SpringBoot集成Spring Security(一)登录注销
写在前面
上一节创建了项目并且利用Spring Security完成了登录注销功能,这里继续说一下注册、密码加密和找回密码,代码注释较清晰。
一、web层
控制
StudentController.java
package com.jxnu.os.controller;import com.jxnu.os.model.RespBean;
import com.jxnu.os.model.Student;
import com.jxnu.os.service.StudentService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.*;import java.util.List;/*** @author xiao*/
@RestController
@RequestMapping("/student")
public class StudentController {@AutowiredStudentService studentService;/*** 注册* @param student* @return*/@PostMapping("/register")public RespBean register(Student student) {if(studentService.register(student)){return RespBean.ok("注册成功",student);}else{return RespBean.error("注册失败,用户名已存在");}}/*** 修改密码* @param sno* @param password* @param rePassword* @return*/@PutMapping("/modifyPass")public RespBean modifyPass(String sno,String password,String rePassword) {if(studentService.modifyPass(sno,password,rePassword)){return RespBean.ok("修改成功");}else{return RespBean.error("修改失败,原密码错误");}}}
二、service层
注册时对密码进行加密,修改密码时则需先解密后验证
StudentService.java
package com.jxnu.os.service;import com.jxnu.os.mapper.StudentMapper;
import com.jxnu.os.model.Student;
import com.jxnu.os.utils.StudentUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;import java.util.List;/*** @author xiao*/
@Service
public class StudentService implements UserDetailsService {@AutowiredStudentMapper studentMapper;/*** 注册* @param student* @return*/public boolean register(Student student) {Student existUser = studentMapper.loadUserBySno(student.getUsername());if (existUser != null) {//如果用户名已存在return false;} else {BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();String encode = encoder.encode(student.getPassword());student.setPassword(encode);studentMapper.insert(student);return true;}}/*** 修改密码* @param sno* @param password* @param rePassword* @return*/public boolean modifyPass(String sno,String password,String rePassword) {Student student = studentMapper.loadUserBySno(sno);BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();if(encoder.matches(password,student.getPassword())) {String encode = encoder.encode(rePassword);rePassword = encode;studentMapper.modifyPass(sno,rePassword);return true;}else {return false;}}}
三、mapper层
StudentMapper.java
package com.jxnu.os.mapper;import com.jxnu.os.model.Student;
import org.apache.ibatis.annotations.Param;import java.util.List;/*** @author xiao*/
public interface StudentMapper {int insert(Student student);int modifyPass(String sno,String rePassword);
}
StudentMapper.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN" "http://mybatis.org/dtd/mybatis-3-mapper.dtd" >
<mapper namespace="com.jxnu.os.mapper.StudentMapper"><resultMap id="BaseResultMap" type="com.jxnu.os.model.Student"><id column="id" property="id" jdbcType="INTEGER"/><result column="username" property="username" jdbcType="VARCHAR"/><result column="sno" property="sno" jdbcType="VARCHAR"/><result column="s_sex" property="s_sex" jdbcType="CHAR"/><result column="t_id" property="t_id" jdbcType="INTEGER"/><result column="password" property="password" jdbcType="VARCHAR"/></resultMap><update id="modifyPass" parameterType="com.jxnu.os.model.Student">update student set password = #{rePassword} where sno=#{sno}</update><insert id="insert" parameterType="com.jxnu.os.model.Student">insert into student (username,password)values (#{username,jdbcType=VARCHAR},#{password,jdbcType=VARCHAR})</insert></mapper>