Spring Security 6.1.2 认证 配置

UserDetail

package com.mqb.springsecurity.domain.entities;

import com.baomidou.mybatisplus.annotation.IdType;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import java.io.Serializable;
import java.util.Collection;
import java.util.Date;
import lombok.Getter;
import lombok.Setter;
import lombok.experimental.Accessors;
import lombok.experimental.FieldNameConstants;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

/**
 * 用户
 *
 * @author qingbo.ma
 * @since 2023-08-07
 */
@Getter
@Setter
@Accessors(chain = true)
@TableName("user")
@FieldNameConstants
public class User implements Serializable, UserDetails {

    private static final long serialVersionUID = 1L;

    /**
     * 主键ID
     */
    @TableId(value = "id", type = IdType.AUTO)
    private Long id;

    /**
     * 用户名
     */
    @TableField("username")
    private String username;

    /**
     * 密码
     */
    @TableField("`password`")
    private String password;

    /**
     * 姓名
     */
    @TableField("full_name")
    private String fullName;

    /**
     * 性别
     */
    @TableField("gender")
    private String gender;

    /**
     * 部门ID
     */
    @TableField("dept_id")
    private Long deptId;

    /**
     * 邮箱地址
     */
    @TableField("email_address")
    private String emailAddress;

    /**
     * 手机号码
     */
    @TableField("phone_number")
    private String phoneNumber;

    /**
     * 头像链接
     */
    @TableField("profile_picture")
    private String profilePicture;

    /**
     * 创建时间
     */
    @TableField("create_time")
    private Date createTime;

    /**
     * 修改时间
     */
    @TableField("update_time")
    private Date updateTime;


    public static final String ID = "id";

    public static final String USERNAME = "username";

    public static final String PASSWORD = "password";

    public static final String FULL_NAME = "full_name";

    public static final String GENDER = "gender";

    public static final String DEPT_ID = "dept_id";

    public static final String EMAIL_ADDRESS = "email_address";

    public static final String PHONE_NUMBER = "phone_number";

    public static final String PROFILE_PICTURE = "profile_picture";

    public static final String CREATE_TIME = "create_time";

    public static final String UPDATE_TIME = "update_time";

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return null;
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    @Override
    public boolean isEnabled() {
        return true;
    }
}

UserDetailsService

我实现了UserDetailsService (loadUserByUsername通过用户名查用户) 以及UserDetailsPasswordService(updatePassword)更改密码

package com.mqb.springsecurity.app.service.impl;

import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
import com.mqb.springsecurity.domain.entities.User;
import com.mqb.springsecurity.infra.mapper.UserMapper;
import com.mqb.springsecurity.app.service.IUserService;
import com.baomidou.mybatisplus.extension.service.impl.ServiceImpl;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsPasswordService;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

/**
 * <p>
 * 用户 服务实现类
 * </p>
 *
 * @author qingbo.ma
 * @since 2023-08-07
 */
@Service
@RequiredArgsConstructor
public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements IUserService, UserDetailsService, UserDetailsPasswordService {

    private final UserMapper userMapper;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        User user = userMapper.selectOne(new QueryWrapper<User>().eq(User.Fields.username, username));
        if (user == null) {
            throw new UsernameNotFoundException("用户名未找到");
        }
        return user;
    }

    /**
     * 修改密码
     * @param user
     * @param newPassword
     * @return
     */

    @Override
    public UserDetails updatePassword(UserDetails user, String newPassword) {
        User userDb = userMapper.selectOne(new QueryWrapper<User>().eq(User.Fields.username, user.getUsername()));
        userDb.setPassword(newPassword);
        userMapper.updateById(userDb);
        return userDb;
    }
}

SecurityConfig

@EnableWebSecurity
@RequiredArgsConstructor
public class SecurityConfig {
    private final AuthenticationConfiguration authenticationConfiguration;
    private final UserDetailsService userDetailService;
    private final DataSource datasource;


    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();

    }
    @Bean
    public DaoAuthenticationProvider daoAuthenticationProvider() {
        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
        provider.setUserDetailsService(userDetailService);
        provider.setHideUserNotFoundExceptions(false);
        provider.setPasswordEncoder(passwordEncoder());
        return provider;
    }
}