第一步配置pom文件的依赖
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
<exclusions>
<exclusion>
<groupId>org.junit.vintage</groupId>
<artifactId>junit-vintage-engine</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.springframework.security</groupId>
<artifactId>spring-security-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
第二步创建启动类
@SpringBootApplication
public class AuthApplication {
public static void main(String[] args) {
SpringApplication.run(AuthApplication.class, args);
}
}
第三步配置yml文件
方式一:在yml文件中配置
server.port=82
#配置Spring security 认证的用户名和密码
spring.security.user.name=lxd
spring.security.user.password=1234
方式二:
//@Configuration
public class SecurityConfigurer extends WebSecurityConfigurerAdapter {
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
super.configure(auth);
// 在配置类中配置认证的密码与用户
auth.inMemoryAuthentication()
.withUser("lxd")
.roles("admin")
.password("2a731e08-c7c2-4a44-bc9d-38ada3e824af")
.and()
.withUser("yyy")
.roles("user")
.password("2a731e08-c7c2-4a44-bc9d-38ada3e824af"); // 这里的password 放置加密后的字符串
}
@Bean
PasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
@Bean
public BCryptPasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
}
第四步:自定义UserDetailsService用户详情服务的接口【也可以不定义】
package com.cn.user.userdetails;
public interface UserDetailsService {
UserDetails loadUserByUsername(String var1) throws UsernameNotFoundException;
}
第五步:PasswordEncoder编码器接口
package com.cn.user.password;
public interface PasswordEncoder {
// 表示把参数按照特定的解析规则进行解析
String encode(CharSequence var1);
// 表示验证从储存中获取的编码密码与编码后提交的原始密码是否匹配,如果匹配返回true.(被解析的,储存的密码)
boolean matches(CharSequence var1, String var2);
// 表示如果解析的密码能够再次进行解析且到达更安全的结果,则返回true,否则返回false.默认返回false.
default boolean upgradeEncoding(String encodedPassword) {
return false;
}
}
第六步:SpringBoot的单元测试
@SpringBootTest
public class PassWord {
@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;//BCrypt密码编码器
@Test
void testEncoder(){
String password = "1234";
String encodedPassword = bCryptPasswordEncoder.encode(password);//加密
System.out.println(encodedPassword);
//$2a$10$l36so50vmcZjbHpHNsEzveMl5nh4N4btASMbTQgZkiWRKLoFbWTQa
//匹配测试matches
boolean flag =
bCryptPasswordEncoder.matches("1234", encodedPassword);//匹配
System.out.println("flag:"+flag);
//flag:true
}
}