1、在common下创建spring_security模块
2、在spring_security引入相关依赖
com.nanjing common_utils0.0.1-SNAPSHOT org.springframework.boot spring-boot-starter-securityio.jsonwebtoken jjwt
3、创建包com.nanjing.serurity,拷贝代码
代码结构说明:
其中TokenWebSecurityConfig中注入的UserDetailsService是查询用户名和密码的
在service_acl模块中创建UserDetailsServiceImpl,pom.xml文件引入spring_security模块
package com.nanjing.aclservice.service.impl;
import com.nanjing.aclservice.entity.User;
import com.nanjing.aclservice.service.PermissionService;
import com.nanjing.aclservice.service.UserService;
import com.nanjing.serurity.entity.SecurityUser;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import java.util.List;
@Service("userDetailsService")
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
private UserService userService;
@Autowired
private PermissionService permissionService;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// 从数据库中取出用户信息
User user = userService.selectByUsername(username);
// 判断用户是否存在
if (null == user){
//throw new UsernameNotFoundException("用户名不存在!");
}
// 返回UserDetails实现类
com.nanjing.serurity.entity.User curUser = new com.nanjing.serurity.entity.User();
BeanUtils.copyProperties(user,curUser);
List authorities = permissionService.selectPermissionValueByUserId(user.getId());
SecurityUser securityUser = new SecurityUser(curUser);
securityUser.setPermissionValueList(authorities);
return securityUser;
}
}
不报红叉了
Spring Security代码执行过程
