持久化令牌RememberMe访问

Author: ABCpril

remember-me-persistent/pom.xml

@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <parent>
+        <groupId>org.springframework.boot</groupId>
+        <artifactId>spring-boot-starter-parent</artifactId>
+        <version>2.5.6</version>
+        <relativePath/> <!-- lookup parent from repository -->
+    </parent>
+    <groupId>com.sspath</groupId>
+    <artifactId>remember-me-persistent</artifactId>
+    <version>0.0.1-SNAPSHOT</version>
+    <name>remember-me-persistent</name>
+    <description>remember-me-persistent</description>
+    <properties>
+        <java.version>1.8</java.version>
+    </properties>
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-jdbc</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-web</artifactId>
+        </dependency>
+
+        <dependency>
+            <groupId>mysql</groupId>
+            <artifactId>mysql-connector-java</artifactId>
+            <scope>runtime</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.springframework.boot</groupId>
+                <artifactId>spring-boot-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>

remember-me-persistent/src/main/java/com/sspath/remembermepersistent/RememberMePersistentApplication.java

@@ -0,0 +1,13 @@
+package com.sspath.remembermepersistent;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+
+@SpringBootApplication
+public class RememberMePersistentApplication {
+
+    public static void main(String[] args) {
+        SpringApplication.run(RememberMePersistentApplication.class, args);
+    }
+
+}

remember-me-persistent/src/main/java/com/sspath/remembermepersistent/config/SecurityConfig.java

@@ -0,0 +1,62 @@
+package com.sspath.remembermepersistent.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.password.NoOpPasswordEncoder;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
+
+import javax.sql.DataSource;
+
+/**
+ * @FileName: SecurityConfig.java
+ * @Description: DataSource和JdbcTokenRepository需要配置
+ * @Author: ABCpril
+ * @Date: 2021/11/18
+ */
+
+@Configuration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+    @Autowired
+    DataSource dataSource;
+
+    @Bean
+    JdbcTokenRepositoryImpl jdbcTokenRepository() {
+        JdbcTokenRepositoryImpl jdbcTokenRepository = new JdbcTokenRepositoryImpl();
+        jdbcTokenRepository.setDataSource(dataSource);
+        return jdbcTokenRepository;
+    }
+
+    @Bean
+    PasswordEncoder passwordEncoder() {
+        return NoOpPasswordEncoder.getInstance();
+    }
+
+    @Override
+    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+        auth.inMemoryAuthentication()
+                .withUser("jack")
+                .password("123")
+                .roles("admin");
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+                .anyRequest().authenticated()
+                .and()
+                .formLogin()
+                .and()
+                .rememberMe()
+                // 持久化RememberMe不需要配置key
+                // 配置了tokenRepository就会获取到PersistentTokenBasedRememberMeServices的RememberMeServices实例
+//                .key("remember")
+                .tokenRepository(jdbcTokenRepository())
+                .and()
+                .csrf().disable();
+    }
+}

remember-me-persistent/src/main/java/com/sspath/remembermepersistent/controller/HelloController.java

@@ -0,0 +1,20 @@
+package com.sspath.remembermepersistent.controller;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * @FileName: HelloController.java
+ * @Description: 重启浏览器或者服务端后访问接口，都会建立新会话，token也随之更新
+ * @Author: ABCpril
+ * @Date: 2021/11/18
+ */
+
+@RestController
+public class HelloController {
+    @GetMapping("/hello")
+    public String hello() {
+        return "hello";
+    }
+}

remember-me-persistent/src/main/resources/application.properties

@@ -0,0 +1,4 @@
+spring.datasource.username=root
+spring.datasource.password=123
+spring.datasource.url=jdbc:mysql://localhost:3306/security06?useSSL=false&useUnicode=true&serverTimezone=Asia/Shanghai&allowPublicKeyRetrieval=true&characterEncoding=utf-8
+