目录
2、创建application.yml配置文件,编写druid的配置,以及在application.properties里面配置mybatis
5、mapper里面编写UserMapper接口,并写一个查询方法
6、在resources下面创建的mybatis\mapper里面编写UserMapper.xml实现UserMapper类里面的方法?
7、在service里面编写UserService接口和UserServiceImpl实现类?
11、在整合mybatis和添加druid的步骤中,不需要对MyController和ShiroConfig两个类进行改变
注意:整个项目到目前为止,需要注意一些类或接口里面的spring的注解。(很重要)
在springboot-07-shiro配置好了登录认证的基础上做的改变,就是添加了真实数据库,用户名、密码从数据库中取出。以及加上了driud数据源
1、导入需要的包、依赖
2、创建application.yml配置文件,编写druid的配置,以及在application.properties里面配置mybatis
3、连接数据库mybatis,并补充完整项目的包目录
pojo、mapper、service
4、在pojo里面编写User类
5、mapper里面编写UserMapper接口,并写一个查询方法
6、在resources下面创建的mybatis\mapper里面编写UserMapper.xml实现UserMapper类里面的方法?
7、在service里面编写UserService接口和UserServiceImpl实现类?
8、在测试类先测试一下?
测试ok,代表底层代码没问题
9、底层测试完没问题之后,就去改造UserRealm类
因为是从UserRealm类这一步开始从数据库中拿数据,之前的是伪造的数据
10、效果
数据库中的数据
?
11、在整合mybatis和添加druid的步骤中,不需要对MyController和ShiroConfig两个类进行改变
12、主要代码
12.1、pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-parent</artifactId>
<version>2.7.4</version>
<relativePath/> <!-- lookup parent from repository -->
</parent>
<groupId>com.zhou</groupId>
<artifactId>shiro-springboot</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>shiro-springboot</name>
<description>shiro-springboot</description>
<properties>
<java.version>1.8</java.version>
</properties>
<dependencies>
<!-- Subject:用户
SecurityManager:管理所有用户
Realm: 连接数据
-->
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
</dependency>
<!-- druid -->
<dependency>
<groupId>com.alibaba</groupId>
<artifactId>druid</artifactId>
<version>1.1.21</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
</dependency>
<!-- mybatis-spring-boot-starter :整合-->
<dependency>
<groupId>org.mybatis.spring.boot</groupId>
<artifactId>mybatis-spring-boot-starter</artifactId>
<version>2.1.1</version>
</dependency>
<dependency>
<groupId>org.projectlombok</groupId>
<artifactId>lombok</artifactId>
</dependency>
<!-- shiro整合spring的包-->
<!-- https://mvnrepository.com/artifact/org.apache.shiro/shiro-spring -->
<dependency>
<groupId>org.apache.shiro</groupId>
<artifactId>shiro-spring</artifactId>
<version>1.4.1</version>
</dependency>
<!-- thymeleaf模板-->
<dependency>
<groupId>org.thymeleaf</groupId>
<artifactId>thymeleaf-spring5</artifactId>
</dependency>
<dependency>
<groupId>org.thymeleaf.extras</groupId>
<artifactId>thymeleaf-extras-java8time</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-test</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-maven-plugin</artifactId>
</plugin>
</plugins>
</build>
</project>
12.2、application.yml
spring:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
# 假如时区报错了,就增加一个时区的配置就ok了 serverTimezone=UTC
url: jdbc:mysql://localhost:3306/mybatis?serverTimezone=UTC&useUnicode=true&characterEncoding=utf-8
username: root
password: 123456
type: com.alibaba.druid.pool.DruidDataSource # 自定义源数据
#Spring Boot 默认是不注入这些属性值的,需要自己绑定
#druid 数据源专有配置
initialSize: 5
minIdle: 5
maxActive: 20
maxWait: 60000
timeBetweenEvictionRunsMillis: 60000
minEvictableIdleTimeMillis: 300000
validationQuery: SELECT 1 FROM DUAL
testWhileIdle: true
testOnBorrow: false
testOnReturn: false
poolPreparedStatements: true
#配置监控统计拦截的filters,stat:监控统计、log4j:日志记录、wall:防御sql注入
#如果允许时报错 java.lang.ClassNotFoundException: org.apache.log4j.Priority
#则导入 log4j 依赖即可,Maven 地址:https://mvnrepository.com/artifact/log4j/log4j
filters: stat,wall,log4j
maxPoolPreparedStatementPerConnectionSize: 20
useGlobalDataSourceStat: true
connectionProperties: druid.stat.mergeSql=true;druid.stat.slowSqlMillis=50012.3、UserRealm
package com.zhou.config;
import com.zhou.pojo.User;
import com.zhou.service.UserService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
// 自定义的UserRealm extends AuthorizingRealm
public class UserRealm extends AuthorizingRealm {
@Autowired
UserService userService;
// 授权
@Override
protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
System.out.println("执行了====>授权doGetAuthorizationInfo");
return null;
}
// 认证
@Override
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
System.out.println("执行了====>认证doGetAuthorizationInfo");
// // 用户名,密码 数据库中取出
// String username = "root";
// String password = "123456";
UsernamePasswordToken userToken = (UsernamePasswordToken) token;
// // 用户名判断
// if (!userToken.getUsername().equals(username)){
// return null; // 抛出异常 UnknownAccountException
// }
// 连接真实的数据库
User user = userService.queryUserByName(userToken.getUsername());
if (user == null){ // 没有这个人
return null; // 抛出异常 UnknownAccountException
}
// 可以加密: MD5 MD5盐值加密
// 密码认证 shiro做, 密码加密了
// return new SimpleAuthenticationInfo("",password,"");
return new SimpleAuthenticationInfo("", user.getPwd(), "");
}
}
12.4、MyController
package com.zhou.controller;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.IncorrectCredentialsException;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
public class MyController {
@RequestMapping({"/", "/index"})
public String toIndex(Model model){
model.addAttribute("msg", "hello,shiro");
return "index";
}
@RequestMapping("/user/add")
public String add(){
return "user/add";
}
@RequestMapping("/user/update")
public String update(){
return "user/update";
}
@RequestMapping("/toLogin")
public String toLogin(){
return "login";
}
@RequestMapping("/login")
public String login(String username, String password, Model model){
// 获取当前的用户
Subject subject = SecurityUtils.getSubject();
// 封装用户的登录数据
UsernamePasswordToken token = new UsernamePasswordToken(username, password);
try{
subject.login(token); // 执行登录的方法,如果没有异常就ok
return "index";
}catch (UnknownAccountException e){ // 用户名不存在
model.addAttribute("msg", "用户名错误");
return "login";
}catch (IncorrectCredentialsException e){ // 密码不存在
model.addAttribute("msg", "密码错误");
return "login";
}
}
}
注意:整个项目到目前为止,需要注意一些类或接口里面的spring的注解。(很重要)
controller类里面的@Controller
config类里面的@Configuration
?
?mapper接口里的@Repository,@Mapper
service实现类里的@Service
?
调用接口时的@Autowired
