Spring Security进阶 (3)

基于RBAC设置三张表,用户表,角色表,用户和角色的关联表 密码明文分别是 123 456 admin

-- 角色表 SET NAMES utf8mb4; SET FOREIGN_KEY_CHECKS = 0; -- ---------------------------- -- Table structure for sys_role -- ---------------------------- DROP TABLE IF EXISTS `sys_role`; CREATE TABLE `sys_role` ( `id` int(11) NOT NULL, `rolename` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT '角色名称', `rolememo` varchar(255) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT '角色描述', PRIMARY KEY (`id`) USING BTREE ) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic; -- ---------------------------- -- Records of sys_role -- ---------------------------- INSERT INTO `sys_role` VALUES (1, 'USER', '普通用户'); INSERT INTO `sys_role` VALUES (2, 'READ', '只读'); INSERT INTO `sys_role` VALUES (3, 'ADMIN', '管理员'); SET FOREIGN_KEY_CHECKS = 1; -- 用户表 SET NAMES utf8mb4; SET FOREIGN_KEY_CHECKS = 0; -- ---------------------------- -- Table structure for sys_user -- ---------------------------- DROP TABLE IF EXISTS `sys_user`; CREATE TABLE `sys_user` ( `id` int(11) NOT NULL AUTO_INCREMENT, `username` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL, `password` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL, `realname` varchar(200) CHARACTER SET utf8 COLLATE utf8_general_ci NULL DEFAULT NULL COMMENT '真实名字', `isenable` int(11) NULL DEFAULT NULL COMMENT '是否开启认证', `islock` int(11) NULL DEFAULT NULL COMMENT '是否锁定', `isexpire` int(11) NULL DEFAULT NULL, `incredentials` int(255) NULL DEFAULT NULL COMMENT '是否过期', `createtime` date NULL DEFAULT NULL, `logintime` date NULL DEFAULT NULL, PRIMARY KEY (`id`) USING BTREE ) ENGINE = InnoDB AUTO_INCREMENT = 9 CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic; -- ---------------------------- -- Records of sys_user 密码明文分别是 123 456 admin -- ---------------------------- INSERT INTO `sys_user` VALUES (6, 'zs', '$2a$10$EGMo2XSdh49cDgXa0OzXYu36HfNssUf7zUDaNIz83AgWveA3GORYq', '张三', 1, 1, 1, 1, '2021-09-02', '2021-09-02'); INSERT INTO `sys_user` VALUES (7, 'lisi', '$2a$10$r9iLBYZzIIt/gyOng***ZOBZaP4EW58etU1tLPoEh7hlYpydIaM6u', '李四', 1, 1, 1, 1, '2021-09-02', '2021-09-02'); INSERT INTO `sys_user` VALUES (8, 'admin', '$2a$10$P.I3zf7bEAmLmlSwaDOdMOdrxEyTT1QvbqfKC5YGQ7zHk5zUR/dCG', '管理员', 1, 1, 1, 1, '2021-09-02', '2021-09-02'); SET FOREIGN_KEY_CHECKS = 1; --关联表 SET NAMES utf8mb4; SET FOREIGN_KEY_CHECKS = 0; -- ---------------------------- -- Table structure for sys_user_role -- ---------------------------- DROP TABLE IF EXISTS `sys_user_role`; CREATE TABLE `sys_user_role` ( `userid` int(11) NOT NULL, `roleid` int(11) NULL DEFAULT NULL ) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic; -- ---------------------------- -- Records of sys_user_role -- ---------------------------- INSERT INTO `sys_user_role` VALUES (6, 1); INSERT INTO `sys_user_role` VALUES (7, 2); INSERT INTO `sys_user_role` VALUES (8, 1); INSERT INTO `sys_user_role` VALUES (8, 3); SET FOREIGN_KEY_CHECKS = 1; 2.2创建项目 2.3 导入依赖

把上一个项目的依赖导入进来,再加多一个spring整合mybatis的包

<dependency> <groupId>org.mybatis.spring.boot</groupId> <artifactId>mybatis-spring-boot-starter</artifactId> <version>2.1.0</version> </dependency> 2.4创建相关类 2.4.1实体类

