采用狂神页面和 SpringSecurity+MybatisPlus实现Web权限控制

数据库表设计

采用狂神页面和 SpringSecurity+MybatisPlus实现Web权限控制

pox依赖

<dependencies>         <dependency>             <groupId>org.springframework.boot</groupId>             <artifactId>spring-boot-starter-security</artifactId>         </dependency>         <!--thymeleaf整合spring security-->         <dependency>             <groupId>org.thymeleaf.extras</groupId>             <artifactId>thymeleaf-extras-springsecurity5</artifactId>             <version>3.0.4.RELEASE</version>         </dependency>         <dependency>             <groupId>org.springframework.boot</groupId>             <artifactId>spring-boot-starter-thymeleaf</artifactId>         </dependency>         <dependency>             <groupId>org.springframework.boot</groupId>             <artifactId>spring-boot-starter-web</artifactId>         </dependency>         <dependency>             <groupId>com.baomidou</groupId>             <artifactId>mybatis-plus-boot-starter</artifactId>             <version>3.4.2</version>         </dependency>          <dependency>             <groupId>mysql</groupId>             <artifactId>mysql-connector-java</artifactId>             <scope>runtime</scope>         </dependency>         <dependency>             <groupId>org.projectlombok</groupId>             <artifactId>lombok</artifactId>             <optional>true</optional>         </dependency>         <dependency>             <groupId>org.springframework.boot</groupId>             <artifactId>spring-boot-starter-test</artifactId>             <scope>test</scope>             <exclusions>                 <exclusion>                     <groupId>org.junit.vintage</groupId>                     <artifactId>junit-vintage-engine</artifactId>                 </exclusion>             </exclusions>         </dependency>         <dependency>             <groupId>org.springframework.security</groupId>             <artifactId>spring-security-test</artifactId>             <scope>test</scope>         </dependency>     </dependencies> 

Security配置

package com.itdfq.mybatis_security.config;   import com.itdfq.mybatis_security.service.UsersService; import org.springframework.beans.factory.annotation.Autowired;  import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;  import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder;  /**  * @Author GocChin  * @Date 2021/5/19 14:55  * @Blog: itdfq.com  * @QQ: 909256107  */ @EnableWebSecurity public class SecurityConfig extends WebSecurityConfigurerAdapter {      @Autowired     private UsersService usersService;      /**      * 授权的      * @param http      * @throws Exception      */     @Override     protected void configure(HttpSecurity http) throws Exception {          //首页所有人可以访问,功能页有相应权限才能访问         //链式编程         //请求授权的规则         http.authorizeRequests()                 .antMatchers("/").permitAll()                 .antMatchers("/level1/**").hasAuthority("1")                 .antMatchers("/level2/**").hasAuthority("2")                 .antMatchers("/level3/**").hasAuthority("3");         //没有权限,默认到登录页面         http.formLogin().loginPage("/login").usernameParameter("username").passwordParameter("password").loginProcessingUrl("/login");         //防止网站攻击         http.csrf().disable();//登出可能存在失败的原因         //注销功能         http.logout().logoutSuccessUrl("/login");         //开启记住我功能         http.rememberMe().rememberMeParameter("remember")                 .tokenValiditySeconds(600);//设置有效时长,单位秒;     }     /**      * 认证的      * @param auth      * @throws Exception      */     @Override     protected void configure(AuthenticationManagerBuilder auth) throws Exception {          auth.userDetailsService(usersService).passwordEncoder(password());     }     private PasswordEncoder password() {         return new BCryptPasswordEncoder();     } }  

Service层

 @Override     public UserDetails loadUserByUsername(String s) throws             UsernameNotFoundException {         QueryWrapper<Users> wrapper = new QueryWrapper();         wrapper.eq("username",s);         Users users = usersMapper.selectOne(wrapper);         if(users == null) {             throw  new UsernameNotFoundException("用户名不存在!");         }         System.out.println(users);         List<GrantedAuthority> auths =                 AuthorityUtils.commaSeparatedStringToAuthorityList(users.getRole());         return new User(users.getUsername(), new BCryptPasswordEncoder().encode(users.getPassword()), auths) ;     } 

