一、概述
在这个快速教程中,我们将了解如何**在Thymeleaf 中显示登录用户的信息**。
我们将扩展我们在Spring Security with Thymeleaf 文章中构建的项目。首先,我们将添加一个自定义模型来存储用户信息和检索它们的服务。之后,我们将使用Thymeleaf Extras 模块中的Spring Security Dialect 显示它。
UserDetails实现
UserDetails是Spring Security 的一个接口,用于保存与安全无关的用户信息。
我们将创建UserDetails接口的实现,其中包含一些自定义字段作为存储经过身份验证的用户详细信息的模型。但是,为了处理更少的字段和方法,我们将扩展默认的框架实现User类:
public class CustomUserDetails extends User {
private final String firstName;
private final String lastName;
private final String email;
private CustomUserDetails(Builder builder) {
super(builder.username, builder.password, builder.authorities);
this.firstName = builder.firstName;
this.lastName = builder.lastName;
this.email = builder.email;
}
// omitting getters and static Builder class
}3.UserDetailsService实现
框架的UserDetailsService单一方法接口负责在认证过程中获取UserDetails。
因此,为了能够加载我们的CustomUserDetails,我们需要实现UserDetailsServiceervice 接口。对于我们的示例,我们将硬编码并将用户详细信息存储在以用户名作为键的Map中:
@Service
public class CustomUserDetailsService implements UserDetailsService {
private final PasswordEncoder passwordEncoder;
private final Map<String, CustomUserDetails> userRegistry = new HashMap<>();
// omitting constructor
@PostConstruct
public void init() {
userRegistry.put("user", new CustomUserDetails.Builder().withFirstName("Mark")
.withLastName("Johnson")
.withEmail("[email protected]")
.withUsername("user")
.withPassword(passwordEncoder.encode("password"))
.withAuthorities(Collections.singletonList(new SimpleGrantedAuthority("ROLE_USER")))
.build());
userRegistry.put("admin", new CustomUserDetails.Builder().withFirstName("James")
.withLastName("Davis")
.withEmail("[email protected]")
.withUsername("admin")
.withPassword(passwordEncoder.encode("password"))
.withAuthorities(Collections.singletonList(new SimpleGrantedAuthority("ROLE_ADMIN")))
.build());
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
CustomUserDetails userDetails = userRegistry.get(username);
if (userDetails == null) {
throw new UsernameNotFoundException(username);
}
return userDetails;
}
}此外,为了实现所需的loadUserByUsername()方法,我们通过用户名从注册表Map中获取相应的CustomUserDetails对象。但是,用户详细信息将在生产环境中的存储库中存储和检索。
4. Spring 安全配置
首先,我们需要在Spring Security 的配置中添加UserDetailsServiceervice,它将被连接到CustomUserDetailsService实现。此外,我们将通过相应的方法将其设置在HttpSecurity实例上。其余的只是最低限度的安全配置,需要对用户进行身份验证并配置/login、/logout,和/index端点:
@Configuration
@EnableWebSecurity
public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
private final UserDetailsService userDetailsService;
// omitting constructor
@Override
protected void configure(HttpSecurity http) throws Exception {
http.userDetailsService(userDetailsService)
.authorizeRequests()
.anyRequest()
.authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.successForwardUrl("/index")
.and()
.logout()
.permitAll()
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.logoutSuccessUrl("/login");
}
}5.显示登录用户信息
Thymeleaf Extras 模块提供对Authentication对象的访问权限,并且使用Security Dialect,我们可以在Thymeleaf 页面上显示登录用户信息。
CustomUserDetails对象可通过Authentication对象的principal字段访问。例如,我们可以使用sec:authentication=”principal.firstName”访问firstName字段:
<!DOCTYPE html>
<html xmlns:sec="http://www.thymeleaf.org/extras/spring-security">
<head>
<title>Welcome to Spring Security Thymeleaf tutorial</title>
</head>
<body>
<h2>Welcome</h2>
<p>Spring Security Thymeleaf tutorial</p>
<div sec:authorize="hasRole('USER')">Text visible to user.</div>
<div sec:authorize="hasRole('ADMIN')">Text visible to admin.</div>
<div sec:authorize="isAuthenticated()">Text visible only to authenticated users.</div>
Authenticated username:
<div sec:authentication="name"></div>
Authenticated user's firstName:
<div sec:authentication="principal.firstName"></div>
Authenticated user's lastName:
<div sec:authentication="principal.lastName"></div>
Authenticated user's email:
<div sec:authentication="principal.lastName"></div>
Authenticated user roles:
<div sec:authentication="principal.authorities"></div>
</body>
</html>或者,编写没有sec:authentication属性的安全方言表达式的等效语法是使用Spring 表达式语言。因此,如果我们更喜欢它,我们可以使用Spring 表达式语言格式显示firstName字段:
<div th:text="${#authentication.principal.firstName}"></div>六,结论
在本文中,我们了解了如何在Spring Boot 应用程序中使用Spring Security 的支持在Thymeleaf 中显示登录用户的信息。
0 评论