最小化可运行配置
package com.terwergreen.bugucms.config;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.reactive.EnableWebFluxSecurity;
import org.springframework.security.config.web.server.ServerHttpSecurity;
import org.springframework.security.core.userdetails.MapReactiveUserDetailsService;
import org.springframework.security.core.userdetails.ReactiveUserDetailsService;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.web.server.SecurityWebFilterChain;
import org.springframework.security.web.server.authentication.logout.RedirectServerLogoutSuccessHandler;
import org.springframework.security.web.server.authentication.logout.ServerLogoutSuccessHandler;
import java.net.URI;
/**
* @Author Terwer
* @Date 2018/6/22 15:55
* @Version 1.0
* @Description 安全授权配置
**/
@EnableWebFluxSecurity
public class SecurityConfig {
private Log logger = LogFactory.getLog(this.getClass());
@Autowired
PasswordEncoder passwordEncoder;
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
logger.info("WebFlux Security begin");
return http
.authorizeExchange()
.pathMatchers("/admin/**")
.authenticated()
.pathMatchers("/**")
.permitAll()
.and()
.csrf()
//.csrfTokenRepository(customCsrfTokenRepository)
//.requireCsrfProtectionMatcher(customCsrfMatcher)
.and()
.formLogin()
//.loginPage("/login")
//.authenticationFailureHandler(new RedirectServerAuthenticationFailureHandler("/login?error"))
//.authenticationSuccessHandler(new RedirectServerAuthenticationSuccessHandler("/admin"))
.and()
.logout()
//.logoutUrl("/logout")
.logoutSuccessHandler(logoutSuccessHandler("/login?logout"))
.and()
.build();
}
public ServerLogoutSuccessHandler logoutSuccessHandler(String uri) {
RedirectServerLogoutSuccessHandler successHandler = new RedirectServerLogoutSuccessHandler();
successHandler.setLogoutSuccessUrl(URI.create(uri));
return successHandler;
}
@Bean
public ReactiveUserDetailsService userDetailsService() {
//内存中缓存权限数据
User.UserBuilder userBuilder = User.builder();
UserDetails admin = userBuilder.username("admin").password(passwordEncoder.encode("123456")).roles("USER", "ADMIN").build();
// 输出加密密码
String encodePassword = passwordEncoder.encode("123456");
logger.info("encodePassword:" + encodePassword);
return new MapReactiveUserDetailsService(admin);
}
}
参考
https://www.sudoinit5.com/post/spring-reactive-auth-forms/