From 82d9daa676eb3b08f892b44f3094ed2c92e06076 Mon Sep 17 00:00:00 2001
From: Chenx221 <chenx221@yandex.com>
Date: Thu, 8 Jun 2023 15:17:56 +0800
Subject: [PATCH] =?UTF-8?q?=E4=B9=B1=E4=B8=83=E5=85=AB=E7=B3=9F=E7=9A=84?=
 =?UTF-8?q?=E6=96=87=E4=BB=B6?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Chenx221 <chenx221@yandex.com>
---
 .../CustomAuthenticationFailureHandler.class  | Bin 0 -> 1614 bytes
 .../service/CustomUserDetailsService.class    | Bin 0 -> 2790 bytes
 .../WEB-INF/classes/spring-security.xml       |  36 ++++++++++++++++++
 .../CustomAuthenticationFailureHandler.java   |  21 ++++++++++
 .../service/CustomUserDetailsService.java     |  35 +++++++++++++++++
 .../src/main/resources/spring-security.xml    |  36 ++++++++++++++++++
 6 files changed, 128 insertions(+)
 create mode 100644 project2/out/artifacts/project2_war_exploded/WEB-INF/classes/cyou/chenx221/handler/CustomAuthenticationFailureHandler.class
 create mode 100644 project2/out/artifacts/project2_war_exploded/WEB-INF/classes/cyou/chenx221/service/CustomUserDetailsService.class
 create mode 100644 project2/out/artifacts/project2_war_exploded/WEB-INF/classes/spring-security.xml
 create mode 100644 project2/src/main/java/cyou/chenx221/handler/CustomAuthenticationFailureHandler.java
 create mode 100644 project2/src/main/java/cyou/chenx221/service/CustomUserDetailsService.java
 create mode 100644 project2/src/main/resources/spring-security.xml

diff --git a/project2/out/artifacts/project2_war_exploded/WEB-INF/classes/cyou/chenx221/handler/CustomAuthenticationFailureHandler.class b/project2/out/artifacts/project2_war_exploded/WEB-INF/classes/cyou/chenx221/handler/CustomAuthenticationFailureHandler.class
new file mode 100644
index 0000000000000000000000000000000000000000..c72671d919ff254e559a3bb1d1683c79c729b868
GIT binary patch
literal 1614
zcmbtUNlz3(6#fd39-tK+MBD*47+gwmcia#qnv7x?GxwgR99n0(#_DQ?o0=#bBr(yL
zc+(gYFRlj>WAyIdP!>=A1LN!N0YzC7y;OC*e)YXq-}~PC{Nw#c07uYOjWU!Qs4%ez
zl?+QSSywHdx7-}>&R!C>W~e;uxQ;%`P~Muz)F6f`1Jx#KU@~kD-21sF)YZJuyie;Q
zKTS(IGW3WmzVHa6Iwy2mc%CC&h7GNW)SUN1pJWV67)+s*RA=d$l@l>6W!O1!|JnG^
z$k^TC@u3G}FK<sgy7Beh@c8p56OUhf|8QsW<;b_e;qeErCO_UAyY=+T^_w+_qt3u`
z6ZKfZuzvoq6w(vALu=(^eJvPTTEj#mKGI}%bIIQ<5ktvDrV1;u%D`$9Yp`|(iRl4P
zivn>ceWIa0y6i}Pp0G3_3adbmT~Cq6hF(p68l3#}@Y~>>YBZtQzy=c=v5BEBEXvGV
z3`Q})$P=OUv!t2G#IS{m$MZ7hxHV`+!a$petpVVcIe7@{*dx56bUh+~_;7oBM6aVr
z3I?__9IywZ&+R_p_P4k1;(eCen-_|A`kt1B4qwv`?bw#4N_SaK-dEyu<YIs`q@>Dm
zFGxIhQCS6XO{&YJ9@|%r9^ltRmRmC*_<V>A6`it|vaC%xt~loxvO-<3vU#$^Q_{Bb
z8B00Axn!)+eU8U)DD|&TNHR1?ch-~`hNB`Z*bI??=5ve4PtMPkEtU9#om2g`C<ern
zB1s-<s`*;x?zU37!!D)Q#ng1=7k*7CO@=Bl6`0|FvZgUH{RGdzvEPJ$rhEF2fsVf#
zxioI3eF!NnePxR-Cs0Gn!s^@+bOghy9-rh}5E;jFNH`s?D|M)4(oNg!1<^tYsRxRJ
zcgg~_4e39LW^ALm%CLimY_QX8rFAErIPHw~MQtNsufyNFXbpY?CfdU_bii)xp%cSi
z>?4rivPL;7Xm8p&3WHR>I9@x7W#xE-hWNU-XxtXxJc^bw{KAcg{>xBHgRlX0XvFd`
