no message

imooc-security-browser/src/main/java/com/imooc/security/browser/BrowserSecurityConfig.java

@@ -3,16 +3,21 @@
  */
 package com.imooc.security.browser;
 
+import javax.sql.DataSource;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
 import org.springframework.security.web.authentication.AuthenticationSuccessHandler;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
+import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
 
 import com.imooc.security.core.properties.SecurityProperties;
 import com.imooc.security.core.validate.code.ValidateCodeFilter;
@@ -33,11 +38,24 @@ public class BrowserSecurityConfig extends WebSecurityConfigurerAdapter {
 	@Autowired
 	private AuthenticationFailureHandler imoocAuthenticationFailureHandler;
 
+	@Autowired
+	private DataSource dataSource;
+
+	@Autowired
+	private UserDetailsService userDetailsService;
+
 	@Bean
 	public PasswordEncoder passwordEncoder() {
 		return new BCryptPasswordEncoder();
 	}
 
+	@Bean
+	public PersistentTokenRepository persistentTokenRepository() {
+		JdbcTokenRepositoryImpl tokenRepository = new JdbcTokenRepositoryImpl();
+		tokenRepository.setDataSource(dataSource);
+//		tokenRepository.setCreateTableOnStartup(true);
+		return tokenRepository;
+	}
 
 	@Override
 	protected void configure(HttpSecurity http) throws Exception {
@@ -49,10 +67,15 @@ protected void configure(HttpSecurity http) throws Exception {
 
 		http.addFilterBefore(validateCodeFilter, UsernamePasswordAuthenticationFilter.class)
 			.formLogin()
-			.loginPage("/authentication/require")
-			.loginProcessingUrl("/authentication/form")
-			.successHandler(imoocAuthenticationSuccessHandler)
-			.failureHandler(imoocAuthenticationFailureHandler)
+				.loginPage("/authentication/require")
+				.loginProcessingUrl("/authentication/form")
+				.successHandler(imoocAuthenticationSuccessHandler)
+				.failureHandler(imoocAuthenticationFailureHandler)
+				.and()
+			.rememberMe()
+				.tokenRepository(persistentTokenRepository())
+				.tokenValiditySeconds(securityProperties.getBrowser().getRememberMeSeconds())
+				.userDetailsService(userDetailsService)
 //		http.httpBasic()
 			.and()
 			.authorizeRequests()

imooc-security-browser/src/main/resources/resources/imooc-signIn.html

@@ -24,6 +24,9 @@ <h3>表单登录</h3>
 					<img src="/code/image?width=200">
 				</td>
 			</tr>
+			<tr>
+				<td colspan='2'><input name="remember-me" type="checkbox" value="true" />记住我</td>
+			</tr>
 			<tr>
 				<td colspan="2"><button type="submit">登录</button></td>
 			</tr>

imooc-security-core/src/main/java/com/imooc/security/core/properties/BrowserProperties.java

@@ -12,6 +12,8 @@ public class BrowserProperties {
 	private String loginPage = "/imooc-signIn.html";
 
 	private LoginType loginType = LoginType.JSON;
+
+	private int rememberMeSeconds = 3600;
 
 	public String getLoginPage() {
 		return loginPage;
@@ -28,5 +30,13 @@ public LoginType getLoginType() {
 	public void setLoginType(LoginType loginType) {
 		this.loginType = loginType;
 	}
+
+	public int getRememberMeSeconds() {
+		return rememberMeSeconds;
+	}
+
+	public void setRememberMeSeconds(int rememberMeSeconds) {
+		this.rememberMeSeconds = rememberMeSeconds;
+	}
 
 }

imooc-security-core/src/main/java/com/imooc/security/core/validate/code/ValidateCodeFilter.java

@@ -12,6 +12,7 @@
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.commons.lang.ArrayUtils;
 import org.apache.commons.lang.StringUtils;
 import org.springframework.beans.factory.InitializingBean;
 import org.springframework.security.web.authentication.AuthenticationFailureHandler;
@@ -45,8 +46,10 @@ public class ValidateCodeFilter extends OncePerRequestFilter implements Initiali
 	public void afterPropertiesSet() throws ServletException {
 		super.afterPropertiesSet();
 		String[] configUrls = StringUtils.splitByWholeSeparatorPreserveAllTokens(securityProperties.getCode().getImage().getUrl(), ",");
-		for (String configUrl : configUrls) {
-			urls.add(configUrl);
+		if(ArrayUtils.isNotEmpty(configUrls)){
+			for (String configUrl : configUrls) {
+				urls.add(configUrl);
+			}
 		}
 		urls.add("/authentication/form");
 	}

imooc-security-demo/src/main/java/com/imooc/code/DemoImageCodeGenerator.java

@@ -13,7 +13,7 @@
  * @author zhailiang
  *
  */
-@Component("imageCodeGenerator")
+//@Component("imageCodeGenerator")
 public class DemoImageCodeGenerator implements ValidateCodeGenerator {
 
 	/* (non-Javadoc)

imooc-security-demo/src/main/resources/application.properties

@@ -12,6 +12,6 @@ server.port = 8060
 #imooc.security.browser.loginPage = /demo-signIn.html
 #imooc.security.browser.loginType = REDIRECT
 
-imooc.security.code.image.length = 6
-imooc.security.code.image.width = 100
-imooc.security.code.image.url = /user/*
+#imooc.security.code.image.length = 6
+#imooc.security.code.image.width = 100
+#imooc.security.code.image.url = /user/*