1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
|
@EnableWebSecurity
public class SpringSecurityConf extends WebSecurityConfigurerAdapter {
@Resource
private UserService userService;
@Override
protected void configure(HttpSecurity http) throws Exception {
http.cors().configurationSource(request -> {
CorsConfiguration c = new CorsConfiguration();
c.setAllowedOrigins(Arrays.asList("http://192.168.31.114", "*"));
c.setAllowedMethods(Arrays.asList("POST", "GET", "OPTIONS", "PUT"));
c.setAllowCredentials(true);
c.setMaxAge(1800L);
return c;
});
http.headers().frameOptions().disable();
http.headers().cacheControl().disable();
http.csrf().disable();
http.logout()
.logoutUrl("/system/logout")
.logoutSuccessHandler((request, response, authentication) -> {
String str = "{\"s\":\"1\",\"r\":\"login out success\"}";
sendOut(str, response);
});
http.formLogin().loginPage("/").loginProcessingUrl("/system/login")
.successHandler((request, response, authentication) -> {
String str = "{\"s\":\"1\",\"r\":\"login success\"}";
sendOut(str, response);
})
.failureHandler((request, response, exception) -> {
String str = "{\"s\":\"0\",\"r\":\"" + exception.getMessage() + "\"}";
sendOut(str, response);
});
http.exceptionHandling().authenticationEntryPoint((request, response, authException) -> sendOut("{\"s\":\"0\",\"r\":\"not login\"}", response));
TokenBasedRememberMeServices rememberMeServices = new TokenBasedRememberMeServices("TokenBasedRememberMeServicesKey$#&^$", userDetailsService);
rememberMeServices.setAlwaysRemember(true);
rememberMeServices.setCookieName("system.rememberMe");
http.rememberMe().rememberMeServices(rememberMeServices).key("TokenBasedRememberMeServicesKey$#&^$");
http.authorizeRequests().antMatchers("/", "/login", "/**/*.ico").permitAll();
http.authorizeRequests().anyRequest().authenticated();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder);
}
private UserDetailsService userDetailsService = username -> {
com.test.User userByUserName = userService.getUserByUserName(username);
if (userByUserName == null) {
throw new UsernameNotFoundException(username);
}
return new UserAdv(userByUserName);
};
private PasswordEncoder passwordEncoder = new PasswordEncoder() {
@Override
public String encode(CharSequence rawPassword) {
return UserService.securityPassword(rawPassword.toString());
}
@Override
public boolean matches(CharSequence rawPassword, String encodedPassword) {
return encode(rawPassword).equals(encodedPassword);
}
};
private static void sendOut(String str, HttpServletResponse response) throws IOException {
if (response != null && !response.isCommitted()) {
response.setContentType("application/json;charset=utf-8");
try (OutputStream out = response.getOutputStream()) {
out.write(str.getBytes(StandardCharsets.UTF_8));
response.flushBuffer();
}
}
}
}
|