已关闭。此问题需要更多focused。目前不接受回答。
**要改进此问题吗?**更新此问题,使其仅针对editing this post的一个问题。
上个月关门了。
Improve this question的
我有一个项目,如网上食品 Spring 订购系统平台,我使用Hibernate与两个模型,像这样:
@Entity
@Table(name = "users")
public class User {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Long id;
private String username;
private String password;
private String email;
private Long balance;
}
个字符
我认为这个系统有三个角色:ROLE_SYSAADMIN,ROLE_ADMIN(食品商店),ROLE_CUSTOMER Users和UsersRole存储在数据库中。
如何使用Sping Boot 6为我的应用配置授权和身份验证?
我搜索并做了一些代码。首先,我写了一个自定义的UserDetailService像这样
@Service
public class HiruezUserDetailsService implements UserDetailsService {
private final UserRepository userRepository;
public HiruezUserDetailsService(UserRepository userRepository) {
super();
this.userRepository = userRepository;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
User user = userRepository.findByUsername(username)
.orElseThrow(() -> new UsernameNotFoundException("User not found with username: " + username));
return new HiruezUserDetails(user);
}
}
型
然后,自定义UserDetails,如:
public class HiruezUserDetails implements UserDetails {
/**
*
*/
private static final long serialVersionUID = 1L;
private final User user;
public HiruezUserDetails(User user) {
this.user = user;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return Collections.singleton(new SimpleGrantedAuthority("ROLE_" + user.getRole().getName()));
}
@Override
public String getPassword() {
return user.getPassword();
}
@Override
public String getUsername() {
return user.getUsername();
}
@Override
public boolean isAccountNonExpired() {
return false;
}
@Override
public boolean isAccountNonLocked() {
return false;
}
@Override
public boolean isCredentialsNonExpired() {
return false;
}
@Override
public boolean isEnabled() {
return false;
}
}
型
最后一个是SecurityConfig.java像:
@Configuration
@EnableWebSecurity
public class SecurityConfig {
@Autowired
private JdbcTemplate jdbcTemplate;
@Autowired
private HiruezUserDetailsService hiruezUserDetailsService;
@Bean
public PasswordEncoder passwordEncoder( ) {
return new BCryptPasswordEncoder();
}
@Bean
public JdbcUserDetailsManager jdbcUserDetailManager() {
JdbcUserDetailsManager userDetailManager = new JdbcUserDetailsManager();
userDetailManager.setJdbcTemplate(jdbcTemplate);
return userDetailManager;
}
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth
.userDetailsService(hiruezUserDetailsService)
.passwordEncoder(passwordEncoder());
}
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http
.authorizeHttpRequests((authorize) -> authorize
.requestMatchers("/admin/**").hasRole("SYSADMIN")
.requestMatchers("/store/**").hasRole("ADMIN")
.requestMatchers("/customer/**").hasRole("CUSTOMER")
.anyRequest().authenticated()
)
.httpBasic(Customizer.withDefaults())
.formLogin(form -> form
.loginPage("/login")
.permitAll()
)
.logout((logout) -> logout.logoutUrl("/logout"));
return http.build();
}
}
型
但我工作....嗯
拜托,帮我修好或者给予我另一种方法。非常感谢。
1条答案
按热度按时间pnwntuvh1#
让我们看看如何解决这个问题
字符串
型
型
型
型