当前位置: 首页 > news >正文

Shiro与SpringBoot整合

news 来源:原创 2024/9/22 3:54:39

Shiro与SpringBoot整合

这里前端页面 采用thymeleaf进行渲染

1、导入基本的依赖坐标

<dependency>
    <groupId>org.apache.shiro</groupId>
    <artifactId>shiro-spring-boot-web-starter</artifactId>
    <version>1.9.0</version>
</dependency>

<dependency>
    <groupId>com.baomidou</groupId>
    <artifactId>mybatis-plus-boot-starter</artifactId>
    <version>3.2.0</version>
</dependency>

<dependency>
    <groupId>com.alibaba</groupId>
    <artifactId>druid-spring-boot-starter</artifactId>
    <version>1.1.23</version>
</dependency>


<dependency>
    <groupId>mysql</groupId>
    <artifactId>mysql-connector-java</artifactId>
    <version>8.0.11</version>
</dependency>

<dependency>
    <groupId>mysql</groupId>
    <artifactId>mysql-connector-java</artifactId>
    <version>8.0.28</version>
</dependency>


<dependency>
    <groupId>org.projectlombok</groupId>
    <artifactId>lombok</artifactId>
</dependency>


<dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-thymeleaf</artifactId>
    <version>2.7.4</version>
</dependency>

2、创建数据库表

/*
 Navicat Premium Data Transfer

 Source Server         : 本机
 Source Server Type    : MySQL
 Source Server Version : 80029
 Source Host           : localhost:3306
 Source Schema         : shirodb

 Target Server Type    : MySQL
 Target Server Version : 80029
 File Encoding         : 65001

 Date: 21/12/2022 18:22:39
*/

SET NAMES utf8mb4;
SET FOREIGN_KEY_CHECKS = 0;

-- ----------------------------
-- Table structure for user
-- ----------------------------
DROP TABLE IF EXISTS `user`;
CREATE TABLE `user`  (
  `id` bigint NOT NULL AUTO_INCREMENT,
  `name` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NULL DEFAULT NULL,
  `pwd` varchar(255) CHARACTER SET utf8mb4 COLLATE utf8mb4_0900_ai_ci NULL DEFAULT NULL,
  `rid` bigint NULL DEFAULT NULL,
  PRIMARY KEY (`id`) USING BTREE
) ENGINE = InnoDB CHARACTER SET = utf8mb4 COLLATE = utf8mb4_0900_ai_ci ROW_FORMAT = Dynamic;

-- ----------------------------
-- Records of user
-- ----------------------------
INSERT INTO `user` VALUES (1, '张三', '07ca00e10899418f0ea4ab92a9d69065', NULL);
INSERT INTO `user` VALUES (2, '李四', '07ca00e10899418f0ea4ab92a9d69065', NULL);

SET FOREIGN_KEY_CHECKS = 1;

在这里插入图片描述

这里的密码是直接三层加密获得的(是123)

3、创建yml文件

spring:
  datasource:
    type: com.alibaba.druid.pool.DruidDataSource
    druid:
      driver-class-name: com.mysql.cj.jdbc.Driver
      url: jdbc:mysql://localhost:3306/shirodb?useUnicode=true&characterEncoding=UTF-8&serverTimezone=Asia/Shanghai
      username: root
      password: 20020630


#mybatis
mybatis-plus:
  mapper-locations: classpath*:/mapper/**/*.xml
  #实体扫描,多个package用逗号或者分号分隔
  typeAliasesPackage: com.aiit.pojo.po
  global-config:
    #数据库相关配置
    db-config:
      #主键类型  AUTO:"数据库ID自增", INPUT:"用户输入ID", ID_WORKER:"全局唯一ID (数字类型唯一ID)", UUID:"全局唯一ID UUID";
      id-type: AUTO
      logic-delete-value: 0
      logic-not-delete-value: 1
    banner: false

#指定登录的地址--用来重定向到登录页面
shiro:
  loginUrl: /myController/login

4、自定义MyRealm类

@Component
public class MyRealm extends AuthorizingRealm {//这里继承的是AuthorizingRealm是AuthenticatingRealm的子类

    @Autowired
    UserService userService;
    //自定义授权方法
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {

        return null;
    }


    //自定义登录认证方法
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //1、获取用户身份信息
        String name = authenticationToken.getPrincipal().toString();
        //2、调用业务层获取用户信息(数据库表中)
        User user = userService.getUserInfoByName(name);

        //3、将数据进行封装
        if (user!=null){
            AuthenticationInfo info=new SimpleAuthenticationInfo(
                    authenticationToken.getPrincipal(),
                    user.getPwd(),
                    ByteSource.Util.bytes("salt"),
                    name
            );
            return  info;