wMq7kaib06jj{{*2O*n`{6fdwPahM_=q3=qv9K~^3Ptd6hoj4g<8BPH|0e^DrlmGw#

literal 0
HcmV?d00001

diff --git a/project2/out/artifacts/project2_war_exploded/WEB-INF/classes/cyou/chenx221/service/CustomUserDetailsService.class b/project2/out/artifacts/project2_war_exploded/WEB-INF/classes/cyou/chenx221/service/CustomUserDetailsService.class
new file mode 100644
index 0000000000000000000000000000000000000000..95204d64eb9bed8f6b729d18b2a68ea30ee1e45f
GIT binary patch
literal 2790
zcmb_e`&S!96#fPR3t`J6^hFg2N^5wOZNW!v0C}`fl$Qk3VpUu=Ls&?5;_fVv|HMB-
zJxUdi`lILglYfxM<DK1*CIqY4o}Ag;ncTVeyWhQY@BIGP$u9sVP>iAu^%^2N8qmnl
zzGohoM$UAy#>(~{w<JU3xb4_-lA%5^kZwj3nl(gqv_NMVv5LYstX=LLjgH<mJnkOY
z7B^;nPm25oO&@S++Bq*3{=pFSX>rLc6u8UKw^+SBAFLZ{Unr7nK`YucwCm_VjG^~m
z<QY1$T&n#uMfG&dJZHF_SbXkPO1id_O%9wfT@ZUBFq~}0Wn9s4RmU}4uOcK>^d!#{
z55gx}u7pZ$VXTryNqV`NPeySAuW5K)M>l#Hu2lmrTVZG*pbHsNlNhK#x8O*g<!+!R
zuA>icFtn6h3Z1!JC13JJS?$+x^HhA*^t?miX4LvyIudHViPWr#9QR@r_(2^*7$$sq
zbDz%&$1>$(Tkg`ACrw9s44+k!b_%NkY02_`S*die40r^FhC4d$Vw9mXh)*?@3|c`E
zn{yONwRQ&58s27@7jD+@lw@|trErtm`;>>4@7l6xSi<FoO1Vs!he3!Hk;_8P3E#;)
zJhFH}+QNx};a$bbdknYEGgpfsiZQ&e&dq2PNsMcl&@qV*7)CFSiM-wR?OaA3ix~>>
z#WnN?X&>sK{F%m#hFKjC@Q`8h<<wE~C=SB}TtAnbmopIHo!9Y5fo&?3vRA{0)#oob
zy2`ah9ZOiIL*%N2X4ptPtqspBA#qj5$5<mvL39`<{#R^DRWPYxonh+YT%E0={fRT>
ztG03uq!}W!B184BZP9l4vY+4P?z*|1qm|gAu*_WAbZs>+Ek@+7O<dkNqnZN$!kV6B
z=vwm~Y3F&`_H5EO?Knc3>QIrod*`O|Ha8v5*fA|B+@fKYHyG2t6o<CUGo&__6J{pJ
z>WX5%@`}>$G$e|Qn(jc<se~ub&X7?q-~{hdN}AR_HL4PS(Q+*zx1%ZHyB43b72Vzc
z)DK6LWroDL98t4zxsb&IH&S5?$Y}eF5Ym&bSy<w7S7f}lM%Yp8VP8W|l`rZ~{m=ce
zoddB?`-77c*7>=RbcU}gnJfv0N*|d{hR#+0q7eIjAz8~$#Y)x2bpm^ic;(>?Zxz&k
zYe3GLxm?PYJlO<6<&edLUlYEhi^7w*%7ZxNReVR4?f4;etN3YAx*ul@`hw$dcQ!}G
zLzRS<AaTNSsKIBrS!3`#XEhu$^t@P<u0$a-)SsK^`oxf;5mPrJYOQMCfDL-5X*Ngi
zI(kP3pMebyeGl!MK;|($TTxHX4n$~gGdl5vW>-ULY~mA|(Y`<{!&CZhB+Z}Fo0>B|
zFX{h-Y$+{UgWo|L`Vp7vur&M|G#bO-qI38dT{L=Wyh-EM2?l^;-2Mq;n?omf2Y7~i
zzy5&xO6V9<O70kQk)N@!S+6#vj`7hkR=y?^^-!P(2@>dP)Pm~-xeFt7#Tci{&J=nu
zk6x@JPGI{8V0Yk9JcL(vXp1`17P-(ul3&0iH?~P%GwS|Cr-mB|STv20z!*I<^j!yD
i_I`)vSsJahx=S)n@GQWkwHU2UQy=ySl*9p!(DgT@rZBJo

literal 0
HcmV?d00001

diff --git a/project2/out/artifacts/project2_war_exploded/WEB-INF/classes/spring-security.xml b/project2/out/artifacts/project2_war_exploded/WEB-INF/classes/spring-security.xml
new file mode 100644
index 0000000..8ba24f6
--- /dev/null
+++ b/project2/out/artifacts/project2_war_exploded/WEB-INF/classes/spring-security.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:security="http://www.springframework.org/schema/security"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans
+                           http://www.springframework.org/schema/beans/spring-beans.xsd
+                           http://www.springframework.org/schema/security
+                           http://www.springframework.org/schema/security/spring-security.xsd">
+
+    <!-- 定义自定义的UserDetailsService -->
