1. 在maven配置文件pom.xml中引入依赖包
<!--加密模块-->
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
2. 在启动类MainApplication中加入bean
@Bean
public BCryptPasswordEncoder getBcryptPasswordEncoder(){
return new BCryptPasswordEncoder();
}
3. 增加配置类设置
当引入 spring-boot-starter-security
后,Spring Security 会自动应用默认的安全配置,所有的 HTTP 请求都会被拦截并需要进行身份认证。使用下列配置类解除拦截
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.web.SecurityFilterChain;
@Configuration
public class SecurityConfig {
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.csrf().disable()
.authorizeRequests()
.anyRequest().permitAll();
return http.build();
}
}
4. 创建BCryptPasswordEncoder对象
private BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
5. 对密码进行密文加密
使用此方法对密码加密,即是传入相同的明文密码,每次加密得到的密文结果都不一样
encodePassWord = bCryptPasswordEncoder.encode(passWord);
6. 对密码进行密文和明文的匹配
bCryptPasswordEncoder.matches(password, encodePassWord)