1.添加依赖
<dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency>
2.添加上述依赖后,所有地址都被spring security控制了
需要写一个配置类来允许所有地址可访问
@Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter{ @Override protected void configure(HttpSecurity http) throws Exception { http .authorizeRequests() .antMatchers("/**").permitAll() .anyRequest().authenticated() .and().csrf().disable(); } }
3.在启动类将BCrypt加入spring容器
@Bean public BCryptPasswordEncoder bCryptPasswordEncoder() { return new BCryptPasswordEncoder(); }
4.注入BCrypt
@Autowired private BCryptPasswordEncoder bCryptPasswordEncoder;
5.加密密码
user.setPassword(bCryptPasswordEncoder.encode(user.getPassword()));