        }


        return null;
    }
}

这里调用了service层进行用户的查询

用户实体类

@Data
public class User {
    private Integer id;
    private String name;
    private String pwd;
    private Integer rid;
}

service层具体代码

@Service
public class UserServiceImpl implements UserService {
    @Autowired
    private UserMapper userMapper;
    @Override
    public User getUserInfoByName(String name) {
        QueryWrapper<User> wrapper=new QueryWrapper<>();
        wrapper.eq("name",name);
        User user = userMapper.selectOne(wrapper);
        return user;
    }
}

5、创建ShiroConfig配置类

@Configuration
public class ShiroConfig {
    @Autowired
    private MyRealm myRealm;

    //配置SecurityManager
    @Bean
    public DefaultWebSecurityManager defaultWebSecurityManager() {
        //1、创建对象
        DefaultWebSecurityManager defaultWebSecurityManager = new DefaultWebSecurityManager();
        //2、创建加密对象,设置相关属性

        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        matcher.setHashAlgorithmName("md5");
        matcher.setHashIterations(3);//迭代次数

        //3、将加密对象存储到myRealm中
        myRealm.setCredentialsMatcher(matcher);
        //4、将myRealm存入DefaultWebSecurityManager对象中
        defaultWebSecurityManager.setRealm(myRealm);
        //5、返回
        return defaultWebSecurityManager;
    }
    @Bean
    public DefaultShiroFilterChainDefinition shiroFilterChainDefinition(){
        DefaultShiroFilterChainDefinition definition=new DefaultShiroFilterChainDefinition();
        //设置不认证可以访问的资源
        definition.addPathDefinition("/myController/userLogin","anon");
           definition.addPathDefinition("/myController/login","anon");
        definition.addPathDefinition("/**","authc");
        return definition;
    }

}

参数的解释:

anon:无需认证即可访问。

authc:需要认证才可访问。

user:点击“记住我”功能可访问。

6、创建Controller层

@Controller
@RequestMapping("myController")
public class MyController {


    @GetMapping("/login")
    public String login(){
        return "login";
    }


    @GetMapping("/userLogin")
    public String userLogin(String name, String password, HttpSession session){
        //1、获取subject对象
        Subject subject = SecurityUtils.getSubject();
        //封装请求数据到token
        AuthenticationToken token=new UsernamePasswordToken(name,password);

        try {
            subject.login(token);
            session.setAttribute("user",token.getPrincipal().toString());
            return "main";

        } catch (AuthenticationException e) {
            System.out.println("登录失败");
            throw new RuntimeException(e);
        }

    }

}

7、创建前端页面

在resource下创建templates目录

在该目录下创建login.html

<!DOCTYPE html>
<html lang="en">

<head>
    <meta charset="UTF-8">
    <title>login</title>
</head>

<body>
<div id="loginDiv">
    <form action="/myController/userLogin" id="form" method="get">
        <h1 id="loginMsg">LOGIN IN</h1>
        <p>Username:<input id="username" name="name" type="text"></p>

        <p>Password:<input id="password" name="password" type="password"></p>

        <div id="subDiv">
            <input type="submit" class="button" value="login up">
            <input type="reset" class="button" value="reset">&nbsp;&nbsp;&nbsp;

        </div>
    </form>
</div>

</body>
</html>

在该目录下创建mian.html

登录成功后的跳转页面

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>Title</title>
</head>
<body>
<h1>shiro登录认证后主页面</h1>
登录的用户为<span th:text="${session.user}"></span>
</body>
</html>

8、测试

输入账号张三和密码123
在这里插入图片描述

登录成功

在这里插入图片描述

相关文章:

  • Netflix Eureka 2.0.0正式发布:借尸还魂还是虚晃一枪?
  • 3分钟搞清楚 JVM逃逸分析
  • 用维度概念来定义初级、中级、高级程序员
  • 脉冲神经网络(SNN)论文阅读(四)-----IJCAI-2022 多级发射方法的脉冲神经网络
  • 外行人如何通过学习软件测试转行IT
  • 线程池
  • 【表格合并与底纹】vue-elementul表格简单实现合并单元格,与列和行给底纹颜色
  • Go语言 Gin处理请求参数
  • 盘点导致Spring事务失效的4个场景
  • 网上到处转行编程成功的,现实中真的容易吗?
  • 智慧车行预约小程序,汽车保养、维修、美容、检测预测小程序,前后端完整代码包括车行动态,养车常识,保养预约,维修预约,洗车美容预约
  • 【Oracle】Oracle学习笔记
  • 设计vue3组件
  • mysql5.7主从复制配置
  • 如何写SCI论文
  • React18:创建React项目(自动)
  • Java+Swing+mysql会员卡管理系统
  • pycharm 中sqlite升级方法
  • Zookeeper 4 Zookeeper JavaAPI 操作 4.8 分布式锁
  • 做好程序中的axios错误提示