Userrealm.java
package com.example.shiro_springboot.config; import com.example.shiro_springboot.pojo.User; import com.example.shiro_springboot.service.UserService; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.*; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.authz.SimpleAuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.Subject; import org.springframework.beans.factory.annotation.Autowired; public class UserRealm extends AuthorizingRealm { @Autowired UserService userService; // 授权 @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) { System.out.println("执行了授权方法"); SimpleAuthorizationInfo info = new SimpleAuthorizationInfo(); info.addStringPermission("user:add"); //拿到当前登录的用户 的对象 Subject subject = SecurityUtils.getSubject(); User currentUser = (User) subject.getPrincipal(); //拿到User对象 // info.addStringPermission(currentUser.getPerms()); return info; } // 认证 @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException { System.out.println("执行了"+authenticationToken+"方法!!!"); //获取当前的用户 Subject subject = SecurityUtils.getSubject(); //伪造的数据库信息 // String name = "admin"; // String password = "admin"; UsernamePasswordToken userToken = (UsernamePasswordToken) authenticationToken; //连接真实数据库 User user = userService.queryUserByName(userToken.getUsername()); if(user == null) // 如果等于null 表示没有这个人 return null; //Shiro 做密码加密方式,Md5 md5盐支加密 // shiro做的密码认证 直接交给shiro return new SimpleAuthenticationInfo("",user.getPwd(),""); } }跳转视图
ShiroController.java
package com.example.shiro_springboot.controller; import com.example.shiro_springboot.mapper.UserMapper; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.IncorrectCredentialsException; import org.apache.shiro.authc.UnknownAccountException; import org.apache.shiro.authc.UsernamePasswordToken; import org.apache.shiro.subject.Subject; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.ResponseBody; @Controller public class ShiroController { @Autowired(required = false) private UserMapper userMapper; @GetMapping({"http://www.likecs.com/","/index"}) public String sayShiro(Model model){ model.addAttribute("msg","hello shiro!!!"); return "index"; } // @GetMapping("/userList") // public String userList(Model model){ // List<User> users = userMapper.queryUserByName(); // model.addAttribute("msg",users); // // users.forEach(System.out::println); // return "user/showUsers"; // } @GetMapping("/user/add") public String add(){ return "user/add"; } @GetMapping("/user/update") public String update(){ return "user/update"; } @GetMapping("/toLogin") public String toLogin(){ return "user/login"; } @RequestMapping("/noauth") @ResponseBody public String noAuth(){ return "未经授权无法登陆!"; } @RequestMapping("/login") public String login(String username, String password, Model model){ // 获取当前用户 Subject subject = SecurityUtils.getSubject(); // 封装用户的登录数据 UsernamePasswordToken token = new UsernamePasswordToken(username, password); try { subject.login(token); // 执行登录的方法,如果没有异常,就登录成功! return "index"; }catch (UnknownAccountException e){ model.addAttribute("msg","用户名错误!"); return "user/login"; } catch (IncorrectCredentialsException e){ model.addAttribute("msg","密码错误!"); return "user/login"; } } }UserMapper.java 查询数据库
package com.example.shiro_springboot.mapper; import com.example.shiro_springboot.pojo.User; import org.apache.ibatis.annotations.Mapper; import org.apache.ibatis.annotations.Select; import org.springframework.stereotype.Repository; @Repository @Mapper //@Component public interface UserMapper { @Select("select * from user where name = #{name}") public User queryUserByName(String name); }实体类pojo/User.java
package com.example.shiro_springboot.pojo; import lombok.AllArgsConstructor; import lombok.Data; import lombok.NoArgsConstructor; import java.util.Date; @Data @NoArgsConstructor @AllArgsConstructor public class User { private Integer id; private String perms; private String name; private String pwd; private Integer age; private String email; private Integer version; private Date gmt_create; private Date gmt_modified; } 十二、Swagger
前后端分离——技术栈 (Vue + Springboot)
Swagger版本3.0.x 就不支持 访问localhost:8080/swagger-ui.html接口访问到
而Swagger的2.9.x则支持