快捷導(dǎo)航

SpringSecurity實(shí)現(xiàn)自定義登錄方式

更新時(shí)間：2024年09月18日 10:06:26 作者：勿語(yǔ)&

本文介紹自定義登錄流程,包括自定義AuthenticationToken、AuthenticationFilter、AuthenticationProvider以及SecurityConfig配置類(lèi),詳細(xì)解析了認(rèn)證流程的實(shí)現(xiàn),為開(kāi)發(fā)人員提供了具體的實(shí)施指導(dǎo)和參考

自定義登錄

定義Token
定義Filter
定義Provider
配置類(lèi)中定義登錄的接口

1.自定義AuthenticationToken

public class EmailAuthenticationToken extends UsernamePasswordAuthenticationToken{

    public EmailAuthenticationToken(Object principal, Object credentials) {
        super(principal, credentials);
    }

    public EmailAuthenticationToken(Object principal, Object credentials, Collection<? extends GrantedAuthority> authorities) {
        super(principal, credentials, authorities);
    }
}

2.自定義AuthenticationFilter

public class EmailAuthenticationFilter extends AbstractAuthenticationProcessingFilter {
    private static final String EMAIL = "email";
    private static final String EMAIL_CODE = "emailCode";
    private boolean postOnly = true;


    public EmailAuthenticationFilter(RequestMatcher requestMatcher) {
        super(requestMatcher);
    }

    @Override
    public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException, IOException, ServletException {
        if (this.postOnly && !request.getMethod().equals("POST")) {
            throw new AuthenticationServiceException("Authentication method not supported: " + request.getMethod());
        } else {
            Map<String, String> map = new ObjectMapper().readValue(request.getInputStream(), Map.class);
            String email = map.get(EMAIL);
            email = email != null ? email : "";
            email = email.trim();
            String emailCode = map.get(EMAIL_CODE);
            emailCode = emailCode != null ? emailCode : "";
            EmailAuthenticationToken emailAuthenticationToken = new EmailAuthenticationToken(email, emailCode);
            this.setDetails(request, emailAuthenticationToken);
            return this.getAuthenticationManager().authenticate(emailAuthenticationToken);
        }
    }

    protected void setDetails(HttpServletRequest request, EmailAuthenticationToken authRequest) {
        authRequest.setDetails(this.authenticationDetailsSource.buildDetails(request));
    }
}

3.自定義AuthenticationProvider

public class EmailAuthenticationProvider implements AuthenticationProvider {
    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        EmailAuthenticationToken emailAuthenticationToken = (EmailAuthenticationToken) authentication;
        String code = emailAuthenticationToken.getCode();
        String email = (String) emailAuthenticationToken.getPrincipal();
        if (email.equals("205564122@qq.com") && code.equals("1234")) {
            SimpleGrantedAuthority simpleGrantedAuthority = new SimpleGrantedAuthority("wuyu");
            return new EmailAuthenticationToken(email, null, List.of(simpleGrantedAuthority));
        }
        throw new InternalAuthenticationServiceException("認(rèn)證失敗");
    }

    @Override
    public boolean supports(Class<?> authentication) {
        return EmailAuthenticationToken.class.isAssignableFrom(authentication);
    }
}

4.定義SecurityConfig配置類(lèi)

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Resource
    private StringRedisTemplate stringRedisTemplate;

    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.csrf().disable();
        http.cors().disable();
        http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
        http.authorizeHttpRequests().anyRequest().permitAll();
        http.logout().logoutSuccessHandler(logoutSuccessHandler());

        // 配置郵箱登錄
        EmailAuthenticationFilter emailAuthenticationFilter = new EmailAuthenticationFilter(new AntPathRequestMatcher("/login/email", "POST"));
        emailAuthenticationFilter.setAuthenticationManager(authenticationManagerBean());
        emailAuthenticationFilter.setAuthenticationSuccessHandler(authenticationSuccessHandler());
        emailAuthenticationFilter.setAuthenticationFailureHandler(authenticationFailureHandler());
        http.addFilterBefore(emailAuthenticationFilter, UsernamePasswordAuthenticationFilter.class);
        http.authenticationProvider(new EmailAuthenticationProvider());
    }

    @Bean
    public AuthenticationSuccessHandler authenticationSuccessHandler() {
        return (request, response, authentication) -> {
            // 1.生成Token
            String token = UUID.randomUUID().toString();
            // 2.將Token和用戶信息存入redis
            stringRedisTemplate.opsForValue().set(AuthConstants.TOKEN_PREFIX + token, JSON.toJSONString(authentication.getPrincipal()), AuthConstants.TOKEN_DURATION);
            // 3.返回Token
            response.setContentType(ResponseConstants.APPLICATION_JSON);
            PrintWriter writer = response.getWriter();
            writer.write(JSON.toJSONString(Result.success(token)));
            writer.flush();
            writer.close();
        };
    }

    @Bean
    public AuthenticationFailureHandler authenticationFailureHandler() {
        return (request, response, exception) -> {
            response.setContentType(ResponseConstants.APPLICATION_JSON);
            PrintWriter writer = response.getWriter();
            writer.write(JSON.toJSONString(Result.fail(exception.getMessage())));
            writer.flush();
            writer.close();
        };
    }

    @Bean
    public LogoutSuccessHandler logoutSuccessHandler() {
        return (request, response, authentication) -> {
            String authorization = request.getHeader(AuthConstants.AUTHORIZATION);
            authorization = authorization.replace(AuthConstants.BEARER, "");
            stringRedisTemplate.delete(AuthConstants.TOKEN_PREFIX + authorization);
            PrintWriter writer = response.getWriter();
            writer.write(JSON.toJSONString(Result.success()));
            writer.flush();
            writer.close();
        };
    }
}