package com.stone.conf.shiro; import com.stone.conf.redis.RedisHelper; import com.stone.mapper.senior.BjdSeniorMapper; import com.stone.model.po.bjd.BjdSenior; import org.apache.shiro.SecurityUtils; import org.apache.shiro.authc.AuthenticationException; import org.apache.shiro.authc.AuthenticationInfo; import org.apache.shiro.authc.AuthenticationToken; import org.apache.shiro.authc.SimpleAuthenticationInfo; import org.apache.shiro.authz.AuthorizationInfo; import org.apache.shiro.realm.AuthorizingRealm; import org.apache.shiro.subject.PrincipalCollection; import org.apache.shiro.subject.Subject; import tk.mybatis.mapper.weekend.Weekend; import tk.mybatis.mapper.weekend.WeekendSqls; import javax.annotation.Resource; public class MyShiroRealm extends AuthorizingRealm { @Resource private BjdSeniorMapper bjdSeniorMapper; /** * 获取授权信息 */ @Override protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) { return null; } /** * 获取身份验证信息 * Shiro中,最终是通过 Realm 来获取应用程序中的用户、角色及权限信息的。 * * @param token 用户身份信息 token * @return 返回封装了用户信息的 AuthenticationInfo 实例 */ @Override protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException { // 获取用户的输入的账号. String loginName = (String) token.getPrincipal(); // 通过username从数据库中查找 User对象,如果找到,没找到. // 实际项目中,这里可以根据实际情况做缓存,如果不做,Shiro自己也是有时间间隔机制,2分钟内不会重复执行该方法 BjdSenior user = bjdSeniorMapper.selectOneByExample(Weekend.builder(BjdSenior.class).where(WeekendSqls.custom() .andEqualTo(BjdSenior::getSerialNumber, loginName)).build()); if (user == null) { return null; } Subject subject = SecurityUtils.getSubject(); // 将用户信息存入redis中 RedisHelper.add(subject.getSession().getId() + "", user); return new SimpleAuthenticationInfo( user.getSerialNumber(), //用户名 user.getWwcxmima(), //密码 getName() //realm name ); } }