0
点赞
收藏
分享

微信扫一扫

六、SpringSecurity Web权限方案(2)—— 基于数据库实现权限认证

梦想家们 2022-01-17 阅读 24

一、 基于数据库实现权限认证

1.1、项目结构

在这里插入图片描述

1.2、添加实体类

package com.xbmu.entity;
import lombok.Data;
@Data
public class Users {
    private Integer id;
    private String username;
    private String password;
}
package com.xbmu.entity;
import lombok.Data;
@Data
public class Role {
    private Long id;
    private String name;
}
package com.xbmu.entity;
import lombok.Data;
@Data
public class Menu {
    private Long id;
    private String name;
    private String url;
    private Long parentId;
    private String permission;
}

1.3、编写接口与实现类

package com.xbmu.mapper;

import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import com.xbmu.entity.Menu;
import com.xbmu.entity.Role;
import com.xbmu.entity.Users;
import org.springframework.stereotype.Repository;

import java.util.List;

@Repository
public interface UserMapper extends BaseMapper<Users> {
    /**
     * 根据用户id 查询用户角色
     * @param userId 用户id
     * @return
     */
    List<Role> selectRoleByUserId(Long userId);

    /**
     * 根据用户id 查询菜单
     * @param userId
     * @return
     */
    List<Menu> selectMenuByUserId(Long userId);

}

上述接口需要进行多表管理查询:
需要在resource/mapper目录下自定义UserMapper.xml

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.xbmu.mapper.UserMapper">
    <!--根据用户id 查询角色消息-->
    <select id="selectRoleByUserId" resultType="com.xbmu.entity.Role">
        SELECT
            r.id,
            r.NAME
        FROM
            role r
            INNER JOIN role_user ru ON ru.rid = r.id
        WHERE
            ru.uid = #{0}
    </select>
    <!--  根据用户id 查询权限消息  -->
    <select id="selectMenuByUserId" resultType="com.xbmu.entity.Menu">
        SELECT
            m.id,
            m.NAME,
            m.url,
            m.parentid,
            m.permission
        FROM
            menu m
            INNER JOIN role_menu rm ON m.id = rm.mid
            INNER JOIN role r ON r.id = rm.rid
            INNER JOIN role_user ru ON r.id = ru.rid
        WHERE
            ru.uid = #{0}
    </select>
</mapper>
package com.xbmu.service;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.xbmu.entity.Menu;
import com.xbmu.entity.Role;
import com.xbmu.entity.Users;
import com.xbmu.mapper.UserMapper;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

import java.util.ArrayList;
import java.util.List;

@Service
@Slf4j
public class LoginService implements UserDetailsService {
    @Autowired
    private UserMapper userMapper;

    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        QueryWrapper<Users> wrapper = new QueryWrapper<>();
        wrapper.eq("username",username);
        Users users = userMapper.selectOne(wrapper);
        // 判断用户对象是否为空
        if(null == users){
            throw new UsernameNotFoundException("用户名不存在!");
        }
        // 获取到用户角色,菜单列表
        List<Role> roles = userMapper.selectRoleByUserId(Long.valueOf(users.getId()));
        List<Menu> menus = userMapper.selectMenuByUserId(Long.valueOf(users.getId()));

        // 声明一个集合
        List<GrantedAuthority> grantedAuthorityList = new ArrayList<>();
        // 处理角色
        for (Role role : roles){
            SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority("ROLE_".concat(role.getName()));
            grantedAuthorityList.add(simpleGrantedAuthority);
        }
        // 处理权限
        for (Menu menu : menus){
            grantedAuthorityList.add(new SimpleGrantedAuthority(menu.getPermission()));
        }

        // 将用户角色,权限添加到当前用户
        return new User(users.getUsername(),users.getPassword(),grantedAuthorityList);

    }
}

1.4、在配置文件中添加映射

在配置文件中 application.yml 添加

mybatis-plus:
  mapper-locations: classpath:mapper/*.xml

1.5、修改访问配置类

在这里插入图片描述

1.6、使用管理员与非管理员进行测试

在这里插入图片描述
管理员账号登录
在这里插入图片描述
非管理员账号登录,会提示403,没有权限。
在这里插入图片描述

1.7、自定义403页面

1.7.1、修改访问配置类

http.exceptionHandling().accessDeniedPage("/unAuth.html");

在这里插入图片描述

1.7.2、测试在这里插入图片描述

举报

相关推荐

0 条评论