<dependencies>
  <!-- security -->
  <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-security</artifactId>
  </dependency>
  <!-- thymeleaf -->
  <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-thymeleaf</artifactId>
  </dependency>
  <!-- web -->
  <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-web</artifactId>
  </dependency>
  <!-- tomcat -->
  <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-tomcat</artifactId>
    <scope>provided</scope>
  </dependency>
  <!-- lombok -->
  <dependency>
    <groupId>org.projectlombok</groupId>
    <artifactId>lombok</artifactId>
  </dependency>
  <!-- test -->
  <dependency>
    <groupId>org.springframework.boot</groupId>
    <artifactId>spring-boot-starter-test</artifactId>
  </dependency>
</dependencies>

package zw.springboot.controller;

import lombok.SneakyThrows;
import org.json.JSONObject;
import org.springframework.security.core.Authentication;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;

/**
 * @className LoginSuccessHandler
 * @description 登錄成功處理器
 * @author 周威
 * @date 2020-09-03 13:50
 **/
@Component
public class LoginSuccessHandler implements AuthenticationSuccessHandler
{

  @SneakyThrows
  @Override
  public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException
  {
    // 設(shè)置response緩沖區(qū)字符集
    response.setCharacterEncoding("UTF-8");
    // 定義一個JSONObject對象
    JSONObject object = new JSONObject();
    // 填寫登錄成功響應(yīng)信息
    object.put("code", 1);
    object.put("msg", "登錄成功");
    // 設(shè)置響應(yīng)頭
    response.setContentType("application/json;charset=utf-8");
    // 獲得打印輸出流
    PrintWriter pw = response.getWriter();
    // 向客戶端寫入一個字符串
    pw.print(object.toString());
    // 關(guān)閉流資源
    pw.close();
  }
}

package zw.springboot.controller;

import lombok.SneakyThrows;
import org.json.JSONObject;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.stereotype.Component;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;

/**
 * @className LoginErrorHandler
 * @description 登錄失敗處理器
 * @author 周威
 * @date 2020-09-03 13:57
 **/
@Component
public class LoginErrorHandler implements AuthenticationFailureHandler
{
  @SneakyThrows
  @Override
  public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException authenticationException) throws IOException, ServletException
  {
    // 設(shè)置response緩沖區(qū)字符集
    response.setCharacterEncoding("UTF-8");
    // 定義一個JSONObject對象
    JSONObject object = new JSONObject();
    // 填寫登錄失敗響應(yīng)信息
    object.put("code", -1);
    object.put("msg", "登錄失敗");
    // 設(shè)置響應(yīng)頭
    response.setContentType("application/json;charset=utf-8");
    // 獲得打印輸出流
    PrintWriter pw = response.getWriter();
    // 向客戶端寫入一個字符串
    pw.print(object.toString());
    // 關(guān)閉流資源
    pw.close();
  }
}

package zw.springboot.config;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;
import org.springframework.security.web.authentication.AuthenticationFailureHandler;
import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

/**
 * @className SpringSecurityConfig
 * @description 安全人認(rèn)證配置類
 * @author 周威
 * @date 2020-09-03 13:42
 **/
@EnableWebSecurity
public class SpringSecurityConfig extends WebSecurityConfigurerAdapter
{
  @Autowired
  private AuthenticationSuccessHandler loginSuccessHandler;

  @Autowired
  private AuthenticationFailureHandler loginErrorHandler;

  // 定義用戶信息服務(wù)
  @Bean
  @Override
  protected UserDetailsService userDetailsService()
  {
    InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
    // 模擬兩個用戶身份
    manager.createUser(User.withUsername("admin").password(passwordEncoder().encode("123456")).authorities("p1").build());
    manager.createUser(User.withUsername("user").password(passwordEncoder().encode("654321")).authorities("p2").build());
    return manager;
  }

  // 定義密碼加密器
  @Bean
  public PasswordEncoder passwordEncoder()
  {
    return new BCryptPasswordEncoder();
  }

  // 定義攔截機(jī)制
  @Override
  protected void configure(HttpSecurity http) throws Exception
  {
    http
        .authorizeRequests()
        // 設(shè)置哪些請求需要認(rèn)證
        .antMatchers("/**").authenticated()
    .and()
        // 啟用表單登錄認(rèn)證
        .formLogin()
        // 指定登錄成功處理器
        .successHandler(loginSuccessHandler)
        // 指定登錄失敗處理器
        .failureHandler(loginErrorHandler);
  }
}