+    <bean id="userDetailsService" class="cyou.chenx221.service.CustomUserDetailsService"/>
+
+    <!-- 定义密码加密器 -->
+    <bean id="passwordEncoder" class="org.springframework.security.crypto.password.MessageDigestPasswordEncoder">
+        <constructor-arg value="SHA-256"/>
+    </bean>
+
+    <!-- 配置Spring Security -->
+    <security:http auto-config="true">
+        <security:csrf disabled="true"/>
+<!--        <security:intercept-url pattern="/login" access="permitAll()"/>-->
+        <security:intercept-url pattern="/dashboard" access="hasRole('admin')"/>
+        <security:form-login login-page="/login"
+                             default-target-url="/dashboard"
+                             authentication-failure-handler-ref="customAuthenticationFailureHandler"/>
+        <security:logout logout-success-url="/login?logout=true"/>
+    </security:http>
+
+    <!-- 配置认证管理器 -->
+    <security:authentication-manager>
+        <security:authentication-provider user-service-ref="userDetailsService">
+            <security:password-encoder ref="passwordEncoder"/>
+        </security:authentication-provider>
+    </security:authentication-manager>
+
+</beans>
\ No newline at end of file
diff --git a/project2/src/main/java/cyou/chenx221/handler/CustomAuthenticationFailureHandler.java b/project2/src/main/java/cyou/chenx221/handler/CustomAuthenticationFailureHandler.java
new file mode 100644
index 0000000..184bb97
--- /dev/null
+++ b/project2/src/main/java/cyou/chenx221/handler/CustomAuthenticationFailureHandler.java
@@ -0,0 +1,21 @@
+package cyou.chenx221.handler;
+
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.AuthenticationFailureHandler;
+import org.springframework.stereotype.Component;
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+@Component
+public class CustomAuthenticationFailureHandler implements AuthenticationFailureHandler {
+
+    @Override
+    public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response, AuthenticationException exception) throws IOException, ServletException {
+        // 在验证失败时执行的逻辑
+        request.getSession().setAttribute("errorMessage", "用户名或密码不正确，请重新输入。");
+        System.out.println("到过这里");
+        response.sendRedirect("/login"); // 重定向到登录页面
+    }
+}
diff --git a/project2/src/main/java/cyou/chenx221/service/CustomUserDetailsService.java b/project2/src/main/java/cyou/chenx221/service/CustomUserDetailsService.java
new file mode 100644
index 0000000..c8ab566
--- /dev/null
+++ b/project2/src/main/java/cyou/chenx221/service/CustomUserDetailsService.java
@@ -0,0 +1,35 @@
+package cyou.chenx221.service;
+
+import cyou.chenx221.mapper.UserMapper;
+import cyou.chenx221.pojo.User;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.userdetails.UserDetails;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
+import org.springframework.stereotype.Service;
