做的比较好的p2p网站,如何在wordpress中加备案编号,网站平台开发报价单,流媒体网站开发spring boot(学习笔记第十四课) Spring Security的密码加密#xff0c;基于数据库认证 学习内容#xff1a;
Spring Security的密码加密基于数据库认证 1. Spring Security的密码加密
如果用户的密码保存在数据库中是以明文保存#xff0c;对于公司的安全将是灾难性的基于数据库认证 学习内容
Spring Security的密码加密基于数据库认证 1. Spring Security的密码加密
如果用户的密码保存在数据库中是以明文保存对于公司的安全将是灾难性的哪个公司也不会允许用户数据使用明文保存。这里练习使用加密之后的密码进行认证。 注意这样公司的数据库里面是没有用户的明文密码即使数据库泄露也不会暴漏用户的明文密码实现密码加密 配置passwordEncoderBean
PasswordEncoder passwordEncoder() {return new BCryptPasswordEncoder(10);
}手动根据明文密码生成密文密码 bcrypt转换工具 注意每次生成的密码都不一样但是每个生成的都好用 使用生成的密文进行用户的创建。 BeanUserDetailsService userDetailsService() {InMemoryUserDetailsManager users new InMemoryUserDetailsManager();users.createUser(User.withUsername(finlay_user).password($2a$10$uwwZ5EyWbFnnw3JG53rqQ.VJUm/.Pl9Ko1CUP5Aqc2kuBr2Bx7bc.).roles(USER).build());再次进行认证。
2. 基于数据库认证
以上练习了基于内存的认证实际上正式的系统开发都是使用数据库进行认证在这里练习使用使用数据库的用户数据进行认证。这里使用postgresql。
首先创建数据库需要的表 创建USER表CREATE TABLE USER(
id int,
username varchar(32),
password varchar(255),
enabled int,
locked int,
PRIMARY KEY(id)
);创建ROLE表CREATE TABLE ROLE(
id int,
name varchar(32),
nameZh varchar(255),
PRIMARY KEY(id)
);创建USER_ROLE表(user和role的关系表)CREATE TABLE USER_ROLE(
id int,
uid int,
rid int,
PRIMARY KEY(id)
);用户数据如下 USER表 ROLE表 USER_ROLE表 USER和ROLE的关系 with uur as ( select* fromUSER u inner join USER_ROLE ur on u.id ur.uid)select username,namezh,name as rolename from uur inner join ROLE r on uur.rid r.id引入必要的依赖 dependencygroupIdorg.springframework.boot/groupIdartifactIdspring-boot-starter-security/artifactId/dependencydependencygroupIdorg.mybatis.spring.boot/groupIdartifactIdmybatis-spring-boot-starter/artifactIdversion3.0.3/version/dependencydependencygroupIdorg.projectlombok/groupIdartifactIdlombok/artifactIdscopeprovided/scope/dependencydependencygroupIdorg.postgresql/groupIdartifactIdpostgresql/artifactIdscoperuntime/scope/dependencydependencygroupIdcom.alibaba/groupIdartifactIddruid/artifactIdversion1.2.9/version/dependency这里repository使用mybatis所以引入mybatis的依赖包。在application.properties定义数据库连接信息。spring.datasource.typecom.alibaba.druid.pool.DruidDataSource
spring.datasource.urljdbc:postgresql://127.0.0.1:5432/springboot
spring.datasource.usernamefinlay
spring.datasource.password123456定义mybatis的interface以及xml文件 定义User和Role的实体类Data
public class Role {private Integer id;private String name;private String nameZh;
}Data
public class User implements UserDetails {private Integer id;private String username;private String password;private Boolean enabled;private Boolean locked;private ListRole roles;Overridepublic Collection? extends GrantedAuthority getAuthorities() {ListSimpleGrantedAuthority authorities new ArrayList();for (Role role : roles) {authorities.add(new SimpleGrantedAuthority(role.getName()));}return authorities;}Overridepublic String getPassword() {return this.password;}Overridepublic String getUsername() {return this.username;}Overridepublic boolean isAccountNonExpired() {return true;}Overridepublic boolean isAccountNonLocked() {return !this.locked;}Overridepublic boolean isCredentialsNonExpired(){return true;}Overridepublic boolean isEnabled(){return this.enabled;}
}配置mybatisMapper
public interface UserMapper {User loadUserByUserName(String usernam);ListRole getUserRolesByUid(Integer id);
}配置mybatis的xml配置文件!DOCTYPE mapperPUBLIC -//mybatis.org//DTD Mapper 3.0//ENhttp://mybatis.org/dtd/mybatis-3-mapper.dtd
mapper namespacecom.example.demo.repository.mybatis.UserMapperselect idloadUserByUserName resultTypecom.example.demo.authentication.Userselect * from USER where username#{username}/selectselect idgetUserRolesByUid resultTypecom.example.demo.authentication.Roleselect * from ROLE r, USER_ROLE ur where r.idur.rid and ur.uid#{id}/select
/mapper定义UserDetailsServiceService
public class UserService implements UserDetailsService {Autowiredpublic UserMapper userMapper;Overridepublic UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {User user userMapper.loadUserByUserName(username);if (user null) {throw new UsernameNotFoundException(username is not found);}user.setRoles(userMapper.getUserRolesByUid(user.getId()));return user;}
}注意这里生成了UserDetailsService的bean所以spring boot security的的认证处理都会使用这个bean整体的架构 测试认证结果
