modify BCryptPasswordEncoder

527515025 · 527515025 · commit ad2292639ae7 · 2017-03-02T13:15:21.000+08:00
diff --git a/springboot-springSecurity2/src/main/java/com/us/example/config/WebSecurityConfig.java b/springboot-springSecurity2/src/main/java/com/us/example/config/WebSecurityConfig.java
@@ -1,21 +1,15 @@
 package com.us.example.config;
 
 import com.us.example.security.CustomUserService;
-import com.us.example.util.MD5Util;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
-import org.springframework.security.config.annotation.web.servlet.configuration.EnableWebMvcSecurity;
-import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 
 /**
  * Created by yangyibo on 17/1/18.
@@ -31,17 +25,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     @Autowired
     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
-        auth.userDetailsService(customUserService).passwordEncoder(new PasswordEncoder(){
-
-            @Override
-            public String encode(CharSequence rawPassword) {
-                return MD5Util.encode((String)rawPassword);
-            }
-
-            @Override
-            public boolean matches(CharSequence rawPassword, String encodedPassword) {
-                return encodedPassword.equals(MD5Util.encode((String)rawPassword));
-            }}); //user Details Service验证
+        auth.userDetailsService(customUserService).passwordEncoder(new BCryptPasswordEncoder());
     }
 
     @Override
diff --git a/springboot-springSecurity2/src/main/java/com/us/example/controller/HomeController.java b/springboot-springSecurity2/src/main/java/com/us/example/controller/HomeController.java
@@ -1,7 +1,12 @@
 package com.us.example.controller;
 
+import com.us.example.dao.UserDao;
+import com.us.example.domain.SysUser;
+import com.us.example.service.UserService;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.annotation.Secured;
 import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.ResponseBody;
@@ -12,6 +17,8 @@
 @Controller
 @RequestMapping("/users")
 public class HomeController {
+    @Autowired
+    UserService userService;
 
     @RequestMapping(method = RequestMethod.GET)
     @ResponseBody
@@ -22,8 +29,8 @@ public String getUsers() {
     @Secured({"ROLE_ADMIN","ROLE_USER"})
     @RequestMapping(method = RequestMethod.POST)
     @ResponseBody
-    public String save() {
-        return "saveUser";
+    public Object save(@RequestBody SysUser user) {
+        return  userService.create(user);
     }
 
 
diff --git a/springboot-springSecurity2/src/main/java/com/us/example/dao/UserDao.java b/springboot-springSecurity2/src/main/java/com/us/example/dao/UserDao.java
@@ -4,5 +4,7 @@
 
 
 public interface UserDao {
-    public SysUser findByUserName(String username);
+     SysUser findByUserName(String username);
+
+     int create (SysUser sysUser);
 }
diff --git a/springboot-springSecurity2/src/main/java/com/us/example/domain/SysUser.java b/springboot-springSecurity2/src/main/java/com/us/example/domain/SysUser.java
@@ -16,6 +16,8 @@ public class SysUser implements UserDetails {  // implements UserDetails 用于
     private String username;
     @JsonIgnore
     private String password;
+    private String rawPassword;
+    @JsonIgnore
     private List<SysRole> roles;
     private List<? extends GrantedAuthority> authorities;
 
@@ -52,16 +54,27 @@ public void setRoles(List<SysRole> roles) {
         this.roles = roles;
     }
 
+    public String getRawPassword() {
+        return rawPassword;
+    }
+
+    public void setRawPassword(String rawPassword) {
+        this.rawPassword = rawPassword;
+    }
+
+
     @JsonIgnore
     @Override
     public boolean isAccountNonExpired() {
         return true;
     }
+
     @JsonIgnore
     @Override
     public boolean isAccountNonLocked() {
         return true;
     }
+
     @JsonIgnore
     @Override
     public boolean isCredentialsNonExpired() {
@@ -74,11 +87,13 @@ public boolean isCredentialsNonExpired() {
     public boolean isEnabled() {
         return true;
     }
+
     @JsonIgnore
     @Override
     public Collection<? extends GrantedAuthority> getAuthorities() {
         return authorities;
     }
+
     public void setGrantedAuthorities(List<? extends GrantedAuthority> authorities) {
         this.authorities = authorities;
     }
diff --git a/springboot-springSecurity2/src/main/java/com/us/example/service/UserService.java b/springboot-springSecurity2/src/main/java/com/us/example/service/UserService.java
@@ -0,0 +1,25 @@
+package com.us.example.service;
+
+import com.us.example.dao.UserDao;
+import com.us.example.domain.SysUser;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.stereotype.Service;
+
+/**
+ * Created by yangyibo on 17/3/2.
+ */
+@Service
+public class UserService {
+    @Autowired
+    UserDao userDao;
+
+    public SysUser create(SysUser sysUser){
+        //进行加密
+        BCryptPasswordEncoder encoder =new BCryptPasswordEncoder();
+        sysUser.setPassword(encoder.encode(sysUser.getRawPassword().trim()));
+        userDao.create(sysUser);
+    return sysUser;
+    }
+
+}
diff --git a/springboot-springSecurity2/src/main/java/com/us/example/util/BCryptPasswordEncoderTest.java b/springboot-springSecurity2/src/main/java/com/us/example/util/BCryptPasswordEncoderTest.java
@@ -0,0 +1,15 @@
+package com.us.example.util;
+
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+
+/**
+ * Created by yangyibo on 17/3/2.
+ */
+public class BCryptPasswordEncoderTest {
+    public static void main(String[] args) {
+
+        BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
+        System.out.println(encoder.encode("abel"));
+        System.out.println(encoder.encode("admin"));
+    }
+}
diff --git a/springboot-springSecurity2/src/main/java/com/us/example/util/MD5Util.java b/springboot-springSecurity2/src/main/java/com/us/example/util/MD5Util.java
diff --git a/springboot-springSecurity2/src/main/resources/mapper/UserDaoMapper.xml b/springboot-springSecurity2/src/main/resources/mapper/UserDaoMapper.xml
@@ -18,4 +18,14 @@
         LEFT JOIN Sys_Role r on sru.Sys_Role_id=r.id
         where username= #{username}
 	</select>
+
+    <insert id="create" parameterType="com.us.example.domain.SysUser">
+        <selectKey resultType="int"  order="AFTER" keyProperty="id" >
+            SELECT LAST_INSERT_ID()
+        </selectKey>
+       INSERT into Sys_User
+       (username,password)
+       values
+       (#{username},#{password})
+    </insert>
 </mapper>

Original file line number	Diff line number	Diff line change
`@@ -4,5 +4,7 @@`
`4`	`4`
`5`	`5`
`6`	`6`	`public interface UserDao {`
`7`		`- public SysUser findByUserName(String username);`
	`7`	`+ SysUser findByUserName(String username);`
	`8`	`+`
	`9`	`+ int create (SysUser sysUser);`
`8`	`10`	`}`