代码拉取完成,页面将自动刷新
基于Spring Security 6开发
任选其中一个
maven { url "https://s01.oss.sonatype.org/service/local/repositories/releases/content" }
maven { url "https://repo1.maven.org/maven2" }
dependencies {
implementation 'io.gitee.lglbc:easy-spring-security-starter:1.0.2'
}
<dependency>
<groupId>io.gitee.lglbc</groupId>
<artifactId>easy-spring-security-starter</artifactId>
<version>1.0.2</version>
</dependency>
因为在用户登录校验时,需要根据账号去查询密码,权限,所以这部分需要自己定义,在这里我们只需要实现EasyLogin接口即可,实现自己的业务逻辑.你可以引入MyBatis查询,我这边演示是基于内存Map存储用户信息
@Component
public class TestEasyLogin implements EasyLogin {
public static Map<String,String> userMap = Map.of(
"lglbc","{noop}123456",
"ams","{noop}45678"
);
@Override
public SimpleUser loadUser(String userName) {
if (!userMap.containsKey(userName)) {
return null;
}
String password = userMap.get(userName);
SimpleUser simpleUser = new SimpleUser();
simpleUser.setUserName(userName);
simpleUser.setPassword(password);
simpleUser.setPermissions(List.of("A","B"));
simpleUser.setRoles(List.of("user","admin"));
return simpleUser;
}
}
curl --location 'http://localhost:8080/login' \
--header 'Content-Type: application/json' \
--header 'Cookie: JSESSIONID=BAC13762365A696CBC3A58C84775928D' \
--data '{
"username":"lglbc",
"password":"123456"
}'
{"msg":"登录成功 默认","code":-1,"data":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJhdXRob3JpdGllcyI6WyJBIiwiQiIsIlJPTEVfYWRtaW4iLCJST0xFX3VzZXIiXSwiZXhwIjoxNjg4MzA5NTQ5NzE2LCJpYXQiOjE2ODgzMDU5NDk3MTYsImp0aSI6ImUzOTZlYzQ3LTY0N2MtNGRlNS1hMTNhLWIyNTI5OWMyMWQ3ZiIsInN1YiI6ImxnbGJjIiwidXNlcm5hbWUiOiJsZ2xiYyJ9.gSgb0MyZUapwQ6qO2oPNrAzhN9e8ifojFnGjJJ6q7KybYapSjWf8j5CIbymX_YOM8acM5vgwsyKjg_r_t7gBZ_ViWjxVdGkFtuMz0440aXrOH9U8TZSk74dWyzr7unIw4e8J1bGUZyPei1CBfDihlhHKitpVqWsXzKd_WYUJ5COqDkwIYI_P6rKR_mKniMHVLFln0Fubx2Pry-66Tid98KYIWhJMR6OKGK4RFtMoX19EcEysXwM4KatwkCXhgXq8nVmdLCedX505bTe6mMgpmWr5zRMGrI0pG_na80OxirGbKe5W5rKz8m5SchtyuWd7zqQgb0IPpQCds5ucYHHNqg"}
curl --location 'http://localhost:8080/login' \
--header 'Content-Type: application/json' \
--header 'Cookie: JSESSIONID=BAC13762365A696CBC3A58C84775928D' \
--data '{
"username":"lglbc2",
"password":"123456"
}'
{"msg":"登录失败 默认","code":-1,"data":"用户名或密码错误"}
{"msg":"无权限访问 默认","code":-1,"data":"Access Denied"}
{"msg":"token verify failed","code":"403","data":"默认实现"}
每个项目的返回结果的结构肯定都不一样,默认的返回结果肯定不满足需求,所以我们可以自定义返回结果,只需要实现接口EasySecurityResultHandler里面的方法即可.需要注意的是我们需要加上@Primary注解才能覆盖默认实现。
@Component
@Primary
public class CustomExceptionResult implements EasySecurityResultHandler {
@Override
public void noPermissionHandler(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) {
JsonResponseUtil.out(response, "无权限访问 自定义");
}
@Override
public void noPermissionHandler(HttpServletRequest request, HttpServletResponse response, AuthenticationException authenticationException) {
JsonResponseUtil.out(response, "认证失败 自定义");
}
@Override
public void loginFailedHandler(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) {
JsonResponseUtil.out(response, "登录失败 自定义");
}
@Override
public void loginSuccessHandler(HttpServletRequest request, HttpServletResponse response, Authentication authentication, String token) {
JsonResponseUtil.out(response, token+" 自定义");
}
@Override
public void tokenVerifyFailed(HttpServletResponse response, TokenException tokenException) {
JsonResponseUtil.out(response, "token验证失败 自定义" + tokenException.getMsg());
}
}
只需要在配置文件中配置list即可
easy:
security:
ignoreUrls:
- /test10
- /test20
因为系统默认使用对称加密密钥为123456,项目都需要使用自己的密钥
easy:
security:
ignoreUrls:
- /test10
token:
expireTime: 3600
secret: 123456
如果开启了enableRSA。需要填写jksSecret和jksPath
easy:
token:
expireTime: 3600
enableRSA: true
jksSecret: 123456
jksName: /Users/lglbc/Desktop/code/easy-spring-security-starter-demo/src/main/resources/jwt.jks
实现EasyLogin->preCheck方法,系统在进行用户名密码认证之前会调用这个方法,所以基于这个方法我们可以去自定义验证码登录逻辑,系统也提供了生成验证码的接口 /kaptcha,并且会回调EasyLogin->saveCaptcha 触发验证码保存映射关系逻辑,这一部分需要自己实现
更多功能正在开发中.希望大家能够提出更多宝贵的建议和需求.
如果想参与进来一起维护这个开源项目,可以加我的微信“AmsNeil”,备注 ‘开源’
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。