CustomUserDetailService.java
2.1 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
package com.tianbo.warehouse.security;
import com.tianbo.warehouse.dao.PERMISSIONMapper;
import com.tianbo.warehouse.dao.USERSMapper;
import com.tianbo.warehouse.model.PERMISSION;
import com.tianbo.warehouse.model.USERS;
import com.tianbo.warehouse.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import java.util.ArrayList;
import java.util.List;
@Service("customuserservice")
public class CustomUserDetailService implements UserDetailsService {
@Autowired
UserService userService;
@Autowired
PERMISSIONMapper permissionMapper;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
try {
USERS user = userService.loadByUsername(username);
//这里是根据用户ID取的权限表,还可以根据用户ID 去角色表
List<PERMISSION> permissions = permissionMapper.findByUserId(user.getUserId());
List<GrantedAuthority> grantedAuthorities = new ArrayList<>();
for (PERMISSION permission : permissions) {
if (permission != null && permission.getPermissionName() != null) {
GrantedAuthority grantedAuthority = new SimpleGrantedAuthority(permission.getPermissionName());
//1:此处将权限信息添加到 GrantedAuthority 对象中,在后面进行全权限验证时会使用GrantedAuthority 对象。
grantedAuthorities.add(grantedAuthority);
}
}
return user;
} catch (UsernameNotFoundException e) {
e.printStackTrace();
}
return null;
}
}