创建后台客户端
使用vue-element-admin
# clone the project
git clone https://github.com/PanJiaChen/vue-admin-template.git
# enter the project directory
cd vue-admin-template
# install dependency
npm install
# develop
npm run dev
构建
# build for test environment
npm run build:stage
# build for production environment
npm run build:prod
创建LoginController并解决跨域问题
package ml.yompc.myshop.plus.business.controller;
import com.google.common.collect.Maps;
import ml.yompc.myshop.plus.business.dto.LoginParam;
import ml.yompc.myshop.plus.commons.dto.ResponseResult;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
import java.util.Map;
/**登录管理Login
* @email yom535@outlook.com
* @author: 有民(yom535)
* @date: 2019/10/17
* @time: 11:27
*/
//跨域设置
@CrossOrigin(origins = "*",maxAge = 3600)
@RestController
public class LoginController {
@PostMapping(value = "/user/login")
public ResponseResult<Map<String,Object>> login(@RequestBody LoginParam loginParam){
Map<String,Object> result = Maps.newHashMap();
result.put("token","123456");
return new ResponseResult<Map<String,Object>>(ResponseResult.CodeStatus.OK,HttpStatus.OK.toString(),result);
}
}
发现登录不了,原因是Spring Security拦截了要设置WebSecurityConfiguration不拦截/user/login
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring()
.antMatchers("/user/login");
}
完整的WebSecurityConfiguration
package ml.yompc.myshop.plus.business.configure;
import ml.yompc.myshop.plus.business.service.UserDetailsServiceImpl;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
/**
* @email yom535@outlook.com
* @author: 有民(yom535)
* @date: 2019/9/27
* @time: 23:46
*/
@EnableWebSecurity
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true)
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
@Override
public UserDetailsService userDetailsServiceBean() throws Exception {
return new UserDetailsServiceImpl();
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsServiceBean());
}
/**
* 用于支持 password 模式
*
* @return
* @throws Exception
*/
@Bean
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring()
.antMatchers("/user/login");
}
@Override
protected void configure(HttpSecurity http) throws Exception {
/**
* 将授权访问配置改为注解方式
* @see LoginController#info()
*/
http.exceptionHandling()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
http.exceptionHandling()
.and()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
// 授权访问
.antMatchers("/user/info").hasAuthority("USER")
.antMatchers("/user/logout").hasAuthority("USER");
}
}