前端index页面

<!DOCTYPE html> <html lang="en" xmlns="http://www.w3.org/1999/xhtml" xmlns:th="http://www.thymeleaf.org"       xmlns:sec="http://www.thymeleaf.org/extras/spring-security"> <head>     <meta charset="UTF-8">     <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">     <title>首页</title>     <!--semantic-ui-->     <link href="https://cdn.bootcss.com/semantic-ui/2.4.1/semantic.min.css" rel="stylesheet">     <link th:href="@{/qinjiang/css/qinstyle.css}" rel="stylesheet"> </head> <body>  <!--主容器--> <div class="ui container">      <div class="ui segment" id="index-header-nav" th:fragment="nav-menu">         <div class="ui secondary menu">             <a class="item" th:href="@{/index}">首页</a>              <!--登录注销-->             <div class="right menu">                 <!--如果没有登录-->                 <div sec:authorize="!isAuthenticated()">                     <a class="item" th:href="@{/login}">                         <i class="address card icon"></i> 登录                     </a>                 </div>                 <div sec:authorize="isAuthenticated()">                     <!--如果登录:用户名,注销-->                     <!--注销-->                     <a class="item">                         用户名:<span sec:authentication="name"></span>                  &nbsp;                         角色:<span sec:authentication="authorities"></span>                     </a>                 </div>                 <div sec:authorize="isAuthenticated()">                     <!--如果登录:用户名,注销-->                     <!--注销-->                     <a class="item" th:href="@{/logout}">                         <i class="sign-out icon"></i> 注销                     </a>                 </div>               </div>         </div>     </div>      <div class="ui segment" style="text-align: center">         <h3>Spring Security Study </h3>     </div>      <div>         <br>         <div class="ui three column stackable grid">             <!--动态菜单的效果-->             <div class="column" sec:authorize="hasAuthority('1')">                 <div class="ui raised segment">                     <div class="ui">                         <div class="content">                             <h5 class="content">Level 1</h5>                             <hr>                             <div><a th:href="@{/level1/1}"><i class="bullhorn icon"></i> Level-1-1</a></div>                             <div><a th:href="@{/level1/2}"><i class="bullhorn icon"></i> Level-1-2</a></div>                             <div><a th:href="@{/level1/3}"><i class="bullhorn icon"></i> Level-1-3</a></div>                         </div>                     </div>                 </div>             </div>              <div class="column">                 <div class="ui raised segment" sec:authorize="hasAuthority('2')">                     <div class="ui">                         <div class="content">                             <h5 class="content">Level 2</h5>                             <hr>                             <div><a th:href="@{/level2/1}"><i class="bullhorn icon"></i> Level-2-1</a></div>                             <div><a th:href="@{/level2/2}"><i class="bullhorn icon"></i> Level-2-2</a></div>                             <div><a th:href="@{/level2/3}"><i class="bullhorn icon"></i> Level-2-3</a></div>                         </div>                     </div>                 </div>             </div>              <div class="column">                 <div class="ui raised segment" sec:authorize="hasAuthority('3')">                     <div class="ui">                         <div class="content">                             <h5 class="content">Level 3</h5>                             <hr>                             <div><a th:href="@{/level3/1}"><i class="bullhorn icon"></i> Level-3-1</a></div>                             <div><a th:href="@{/level3/2}"><i class="bullhorn icon"></i> Level-3-2</a></div>                             <div><a th:href="@{/level3/3}"><i class="bullhorn icon"></i> Level-3-3</a></div>                         </div>                     </div>                 </div>             </div>          </div>     </div>  </div>   <script th:src="@{/qinjiang/js/jquery-3.1.1.min.js}"></script> <script th:src="@{/qinjiang/js/semantic.min.js}"></script>  </body> </html> 
采用狂神页面和 SpringSecurity+MybatisPlus实现Web权限控制

效果

采用狂神页面和 SpringSecurity+MybatisPlus实现Web权限控制 采用狂神页面和 SpringSecurity+MybatisPlus实现Web权限控制

项目地址

码云

版权声明:玥玥 发表于 2021-05-20 18:37:17。
转载请注明:采用狂神页面和 SpringSecurity+MybatisPlus实现Web权限控制 | 女黑客导航