Controller

@RequestMapping("login")
@ResponseBody
public void login(HttpServletRequest request, HttpServletResponse response,String username,String password) throws IOException, ServletException {
  UsernamePasswordAuthenticationToken upToken = new UsernamePasswordAuthenticationToken(username, password); // 根据用户名密码生成token
  Authentication authentication = authenticationManager.authenticate(upToken); // 验证并生成auth对象
  SecurityContextHolder.getContext().setAuthentication(authentication); // 保存auth对象
  authenticationSuccessConfig.onAuthenticationSuccess(request, response, authentication); // 执行成功回调
}

loadUserByUsername

通过username构建auth的user对象

@Bean
@Override
public UserDetailsService userDetailsService() {
  return username -> {
	User user = ...; // 根据username用户名查询数据库获得自身的user对象
   return User.withUsername(username).password(user.getPassword()).roles(user.getRole()).build(); // 通过username,password,role生成auth的user对象
  };
}

PasswordEncoder

加密方式

@Override
public String encode(CharSequence charSequence) {
  return Md5Util.crypt(charSequence.toString());
}

密码验证

@Override
public boolean matches(CharSequence charSequence, String s) {
  return s.equals(Md5Util.crypt(charSequence.toString()));
}

onAuthenticationSuccess

登录成功之后执行方法

@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication auth) throws IOException, ServletException {
  String username = auth.getName();
  // 更新最近登录时间
  ......
  // 生成user对象
  Factory.initUserSession();
  String redirectUrl = "/index"; //缺省的登录成功页面
  SavedRequest savedRequest = (SavedRequest) request.getSession().getAttribute("SPRING_SECURITY_SAVED_REQUEST");
 if(savedRequest != null) {
  redirectUrl = savedRequest.getRedirectUrl();
  request.getSession().removeAttribute("SPRING_SECURITY_SAVED_REQUEST");
  }
  if(redirectUrl.contains("/login")){
  redirectUrl = "/index";
  }
  response.sendRedirect(redirectUrl);
}