).failureHandler(authenticationFailureHandler).and()
|
||||
.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler);
|
||||
.logout().logoutUrl("/logout").logoutSuccessHandler(logoutSuccessHandler).and().csrf().disable();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
|
||||
auth.userDetailsService(userDetailsServiceImpl).passwordEncoder(new PasswordEncoder() {
|
||||
|
||||
@Override
|
||||
public boolean matches(CharSequence rawPassword, String encodedPassword) {
|
||||
return rawPassword.equals(encodedPassword);
|
||||
}
|
||||
|
||||
@Override
|
||||
public String encode(CharSequence rawPassword) {
|
||||
return rawPassword.toString();
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,6 +1,7 @@
|
|||
package com.boot.security.server.config;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import javax.servlet.http.HttpServletRequest;
|
||||
|
|
@ -8,12 +9,23 @@ import javax.servlet.http.HttpServletResponse;
|
|||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.security.authentication.AuthenticationCredentialsNotFoundException;
|
||||
import org.springframework.security.authentication.BadCredentialsException;
|
||||
import org.springframework.security.authentication.LockedException;
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.AuthenticationException;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
|
||||
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
|
||||
import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;
|
||||
|
||||
import com.alibaba.fastjson.JSONObject;
|
||||
import com.boot.security.server.dto.ResponseInfo;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
||||
@Slf4j
|
||||
@Configuration
|
||||
public class SecurityHandlerConfig {
|
||||
|
||||
|
|
@ -29,7 +41,13 @@ public class SecurityHandlerConfig {
|
|||
@Override
|
||||
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response,
|
||||
Authentication authentication) throws IOException, ServletException {
|
||||
log.info(request.getRequestURI());
|
||||
User user = (User) authentication.getPrincipal();
|
||||
log.info("{}", user.getAuthorities().stream().map(a -> a.getAuthority()).collect(Collectors.toSet()));
|
||||
|
||||
ResponseInfo info = ResponseInfo.builder().code(HttpStatus.OK.value() + "").message("登录成功").build();
|
||||
|
||||
writeResponse(response, HttpStatus.OK.value(), JSONObject.toJSONString(info));
|
||||
}
|
||||
};
|
||||
}
|
||||
|
|
@ -46,7 +64,16 @@ public class SecurityHandlerConfig {
|
|||
@Override
|
||||
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
|
||||
AuthenticationException exception) throws IOException, ServletException {
|
||||
ResponseInfo info = ResponseInfo.builder().code(HttpStatus.UNAUTHORIZED.value() + "").build();
|
||||
if (exception instanceof AuthenticationCredentialsNotFoundException) {
|
||||
info.setMessage("用户名存在");
|
||||
} else if (exception instanceof LockedException) {
|
||||
info.setMessage("用户被锁定");
|
||||
} else if (exception instanceof BadCredentialsException) {
|
||||
info.setMessage("密码错误");
|
||||
}
|
||||
|
||||
writeResponse(response, HttpStatus.UNAUTHORIZED.value(), JSONObject.toJSONString(info));
|
||||
}
|
||||
};
|
||||
|
||||
|
|
@ -69,4 +96,16 @@ public class SecurityHandlerConfig {
|
|||
};
|
||||
|
||||
}
|
||||
|
||||
public static void writeResponse(HttpServletResponse response, int status, String json) {
|
||||
try {
|
||||
response.setHeader("Access-Control-Allow-Origin", "*");
|
||||
response.setHeader("Access-Control-Allow-Methods", "*");
|
||||
response.setContentType("application/json;charset=UTF-8");
|
||||
response.setStatus(status);
|
||||
response.getWriter().write(json);
|
||||
} catch (IOException e) {
|
||||
e.printStackTrace();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,15 +1,12 @@
|
|||
package com.boot.security.server.controller;
|
||||
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestBody;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import com.boot.security.server.dto.LoginInfo;
|
||||
|
||||
import io.swagger.annotations.Api;
|
||||
import io.swagger.annotations.ApiOperation;
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
||||
/**
|
||||
* 登陆相关接口
|
||||
|
|
@ -17,22 +14,16 @@ import io.swagger.annotations.ApiOperation;
|
|||
* @author 小威老师
|
||||
*
|
||||
*/
|
||||
@Api(tags = "登陆、退出")
|
||||
@Slf4j
|
||||
@Api(tags = "退出")
|
||||
@RestController
|
||||
@RequestMapping
|
||||
public class LoginController {
|
||||
|
||||
@ApiOperation(value = "登陆")
|
||||
@PostMapping("/login")
|
||||
public void login(@RequestBody LoginInfo info) {
|
||||
System.out.println(info.getUsername());
|
||||
System.out.println(info.getPassword());
|
||||
}
|
||||
|
||||
@ApiOperation(value = "退出")
|
||||
@GetMapping(value = "/logout", params = "token")
|
||||
public void logout(String token) {
|
||||
System.out.println(token);
|
||||
log.info(token);
|
||||
}
|
||||
|
||||
}
|
||||
|
|
|
|||
|
|
@ -1,16 +0,0 @@
|
|||
package com.boot.security.server.dto;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
|
||||
@Getter
|
||||
@Setter
|
||||
public class LoginInfo implements Serializable {
|
||||
|
||||
private static final long serialVersionUID = 4680419308278241260L;
|
||||
|
||||
private String username;
|
||||
private String password;
|
||||
}
|
||||
|
|
@ -0,0 +1,18 @@
|
|||
package com.boot.security.server.dto;
|
||||
|
||||
import java.io.Serializable;
|
||||
|
||||
import lombok.Builder;
|
||||
import lombok.Getter;
|
||||
import lombok.Setter;
|
||||
|
||||
@Getter
|
||||
@Setter
|
||||
@Builder
|
||||
public class ResponseInfo implements Serializable {
|
||||
|
||||
private static final long serialVersionUID = -4417715614021482064L;
|
||||
|
||||
private String code;
|
||||
private String message;
|
||||
}
|
||||
|
|
@ -0,0 +1,31 @@
|
|||
package com.boot.security.server.service;
|
||||
|
||||
import java.util.HashSet;
|
||||
import java.util.Set;
|
||||
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.core.userdetails.User;
|
||||
import org.springframework.security.core.userdetails.UserDetails;
|
||||
import org.springframework.security.core.userdetails.UserDetailsService;
|
||||
import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
|
||||
@Slf4j
|
||||
@Service
|
||||
public class UserDetailsServiceImpl implements UserDetailsService {
|
||||
|
||||
@Override
|
||||
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
|
||||
log.info(username);
|
||||
Set<GrantedAuthority> authorities = new HashSet<>();
|
||||
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority("rrr");
|
||||
authorities.add(grantedAuthority);
|
||||
|
||||
User user = new User(username, "222", authorities);
|
||||
return user;
|
||||
}
|
||||
|
||||
}
|
||||
Loading…
Reference in New Issue