package com.config;

import org.springframework.context.annotation.Bean;

import org.springframework.context.annotation.Configuration;

import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;

import org.springframework.security.config.annotation.web.builders.HttpSecurity;

import org.springframework.security.config.annotation.web.builders.WebSecurity;

import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;

import org.springframework.security.core.Authentication;

import org.springframework.security.core.AuthenticationException;

import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

import org.springframework.security.crypto.password.PasswordEncoder;

import org.springframework.security.web.authentication.AuthenticationFailureHandler;

import org.springframework.security.web.authentication.AuthenticationSuccessHandler;

import org.springframework.security.web.authentication.logout.LogoutSuccessHandler;

import javax.servlet.ServletException;

import javax.servlet.http.HttpServletRequest;

import javax.servlet.http.HttpServletResponse;

import java.io.IOException;

import java.io.PrintWriter;

/**

* @author duanbochao

* @creat 2019/8/10

*/

@Configuration

public class SecurityConfigextends WebSecurityConfigurerAdapter {

@Override

? ? protected void configure(AuthenticationManagerBuilder auth)throws Exception {

auth.inMemoryAuthentication()

.withUser("duan").roles("admin").password("$2a$10$BIUDzypA2WNeou0C4XWMqunc0r88UwKZiwA/kmQhYDvhl.vUp3wXu")

.and()

.withUser("zhang").roles("user").password("$2a$10$BIUDzypA2WNeou0C4XWMqunc0r88UwKZiwA/kmQhYDvhl.vUp3wXu");

}

@Bean

? ? PasswordEncoder? passwordEncoder(){

return new BCryptPasswordEncoder();

}

@Override

? ? protected void configure(HttpSecurity http)throws Exception {

http

.authorizeRequests()//開啟登錄配置

? ? ? ? ? ? ? ? .antMatchers("/hello").hasRole("admin")//表示訪問 /hello 這個(gè)接口，需要具備 admin 這個(gè)角色

? ? ? ? ? ? ? ? .antMatchers("/index").hasRole("admin")//表示訪問 /hello 這個(gè)接口，需要具備 admin 這個(gè)角色

? ? ? ? ? ? ? ? .anyRequest().authenticated()//表示剩余的其他接口，登錄之后只要是登錄的人都能訪問

? ? ? ? ? ? ? ? .and()//定義登錄頁(yè)面，未登錄時(shí)，訪問一個(gè)需要登錄之后才能訪問的接口，會(huì)自動(dòng)跳轉(zhuǎn)到該頁(yè)面

? ? ? ? ? ? ? ? .formLogin().loginPage("/login_p")

//登錄處理接口

? ? ? ? ? ? ? ? .loginProcessingUrl("/doLogin")

//定義登錄時(shí)，用戶名的 key，默認(rèn)為 username

? ? ? ? ? ? ? ? .usernameParameter("username")

//定義登錄時(shí)，用戶密碼的 key，默認(rèn)為 password

? ? ? ? ? ? ? ? .passwordParameter("password")

//登錄成功的處理器

? ? ? ? ? ? ? ? .successHandler(new AuthenticationSuccessHandler() {//登錄成功后的回調(diào)

? ? ? ? ? ? ? ? @Override

? ? ? ? ? ? ? ? public void onAuthenticationSuccess(HttpServletRequest req, HttpServletResponse resp, Authentication authentication)throws IOException, ServletException {

resp.setContentType("application/json;charset=utf-8");

PrintWriter out = resp.getWriter();

out.write("success!");

out.flush();

}

})

.failureHandler(new AuthenticationFailureHandler() {//登錄失敗后的回調(diào)

? ? ? ? ? ? ? ? @Override

? ? ? ? ? ? ? ? public void onAuthenticationFailure(HttpServletRequest req, HttpServletResponse resp, AuthenticationException e)throws IOException, ServletException {

resp.setContentType("application/json;charset=utf-8");

PrintWriter out = resp.getWriter();

out.write("fail");

out.flush();

}

})

.permitAll()

.and()

.logout()

.logoutUrl("/logout")

.logoutSuccessHandler(new LogoutSuccessHandler() {//注銷成功后的回調(diào)

? ? ? ? ? ? ? ? @Override

? ? ? ? ? ? ? ? public void onLogoutSuccess(HttpServletRequest req, HttpServletResponse resp, Authentication authentication)throws IOException, ServletException {

resp.setContentType("application/json;charset=utf-8");

PrintWriter out = resp.getWriter();

out.write("logout success");

out.flush();

}

})

.permitAll()

.and()

.httpBasic()

.and()

.csrf().disable();

}

//放行控制器

? ? @Override

? ? public void configure(WebSecurity web)throws Exception {

web.ignoring().antMatchers("/hello");

web.ignoring().antMatchers("/index");

}

}