parent
c2051b9595
commit
eff1294ca6
@ -1,20 +1,48 @@
|
||||
//实现用户密码的加密存储。==>加上此文件,必须是密文存储
|
||||
|
||||
//实现公开页面
|
||||
package com.kob.backend.config;
|
||||
|
||||
import com.kob.backend.config.filter.JwtAuthenticationTokenFilter;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.authentication.AuthenticationManager;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
|
||||
import org.springframework.security.config.http.SessionCreationPolicy;
|
||||
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
|
||||
public class SecurityConfig {
|
||||
public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||
@Autowired
|
||||
private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
|
||||
|
||||
@Bean
|
||||
public PasswordEncoder passwordEncoder() {
|
||||
return new BCryptPasswordEncoder();//返回加密方法
|
||||
return new BCryptPasswordEncoder();
|
||||
}
|
||||
|
||||
@Bean
|
||||
@Override
|
||||
public AuthenticationManager authenticationManagerBean() throws Exception {
|
||||
return super.authenticationManagerBean();
|
||||
}
|
||||
|
||||
@Override
|
||||
protected void configure(HttpSecurity http) throws Exception {
|
||||
http.csrf().disable()
|
||||
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
|
||||
.and()
|
||||
.authorizeRequests()
|
||||
.antMatchers("/user/account/token/", "/user/account/register/").permitAll()
|
||||
.antMatchers(HttpMethod.OPTIONS).permitAll()
|
||||
.anyRequest().authenticated();
|
||||
|
||||
http.addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -0,0 +1,20 @@
|
||||
package com.kob.backend.controller.user.account;
|
||||
|
||||
import com.kob.backend.service.user.account.InfoService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@RestController
|
||||
public class InfoController {
|
||||
@Autowired
|
||||
private InfoService infoService;
|
||||
|
||||
@GetMapping("/user/account/info/")
|
||||
public Map<String,String> getInfo()
|
||||
{
|
||||
return infoService.getInfo();
|
||||
}
|
||||
}
|
@ -0,0 +1,26 @@
|
||||
package com.kob.backend.controller.user.account;
|
||||
|
||||
import com.kob.backend.service.user.account.RegisterService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.web.bind.annotation.PostMapping;
|
||||
import org.springframework.web.bind.annotation.RequestParam;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@RestController
|
||||
public class RegisterController {
|
||||
|
||||
@Autowired
|
||||
private RegisterService registerService;
|
||||
|
||||
@PostMapping("/user/account/register/")
|
||||
public Map<String,String> register(@RequestParam Map<String,String> map)
|
||||
{
|
||||
String username = map.get("username");
|
||||
String password = map.get("password");
|
||||
String confirmedPassword = map.get("confirmedPassword");
|
||||
return registerService.register(username,password,confirmedPassword);
|
||||
}
|
||||
|
||||
}
|
@ -0,0 +1,33 @@
|
||||
package com.kob.backend.service.impl.user.account;
|
||||
|
||||
import com.kob.backend.pojo.User;
|
||||
import com.kob.backend.service.impl.utils.UserDetailsImpl;
|
||||
import com.kob.backend.service.user.account.InfoService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
@Service
|
||||
public class InfoServiceImpl implements InfoService {
|
||||
@Override
|
||||
public Map<String, String> getInfo() {
|
||||
//获取用户认证
|
||||
UsernamePasswordAuthenticationToken authenticationToken =
|
||||
(UsernamePasswordAuthenticationToken) SecurityContextHolder.getContext().getAuthentication();
|
||||
|
||||
//取出用户(实例化UserDetailsImp类)
|
||||
UserDetailsImpl loginUser = (UserDetailsImpl) authenticationToken.getPrincipal();
|
||||
User user = loginUser.getUser();
|
||||
|
||||
Map<String,String> map = new HashMap<>();
|
||||
map.put("error_message","success");
|
||||
map.put("id",user.getId().toString());
|
||||
map.put("username",user.getUsername());
|
||||
map.put("photo",user.getPhoto());
|
||||
return map;
|
||||
}
|
||||
}
|
@ -0,0 +1,88 @@
|
||||
package com.kob.backend.service.impl.user.account;
|
||||
|
||||
import com.baomidou.mybatisplus.core.conditions.query.QueryWrapper;
|
||||
import com.kob.backend.mapper.UserMapper;
|
||||
import com.kob.backend.pojo.User;
|
||||
import com.kob.backend.service.user.account.RegisterService;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
@Service
|
||||
public class RegisterServiceImpl implements RegisterService {
|
||||
@Autowired
|
||||
private UserMapper userMapper;
|
||||
@Autowired
|
||||
private PasswordEncoder passwordEncoder;
|
||||
|
||||
@Override
|
||||
public Map<String, String> register(String username, String password, String confirmedPassword) {
|
||||
|
