Loading... 以下内容是基于**Security 5.7**所编写。 当用户登录时,Spring Security会根据用户名调用UserDetailsService的loadUserByUsername方法来获取该用户的详细信息,其中包括加密后的密码。然后,Spring Security会将用户输入的密码进行加密,再将其与从UserDetailsService返回的加密后的密码进行比较。如果密码匹配,则认为用户已通过身份验证,否则会返回身份验证失败的错误信息。 ```java @Service @Transactional public class UserServiceImpl implements UserDetailsService { private static final Logger logger = LoggerFactory.getLogger(UserServiceImpl.class); private UserMapper userMapper; private AuthorityMapper authorityMapper; private UserAuthorityMapper userAuthorityMapper; @Autowired public void setUserMapper(UserMapper userMapper) { this.userMapper = userMapper; } @Autowired public void setAuthorityMapper(AuthorityMapper authorityMapper) { this.authorityMapper = authorityMapper; } @Autowired public void setUserAuthorityMapper(UserAuthorityMapper userAuthorityMapper) { this.userAuthorityMapper = userAuthorityMapper; } @Bean public PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(); } // 用户登录方法 @Override public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { // 获取用户对象 QueryWrapper<User> userQueryWrapper = new QueryWrapper<>(); userQueryWrapper.eq("username", username); User user = userMapper.selectOne(userQueryWrapper); if (user == null) { logger.warn("User: " + username + " not found"); throw new UsernameNotFoundException("User not found"); } else { // 获取用户对应的authorityId QueryWrapper<UserAuthority> userAuthorityQueryWrapper = new QueryWrapper<>(); userAuthorityQueryWrapper.eq("user_id", user.getId()); UserAuthority userAuthority = userAuthorityMapper.selectOne(userAuthorityQueryWrapper); // 获取用户对应的authority QueryWrapper<Authority> authorityQueryWrapper = new QueryWrapper<>(); authorityQueryWrapper.eq("id", userAuthority.getAuthorityId()); Authority authority = authorityMapper.selectOne(authorityQueryWrapper); logger.info("Now user: " + user.getUsername() + " login!" + " Role: " + authority.getAuthority()); logger.info("User info:" + SecurityContextHolder.getContext().getAuthentication()); return org.springframework.security.core.userdetails.User.builder() .username(user.getUsername()) .password(user.getPassword()) .authorities(authority.getAuthority()) .build(); } } } ``` Last modification:May 8, 2023 © Allow specification reprint Support Appreciate the author AliPayWeChat Like If you think my article is useful to you, please feel free to appreciate