1.基本配置

@Configuration
@EnableWebSecurity
@Slf4j
public class SecurityConfig {
    //自定义过滤器
    @Autowired
    private JwtAuthenticationTokenFilter jwtAuthenticationTokenFilter;
    //登录认证服务
    @Autowired
    private UserDetailsService userDetailsService;
    //自定义权限失败处理
    @Autowired
    private AccessDeniedExceptionHandler accessDeniedExceptionHandler;
    //自定义认证失败处理
    @Autowired
    private AuthenticationExceptionHandler authenticationExceptionHandler;

    //密码加密器
    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }
    @Bean
    public AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception {
        log.info("执行authenticationManager");
        return authConfig.getAuthenticationManager();
    }

    @Bean
    public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
        log.info("filterChain 执行");
         // 基于token，不需要csrf
        http.sessionManagement((session) -> session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)) // 基于token，不需要session
                .authorizeHttpRequests((authz) -> authz
                        .requestMatchers("/auth/user/login",  "/auth/user/regist").permitAll()
                        .requestMatchers(HttpMethod.OPTIONS).permitAll()
                        .anyRequest().authenticated()
                )
                .addFilterBefore(jwtAuthenticationTokenFilter, UsernamePasswordAuthenticationFilter.class)
                .exceptionHandling(exception ->{
                    exception.authenticationEntryPoint(authenticationExceptionHandler)
                    .accessDeniedHandler(accessDeniedExceptionHandler);
                });
        http.csrf(csrf -> csrf.disable());
        return http.build();
    }

    @Bean
    public DaoAuthenticationProvider daoAuthenticationProvider() {
        DaoAuthenticationProvider provider = new DaoAuthenticationProvider();
        provider.setUserDetailsService(userDetailsService);
        provider.setPasswordEncoder(passwordEncoder());
        return provider;
    }
}

2.AuthenticationExceptionHandler

@Component
public class AuthenticationExceptionHandler implements AuthenticationEntryPoint {
    @Override
    public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException) throws IOException, ServletException {
        CustomAuthenticationException su = (CustomAuthenticationException) authException;
        // 设置响应的字符编码和内容类型
        response.setContentType("application/json;charset=UTF-8");
        response.setCharacterEncoding("UTF-8");
        PrintWriter writer = response.getWriter();
        writer.write(new ObjectMapper().writeValueAsString(BaseVo.fail(su.getMessage())));
        writer.flush();
    }
}

3.AccessDeniedExceptionHandler

@Component
public class AccessDeniedExceptionHandler implements AccessDeniedHandler {
    @Override
    public void handle(HttpServletRequest request, HttpServletResponse response, AccessDeniedException accessDeniedException) throws IOException, ServletException {
        //todo  和 AuthenticationExceptionHandler  类似
    }
}

4. UserDetailsImpl

@Data
@NoArgsConstructor
@AllArgsConstructor
public class UserDetailsImpl implements UserDetails {

    private User user;

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return List.of();
    }

    @Override
    public String getPassword() {
        return user.getPassWord();
    }

    @Override
    public String getUsername() {
        return user.getUserName();
    }

}

4. UserService

public interface UserService extends IService<User>, UserDetailsService {
    Page<User> getPage(Page<User> page, User user);
}

5. UserServiceImpl

@Service
@Slf4j
public class UserServiceImpl extends ServiceImpl<UserMapper, User> implements UserService {

    @Override
    public Page<User> getPage(Page<User> page, User user) {
        LambdaQueryWrapper<User> query = new LambdaQueryWrapper<>();
        query.like(ObjectUtil.isNotEmpty(user.getUserName()), User::getUserName, user.getUserName());
        query.like(ObjectUtil.isNotEmpty(user.getEmail()), User::getEmail, user.getEmail());
        query.like(ObjectUtil.isNotEmpty(user.getPhoneNumber()), User::getPhoneNumber, user.getPhoneNumber());
        query.like(ObjectUtil.isNotEmpty(user.getDeptNo()), User::getDeptNo, user.getDeptNo());
        query.eq(ObjectUtil.isNotEmpty(user.getIsActive()), User::getIsActive, user.getIsActive());
        query.orderByDesc(User::getCreateTime);
        return this.page(page, query);
    }

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        log.info("执行loadUserByUsername方法");
        LambdaQueryWrapper<User> query = new LambdaQueryWrapper<>();
        query.eq(User::getUserName, username)
                .or()
                .eq(User::getEmail, username)
                .or()
                .eq(User::getPhoneNumber, username);
        User user = this.getOne(query);
        if(ObjectUtil.isEmpty(user)){
            log.info("不存在该用户");
        }
        return new UserDetailsImpl(user);
    }
}

6. UserController

@RestController
@RequestMapping("/auth/user")
public class UserController {

    @Autowired
    private AuthenticationManager authenticationManager;

    @Autowired
    private PasswordEncoder passwordEncoder;

    @Autowired
    private JwtUtil jwtUtil;

    @Autowired
    private RedisUtil redisUtil;

    @Value("${jwt.expires}")
    private Integer expiresIn;

    @Autowired
    private UserService userService;
    @PostMapping("/regist")
    public Boolean register(@RequestBody UserDto userDto){
        User user = UserConvert.INSTANCE.targetToSource(userDto);
        if(ObjectUtil.isNotEmpty(user)){
            user.setPassWord(passwordEncoder.encode(user.getPassWord()));
        }
        return userService.save(user);
    }
    @PostMapping("/login")
    public UserVo login(@RequestBody UserDto userDto){
        String loginName = userDto.getLoginName();
        Authentication authenticate = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(loginName, userDto.getPassWord()));
//        SecurityContext context = SecurityContextHolder.getContext();
//        Authentication authentication = context.getAuthentication();
        UserDetailsImpl userDetail = (UserDetailsImpl) authenticate.getPrincipal();
        UserVo userVo = UserConvert.INSTANCE.sourceToVo(userDetail.getUser());
        Map<String, String> userInfo = new HashMap<>();
        userInfo.put("userName",userVo.getUserName());
        userInfo.put("userId",String.valueOf(userVo.getId()));
        String token = jwtUtil.getToken(userInfo, expiresIn);
        userVo.setToken(token);
        return userVo;
    }

    @PostMapping("/update")
    public Boolean updateUser(@RequestBody UserDto userDto){
        User user = UserConvert.INSTANCE.targetToSource(userDto);
        return userService.saveOrUpdate(user);
    }
    @PostMapping("/detail")
    public UserVo getUser(@RequestParam("id") Long id){
        User user = userService.getById(id);
        return UserConvert.INSTANCE.sourceToVo(user);
    }
    @PostMapping("/page")
    public IPage<UserVo> getUserPage(@RequestBody UserDto userDto){
        User user = UserConvert.INSTANCE.targetToSource(userDto);
        Page<User> page = new Page<>(userDto.getPageNo(), userDto.getPageSize());
        page = userService.getPage(page,user);
        return UserConvert.INSTANCE.sourceToVo(page);
    }
    @PostMapping("/delete")
    public Boolean deleteUser(Long id){
        return userService.removeById(id);
    }
}