+
+@Service
+public class CustomUserDetailsService implements UserDetailsService {
+
+    private final UserMapper userMapper;
+
+    @Autowired
+    public CustomUserDetailsService(UserMapper userMapper) {
+        this.userMapper = userMapper;
+    }
+
+    @Override
+    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
+        User user = userMapper.getUserByUsername(username);
+        if (user == null) {
+            throw new UsernameNotFoundException("X User not found with username: " + username);
+        }
+        System.out.println(user.getId()+" "+user.getUsername()+" "+user.getPassword()+" "+user.getRoles());
+        // 创建并返回自定义的UserDetails对象
+        return org.springframework.security.core.userdetails.User.builder()
+                .username(user.getUsername())
+                .password(user.getPassword())
+                .roles(user.getRoles())
+                .build();
+    }
+}
diff --git a/project2/src/main/resources/spring-security.xml b/project2/src/main/resources/spring-security.xml
new file mode 100644
index 0000000..8ba24f6
--- /dev/null
+++ b/project2/src/main/resources/spring-security.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+       xmlns:security="http://www.springframework.org/schema/security"
+       xsi:schemaLocation="http://www.springframework.org/schema/beans
+                           http://www.springframework.org/schema/beans/spring-beans.xsd
+                           http://www.springframework.org/schema/security
+                           http://www.springframework.org/schema/security/spring-security.xsd">
+
+    <!-- 定义自定义的UserDetailsService -->
+    <bean id="userDetailsService" class="cyou.chenx221.service.CustomUserDetailsService"/>
+
+    <!-- 定义密码加密器 -->
+    <bean id="passwordEncoder" class="org.springframework.security.crypto.password.MessageDigestPasswordEncoder">
+        <constructor-arg value="SHA-256"/>
+    </bean>
+
+    <!-- 配置Spring Security -->
+    <security:http auto-config="true">
+        <security:csrf disabled="true"/>
+<!--        <security:intercept-url pattern="/login" access="permitAll()"/>-->
+        <security:intercept-url pattern="/dashboard" access="hasRole('admin')"/>
+        <security:form-login login-page="/login"
+                             default-target-url="/dashboard"
+                             authentication-failure-handler-ref="customAuthenticationFailureHandler"/>
+        <security:logout logout-success-url="/login?logout=true"/>
+    </security:http>
+
+    <!-- 配置认证管理器 -->
+    <security:authentication-manager>
+        <security:authentication-provider user-service-ref="userDetailsService">
+            <security:password-encoder ref="passwordEncoder"/>
+        </security:authentication-provider>
+    </security:authentication-manager>
+
+</beans>
\ No newline at end of file