||||
Map<String,String> map = new HashMap<>();
|
||||
|
||||
//判断是否有参数
|
||||
if(username == null)
|
||||
{
|
||||
map.put("error_message","用户名不能为空");
|
||||
return map;
|
||||
}
|
||||
|
||||
if(password == null || confirmedPassword == null)
|
||||
{
|
||||
map.put("error_message","密码不能为空");
|
||||
return map;
|
||||
}
|
||||
|
||||
//判断长度是否为
|
||||
username = username.trim();
|
||||
if(username.length() == 0)
|
||||
{
|
||||
map.put("error_message","用户名不能为空");
|
||||
return map;
|
||||
}
|
||||
|
||||
if(password.length() == 0 || confirmedPassword.length() == 0)//密码可以有空格
|
||||
{
|
||||
map.put("error_message","密码不能为空");
|
||||
return map;
|
||||
}
|
||||
|
||||
if(username.length() > 100)
|
||||
{
|
||||
map.put("error_message","用户名长度不能大于100");
|
||||
return map;
|
||||
}
|
||||
if (password.length() > 100 || confirmedPassword.length() > 100) {
|
||||
map.put("error_message", "密码不能大于100");
|
||||
return map;
|
||||
}
|
||||
|
||||
if(password.equals(confirmedPassword) == false)
|
||||
{
|
||||
map.put("error_message","两次密码不相同");
|
||||
return map;
|
||||
}
|
||||
|
||||
//查询用户名是否已经存在
|
||||
QueryWrapper<User> queryWrapper = new QueryWrapper<>();
|
||||
queryWrapper.eq("username",username);
|
||||
List<User> users = userMapper.selectList(queryWrapper);
|
||||
if(!users.isEmpty()){
|
||||
map.put("error_message","用户名已存在");
|
||||
return map;
|
||||
}
|
||||
|
||||
//添加一个用户
|
||||
String encodedPassword = passwordEncoder.encode(password);//密码
|
||||
String photo = "https://cdn.acwing.com/media/user/profile/photo/85918_lg_5ed2550a14.png";
|
||||
User user = new User(null,username,encodedPassword,photo);
|
||||
userMapper.insert(user);
|
||||
map.put("error_message","success");
|
||||
|
||||
return map;
|
||||
}
|
||||
}
|
@ -0,0 +1,11 @@
|
||||
package com.kob.backend.service.user.account;
|
||||
//根据令牌返回用户信息
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@Service
|
||||
public interface InfoService {
|
||||
public Map<String,String> getInfo();
|
||||
}
|
||||
|
@ -0,0 +1,10 @@
|
||||
package com.kob.backend.service.user.account;
|
||||
//注册账号
|
||||
import org.springframework.stereotype.Service;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
@Service
|
||||
public interface RegisterService {
|
||||
public Map<String, String> register(String username, String password, String confirmedPassword);
|
||||
}
|
@ -0,0 +1,63 @@
|
||||
//JwtUtil 类为jwt 工具类 用来创建、解析 jwt token
|
||||
package com.kob.backend.utils;
|
||||
|
||||
import io.jsonwebtoken.Claims;
|
||||
import io.jsonwebtoken.JwtBuilder;
|
||||
import io.jsonwebtoken.Jwts;
|
||||
import io.jsonwebtoken.SignatureAlgorithm;
|
||||
import org.springframework.stereotype.Component;
|
||||
|
||||
import javax.crypto.SecretKey;
|
||||
import javax.crypto.spec.SecretKeySpec;
|
||||
import java.util.Base64;
|
||||
import java.util.Date;
|
||||
import java.util.UUID;
|
||||
|
||||
@Component
|
||||
public class JwtUtil {
|
||||
public static final long JWT_TTL = 60 * 60 * 1000L * 24 * 14; // 有效期14天
|
||||
public static final String JWT_KEY = "SDFGjhdsfalshdfHFdsjkdsfds121232131afasdfac";//密钥
|
||||
|
||||
public static String getUUID() {
|
||||
return UUID.randomUUID().toString().replaceAll("-", "");
|
||||
}
|
||||
|
||||
public static String createJWT(String subject) {
|
||||
JwtBuilder builder = getJwtBuilder(subject, null, getUUID());
|
||||
return builder.compact();
|
||||
}
|
||||
|
||||
private static JwtBuilder getJwtBuilder(String subject, Long ttlMillis, String uuid) {
|
||||
SignatureAlgorithm signatureAlgorithm = SignatureAlgorithm.HS256;
|
||||
SecretKey secretKey = generalKey();
|
||||
long nowMillis = System.currentTimeMillis();
|
||||
Date now = new Date(nowMillis);
|
||||
if (ttlMillis == null) {
|
||||
ttlMillis = JwtUtil.JWT_TTL;
|
||||
}
|
||||
|
||||
long expMillis = nowMillis + ttlMillis;
|
||||
Date expDate = new Date(expMillis);
|
||||
return Jwts.builder()
|
||||
.setId(uuid)
|
||||
.setSubject(subject)
|
||||
.setIssuer("sg")
|
||||
.setIssuedAt(now)
|
||||
.signWith(signatureAlgorithm, secretKey)
|
||||
.setExpiration(expDate);
|
||||
}
|
||||
|
||||
public static SecretKey generalKey() {
|
||||
byte[] encodeKey = Base64.getDecoder().decode(JwtUtil.JWT_KEY);
|
||||
return new SecretKeySpec(encodeKey, 0, encodeKey.length, "HmacSHA256");
|
||||
}
|
||||
|
||||
public static Claims parseJWT(String jwt) throws Exception {
|
||||
SecretKey secretKey = generalKey();
|
||||
return Jwts.parserBuilder()
|
||||
.setSigningKey(secretKey)
|
||||
.build()
|
||||
.parseClaimsJws(jwt)
|
||||
.getBody();
|
||||
}
|
||||
}
|
After Width: | Height: | Size: 96 KiB |
Loading…
Reference in new issue