Spring Boot整合mybatis和SpringSecurity（安全）的使用教程

本文使用的sql表：

create database springbootweb;

use springbootweb;

drop table if exists department;

create table department
(
    id    int primary key,
    dname varchar(20) not null
);

drop table if exists employee;

create table employee
(
    id       int primary key auto_increment,
    ename    varchar(50) not null,
    email    varchar(50),
    gender   int,
    birthday datetime,
    did      int references department (id)
);

insert into department(id, dname)
values (101, '教学部'),
       (102, '市场部'),
       (103, '教研部'),
       (104, '运营部'),
       (105, '后勤部');

insert into employee (ename, email, gender, birthday, did)
VALUES ('AA', '1234567@qq.com', 1, now(), 101),
       ('BB', '1234567@163.com', 0, now(), 102),
       ('CC', '4234335@qq.com', 1, now(), 103),
       ('DD', '4343343@qq.com', 0, now(), 104),
       ('EE', '6768554@qq.com', 1, now(), 105);

select e.id, e.ename, e.email, e.gender, e.birthday, dname
from employee e
         left join department d on d.id = e.did;

select *
from department;

1.注入依赖
mybatis的依赖可以前往maven查找springboot中mybatis的启动。

    org.mybatis.spring.boot
    mybatis-spring-boot-starter
    2.1.4

将此依赖包注入pom.xml文件中
2.再application.yaml文件中增加对mybatis的配置

mybatis:
  type-aliases-package: com.example.springboot.pojo
  mapper-locations: classpath:mybatis/mapper/*.xml

3.配置pojo层，写实体类，一张表对应一个实体类，写好所有的字段。
pojo层常用注解：
@Data ： 注在类上，提供类的get、set、equals、hashCode、canEqual、toString方法
@AllArgsConstructor ： 注在类上，提供类的全参构造
@NoArgsConstructor ： 注在类上，提供类的无参构造
@Setter ： 注在属性上，提供 set 方法
@Getter ： 注在属性上，提供 get 方法
@EqualsAndHashCode ： 注在类上，提供对应的 equals 和 hashCode 方法
@Log4j/@Slf4j ： 注在类上，提供对应的 Logger 对象，变量名为 log

package com.example.springboot.pojo;

import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;
import org.springframework.context.annotation.Bean;

@Data
@NoArgsConstructor
@AllArgsConstructor
public class DePartment {
    private Integer id;

    private String dname;


}

4.配置mapper层
@Repository注解的作用使sptingboot可以识别出mapper，如果不加@Repository，可以再springboot的启动类中增加@MapperScan("com.example.springboot.mapper")

package com.example.springboot.mapper;

import com.example.springboot.pojo.DePartment;
import org.apache.ibatis.annotations.Mapper;
import org.springframework.stereotype.Repository;

import java.util.List;

@Mapper
@Repository
public interface DePartmentMapper {

    List queryDePartmentList();

    DePartment queryDePartmentById(int id);

    int addDeParment(DePartment dePartment);

    int updateDePartment(DePartment dePartment);

    int deleteDeParment(DePartment dePartment);


}

5.mybatis中的mapper.xml文件中的配置
通用配置

样例：

    
        select *
        from deparment
    

    
        select * from deparment where id = #{id}
    

    
        insert into deparment (id,dname) values (#{id},#{dname})
    

    
        update deparment set dname = #{dname} where id = #{id}
    

    
        delete from deparmnet where id = #{id}
    

6.配置Controller层接口
首先使用@Autowired自动装配mapper层的接口，可以直接进行调用interface接口中打方法。

package com.example.springboot.controller;

import com.example.springboot.mapper.DePartmentMapper;
import com.example.springboot.pojo.DePartment;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RestController;

import java.util.List;

@RestController
public class DeParmentController {

    @Autowired
    private DePartmentMapper dePartmentMapper;

    @GetMapping("/queyDePartmentList")
    public  List queyDePartmentList(){
        List dePartments = dePartmentMapper.queryDePartmentList();
        return dePartments;
    }

    @GetMapping("/queryDePartmentById/{id}")
    public DePartment queryDePartmentById(@PathVariable("id") Integer id){
        DePartment dePartment = dePartmentMapper.queryDePartmentById(id);
        return dePartment;
    }

    @GetMapping("/addDeParment")
    public String addDeParment(){
        DePartment dePartment = new DePartment(3,"12");
        dePartmentMapper.addDeParment(dePartment);
        return "ok";
    }

    @GetMapping("/updateDePartment")
    public String updateDePartment(){
        DePartment dePartment = new DePartment(1, "3");
        int i = dePartmentMapper.updateDePartment(dePartment);
        return "update-ok";
    }

    @GetMapping("/deleteDeParment/{id}")
    public String deleteDeParment(@PathVariable("id") DePartment id){
        int i = dePartmentMapper.deleteDeParment(id);
        return "delete-ok";
    }
}

1.springsecurity的简介
springsecurity和shiro很像除了类不一样，名字不一样，springsecurity是针对spring项目的安全框架。也是springboot底层安全模块默认的技术选型，它可以实现强大的web安全控制，对于安全控制，我们仅需要引入spring-boot-starter-security模块，进行少量的配置，即可实现强大的安全管理。

核心功能

认证 （你是谁）授权（你可以做什么）防护（防止伪造身份）

2.springsecurity必记的类：

WebSecurityConfigurerAdpater：自定义Security策略AuthenticationmanagerBuilder:自定义认证策略@EnableWebSecurity:开启WebSecurity模式 @Enable表示开启某个功能
springsecurity的两个主要目标是：“认证”和“授权”（访问控制）
“认证”（Authentication)
“授权” (Authorization)
3.注入依赖

 
            org.springframework.boot
            spring-boot-starter-security
            2.3.4.RELEASE
        

3.代config层中配置

package com.example.springboot.Config;


import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;

@EnableWebFluxSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.authorizeRequests()
        //允许所有用户访问
                .antMatchers("/").permitAll()
                //只允许vip1访问
                .antMatchers("/form").hasAnyAuthority("vip1")
                .antMatchers("/chat").hasAnyAuthority("vip2")
                .antMatchers("/table").hasAnyAuthority("vip3");
    }
}