创建User和Role的实体类,要继承UserDetails

public class SysUser implements UserDetails { private Integer id; private String username; private String password; private String realName; private boolean isEnable; private boolean isExpired; private boolean isLock; private boolean isCredentials; private List<GrantedAuthority> grantedAuthorities; private Date createTime; private Date loginTime; public SysUser() { } public SysUser(String username, String password, String realName, boolean isEnable, boolean isExpired, boolean isLock, boolean isCredentials, List<GrantedAuthority> grantedAuthorities, Date createTime, Date loginTime) { this.username = username; this.password = password; this.realName = realName; this.isEnable = isEnable; this.isExpired = isExpired; this.isLock = isLock; this.isCredentials = isCredentials; this.grantedAuthorities = grantedAuthorities; this.createTime = createTime; this.loginTime = loginTime; } //角色的集合 @Override public Collection<? extends GrantedAuthority> getAuthorities() { return grantedAuthorities; } //密码 @Override public String getPassword() { return password; } //用户名 @Override public String getUsername() { return username; } //账号是否存在 @Override public boolean isAccountNonExpired() { return isExpired; } //账号是否锁定 @Override public boolean isAccountNonLocked() { return isLock; } //是否过期 @Override public boolean isCredentialsNonExpired() { return isCredentials; } //是否启用 @Override public boolean isEnabled() { return isEnable; } public void setId(Integer id) { this.id = id; } public void setUsername(String username) { this.username = username; } public void setPassword(String password) { this.password = password; } public void setRealName(String realName) { this.realName = realName; } public void setEnable(boolean enable) { isEnable = enable; } public void setExpired(boolean expired) { isExpired = expired; } public void setLock(boolean lock) { isLock = lock; } public void setCredentials(boolean credentials) { isCredentials = credentials; } public void setGrantedAuthorities(List<GrantedAuthority> grantedAuthorities) { this.grantedAuthorities = grantedAuthorities; } public void setCreateTime(Date createTime) { this.createTime = createTime; } public void setLoginTime(Date loginTime) { this.loginTime = loginTime; } public Integer getId() { return id; } public String getRealName() { return realName; } public Date getCreateTime() { return createTime; } public Date getLoginTime() { return loginTime; } @Override public String toString() { return "SysUser{" + "id=" + id + ", username='" + username + '\'' + ", password='" + password + '\'' + ", realName='" + realName + '\'' + ", isEnable=" + isEnable + ", isExpired=" + isExpired + ", isLock=" + isLock + ", isCredentials=" + isCredentials + ", grantedAuthorities=" + grantedAuthorities + ", createTime=" + createTime + ", loginTime=" + loginTime + '}'; } } public class SysRole { private Integer id; private String role; private String rolememo; public Integer getId() { return id; } public void setId(Integer id) { this.id = id; } public String getRole() { return role; } public void setRole(String role) { this.role = role; } public String getRolememo() { return rolememo; } public void setRolememo(String rolememo) { this.rolememo = rolememo; } @Override public String toString() { return "SysRole{" + "id=" + id + ", role='" + role + '\'' + ", rolememo='" + rolememo + '\'' + '}'; } } 2.4.2dao层和对应的xml文件 @Repository public interface SysRoleMapper { //根据用户id查看角色 List<SysRole> selectByUserId(Integer userId); } @Repository public interface SysUserMapper { //插入用户 int insertSysUser(SysUser sysUser); //根据用户名查询用户 SysUser selectByUsername(String username); } <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> <mapper namespace="com.huang.security.mapper.SysRoleMapper"> <resultMap type="com.huang.security.entity.SysRole"> <id column="id" property="id"/> <result column="rolename" property="role"/> <result column="rolememo" property="rolememo"/> </resultMap> <select resultMap="roleMapper" > SELECT sr.id,sr.rolename,sr.rolememo FROM sys_role AS sr INNER JOIN sys_user_role AS sur ON sr.id = sur.roleid WHERE sur.userid = #{userid} </select> </mapper> <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd"> <mapper namespace="com.huang.security.mapper.SysUserMapper"> <resultMap type="com.huang.security.entity.SysUser"> <id column="id" property="id"/> <result column="username" property="username"/> <result column="password" property="password"/> <result column="realname" property="realName"/> <result column="isenable" property="isEnable"/> <result column="islock" property="isLock"/> <result column="isexpire" property="isExpired"/> <result column="incredentials" property="isCredentials"/> <result column="createtime" property="createTime"/> <result column="logintime" property="loginTime"/> </resultMap> <insert parameterType="com.huang.security.entity.SysUser"> insert into sys_user(username,password,realname,isenable,islock,incredentials,createtime,logintime) values(#{username},#{password},#{realName},#{isEnable},#{isLock},#{isCredentials}, #{createTime},#{loginTime}) </insert> <select resultMap="userMapper" > select id,username,password,realname,isenable,islock,isexpire,incredentials,createtime,logintime from sys_user where username = #{username} </select> </mapper> 2.5service层

内容版权声明:除非注明,否则皆为本站原创文章。

转载注明出处:https://www.heiqu.com/zggwfs.html