itbaima-study/itbaima-forum-session
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

实现记住我

Browse Source
This commit is contained in:
NagoColer 2023-04-10 20:39:28 +08:00
parent 18f5fc9661
commit 7169bef83a
1 changed files with 21 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
study-project-backend/src/main/java/com/example/config/SecurityConfiguration.java
View File

@ -16,10 +16,13 @@ import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException; import org.springframework.security.core.AuthenticationException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain; import org.springframework.security.web.SecurityFilterChain;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import org.springframework.web.cors.CorsConfiguration; import org.springframework.web.cors.CorsConfiguration;
import org.springframework.web.cors.CorsConfigurationSource; import org.springframework.web.cors.CorsConfigurationSource;
import org.springframework.web.cors.UrlBasedCorsConfigurationSource; import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
import javax.sql.DataSource;
import java.io.IOException; import java.io.IOException;
@Configuration @Configuration
@ -29,8 +32,12 @@ public class SecurityConfiguration {
@Resource @Resource
AuthorizeService authorizeService; AuthorizeService authorizeService;
@Resource
DataSource dataSource;
@Bean @Bean
public SecurityFilterChain filterChain(HttpSecurity http) throws Exception { public SecurityFilterChain filterChain(HttpSecurity http,
PersistentTokenRepository repository) throws Exception {
return http return http
.authorizeHttpRequests() .authorizeHttpRequests()
.anyRequest().authenticated() .anyRequest().authenticated()
@ -44,6 +51,11 @@ public class SecurityConfiguration {
.logoutUrl("/api/auth/logout") .logoutUrl("/api/auth/logout")
.logoutSuccessHandler(this::onAuthenticationSuccess) .logoutSuccessHandler(this::onAuthenticationSuccess)
.and() .and()
.rememberMe()
.rememberMeParameter("remember")
.tokenRepository(repository)
.tokenValiditySeconds(3600 * 24 * 7)
.and()
.csrf() .csrf()
.disable() .disable()
.cors() .cors()
@ -55,6 +67,14 @@ public class SecurityConfiguration {
.build(); .build();
} }
@Bean
public PersistentTokenRepository tokenRepository(){
JdbcTokenRepositoryImpl jdbcTokenRepository = new JdbcTokenRepositoryImpl();
jdbcTokenRepository.setDataSource(dataSource);
jdbcTokenRepository.setCreateTableOnStartup(false);
return jdbcTokenRepository;
}
private CorsConfigurationSource corsConfigurationSource() { private CorsConfigurationSource corsConfigurationSource() {
CorsConfiguration cors = new CorsConfiguration(); CorsConfiguration cors = new CorsConfiguration();
cors.addAllowedOriginPattern("*"); cors.addAllowedOriginPattern("*");