目录
4.连接数据库配置类详解(DataSourceConfig)。
1.引入相关的依赖
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
<version>3.0.3</version>
</dependency>
2.nacos的yaml的相关配置,配置密码和相关算法
jasypt:
encryptor:
algorithm: PBEWithHmacSHA512AndAES_256
password: encryptionkey
3.配置数据源连接
3.1 数据库连接配置
使用@ConfigurationProperties(prefix = "spring.datasource")
注解的dataSource()
方法通过DataSourceBuilder.create().build();
创建了一个DataSource
的bean。这个bean的配置信息来自于application.properties
或application.yml
文件中的spring.datasource
前缀下的配置项,比如数据库URL、用户名、密码等。
重点: 密码在yaml是加密的,如:ENC(N8VBWG5nOHvy5efX3/mlPAmdBykE7iDZFl362LyeaPRXMbLT0PzEIlB/KDXrNYz6),配置了jasypt之后,使用password作为密钥进行加密解密。
#加密
jasypt:
encryptor:
algorithm: PBEWithHmacSHA512AndAES_256
password: encryptionkey
spring:
datasource:
driver-class-name: com.mysql.cj.jdbc.Driver
jdbc-url: jdbc:mysql://localhost:3306/auth?serverTimezone=Asia/Shanghai&useUnicode=true&characterEncoding=utf-8&allowMultiQueries=true&nullCatalogMeansCurrent=true
username: root
password: ENC(N8VBWG5nOHvy5efX3/mlPAmdBykE7iDZFl362LyeaPRXMbLT0PzEIlB/KDXrNYz6)
type: com.alibaba.druid.pool.DruidDataSource
druid:
initial-size: 5
min-idle: 1
max-active: 10
max-wait: 60000
validation-query: SELECT 1 FROM DUAL
test-on-borrow: false
test-on-return: false
test-while-idle: true
time-between-eviction-runs-millis: 60000
redis:
port: 6379
mysql:
driver: com.mysql.jdbc.driver
4.连接数据库配置类详解(DataSourceConfig)。
通过配置类的方式,实现数据库的连接,构建StringEncryptor 的bean对象,实现密码的加密解密,把加密解密串放到配置文件中,用ENC()包裹着,加载配置文件的时候,有ENC()就会自动解密,这样避免配置文件密码泄露的风险。
@Bean
public StringEncryptor stringEncryptor() {
PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword("encryptionkey"); // 加密密钥
config.setAlgorithm("PBEWithHmacSHA512AndAES_256");
config.setKeyObtentionIterations("1000");
config.setPoolSize("1");
config.setProviderName("SunJCE");
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
config.setStringOutputType("base64");
encryptor.setConfig(config);
return encryptor;
}
5.完整的配置类代码如下
package com.example.auth.config;
import com.baomidou.mybatisplus.extension.plugins.MybatisPlusInterceptor;
import com.baomidou.mybatisplus.extension.plugins.inner.OptimisticLockerInnerInterceptor;
import com.baomidou.mybatisplus.extension.plugins.inner.PaginationInnerInterceptor;
import com.baomidou.mybatisplus.extension.spring.MybatisSqlSessionFactoryBean;
import org.apache.ibatis.session.SqlSessionFactory;
import org.jasypt.encryption.StringEncryptor;
import org.jasypt.encryption.pbe.PooledPBEStringEncryptor;
import org.jasypt.encryption.pbe.config.SimpleStringPBEConfig;
import org.mybatis.spring.annotation.MapperScan;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.context.properties.ConfigurationProperties;
import org.springframework.boot.jdbc.DataSourceBuilder;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.support.PathMatchingResourcePatternResolver;
import javax.annotation.PostConstruct;
import javax.sql.DataSource;
/**
* MybatisPlus配置类 数据库连接
*/
@Configuration
@MapperScan(basePackages = "com.example.auth.mapper")
public class DataSourceConfig {
@Autowired
private StringEncryptor stringEncryptor;
@ConfigurationProperties(prefix = "spring.datasource")
@Bean
public DataSource dataSource() {
return DataSourceBuilder.create().build();
}
@Bean
public MybatisPlusInterceptor mybatisPlusInterceptor() {
MybatisPlusInterceptor interceptor = new MybatisPlusInterceptor();
//分页插件
interceptor.addInnerInterceptor(new PaginationInnerInterceptor());
//注册乐观锁插件
interceptor.addInnerInterceptor(new OptimisticLockerInnerInterceptor());
return interceptor;
}
@Bean
public SqlSessionFactory sqlSessionFactory(DataSource dataSource, MybatisPlusInterceptor interceptor) throws Exception {
MybatisSqlSessionFactoryBean ssfb = new MybatisSqlSessionFactoryBean();
ssfb.setDataSource(dataSource);
ssfb.setPlugins(interceptor);
//到哪里找xml文件
ssfb.setMapperLocations(new PathMatchingResourcePatternResolver()
.getResources("classpath:/mapper/*Mapper.xml"));
return ssfb.getObject();
}
@Bean
public StringEncryptor stringEncryptor() {
PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
SimpleStringPBEConfig config = new SimpleStringPBEConfig();
config.setPassword("encryptionkey"); // 加密密钥
config.setAlgorithm("PBEWithHmacSHA512AndAES_256");
config.setKeyObtentionIterations("1000");
config.setPoolSize("1");
config.setProviderName("SunJCE");
config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
config.setStringOutputType("base64");
encryptor.setConfig(config);
return encryptor;
}
@PostConstruct
public void init(){
/* String enStr = stringEncryptor.encrypt("Root@123");
String deSTr = stringEncryptor.decrypt("N8VBWG5nOHvy5efX3/mlPAmdBykE7iDZFl362LyeaPRXMbLT0PzEIlB/KDXrNYz6");
System.out.println("enStr==="+enStr);
System.out.println("deSTr==="+deSTr);*/
}
}
你们的点赞和赞赏,是我继续前进的动力,谢谢。