首页 友情链接

Spring Security - 从数据库中检索用户信息(二)

时间 2021/5/28 16:21:08 加载中...

修改为从数据库访问

这里将之前的直接返回一个用户,修改为从数据库访问并返回

  1. public class CustomUserService implements UserDetailsService {
  4.     @Override
  5.     public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
  6.         try {
  9.             com.example.demo.model.userInfo.User userDb = userService.getUserByUserCode(userName);
  11.             if (userDb == null)
  12.                 throw new UsernameNotFoundException("用户名或密码不正确");
  14.             String encodePassword = userDb.getPassword();
  16.             //String encodePassword = new BCryptPasswordEncoder().encode(password);
  17.             List<GrantedAuthority> authorities = getAuthorities(userName);
  19.             MyUser user = new MyUser(userName, encodePassword, authorities);
  20.             user.setRealName(userDb.getUserName());
  22.             return user;
  24.         } catch (Exception e) {
  25.             throw new UsernameNotFoundException("用户名或密码不正确");
  26.         }
  27.     }
  29.     private List<GrantedAuthority> getAuthorities(String userName) throws Exception {
  31.         List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
  33.         //authorities.add(new SimpleGrantedAuthority("role_user"));
  34.         //data from database
  35.         List<Role> roles = roleService.getRolesByUserCode(userName);
  36.         if (roles != null) {
  37.             roles.forEach(r -> authorities.add(new SimpleGrantedAuthority(r.getRoleName())));
  38.         }
  40.         return authorities;
  41.     }
  42. }
  43. }

userService 和 roleService 自己自由选择数据库访问技术实现即可。

自定义 User 类

另外,这里扩展了 User 类,新增了 realName 昵称

  1. public class MyUser extends User {
  3.     private String realName;
  5.     public MyUser(String username, String password, Collection<? extends GrantedAuthority> authorities) {
  6.         super(username, password, authorities);
  7.     }
  9.     public String getRealName() {
  10.         return realName;
  11.     }
  13.     public void setRealName(String realName) {
  14.         this.realName = realName;
  15.     }
  17.     public MyUserDTO toMyUserDTO() {
  18.         return new MyUserDTO(this.realName, this.getUsername());
  19.     }
  21.     public class MyUserDTO {
  22.         private String realName;
  23.         private String userName;
  25.         public String getRealName() {
  26.             return realName;
  27.         }
  29.         public void setRealName(String realName) {
  30.             this.realName = realName;
  31.         }
  33.         public String getUserName() {
  34.             return userName;
  35.         }
  37.         public void setUserName(String userName) {
  38.             this.userName = userName;
  39.         }
  41.         public MyUserDTO(String realName, String userName) {
  42.             this.realName = realName;
  43.             this.userName = userName;
  44.         }
  45.     }
  46. }

测试

修改数据库的用户信息,验证是否能正常登录

扫码分享
版权说明
作者:SQBER
文章来源:http://www.sqber.com/articles/spring-security-retrive-user-from-db-2.html
本文版权归作者所有,欢迎转载,但未经作者同意必须保留此段声明,且在文章页面明显位置给出原文连接,否则保留追究法律责任的权利。
sqber 2017-2021 冀ICP备17029815 站点地图