### BCrypt ``` 强哈希算法 ``` ``` Spring Security提供了BCryptPasswordEncoder类,实现Spring的PasswordEncoder接口使用BCrypt强哈希方法来加密密码 ``` ### 依赖 ~~~ <dependency> <groupId>org.springframework.boot</groupId> <artifactId>spring-boot-starter-security</artifactId> </dependency> ~~~ ### 添加依赖后，所有地址都被spring security所控制了，添加配置类，配置所有地址都可以匿名访问 ~~~ @Configuration @EnableWebSecurity public class WebSecurityConfig extends WebSecurityConfigurerAdapter { @Override protected void configure(HttpSecurity http) throws Exception { http.authorizeRequests() .antMatchers("/**").permitAll() .anyRequest().authenticated() .and().csrf().disable(); } } ~~~ ### BCryptPasswordEncoder ~~~ @Bean public BCryptPasswordEncoder bCryptPasswordEncoder(){ return new BCryptPasswordEncoder(); } ~~~ ### 加密 ~~~ bCryptPasswordEncoder.encode("123456") ~~~ ### 校验 ~~~ bCryptPasswordEncoder.matches("123456", "$2a$10$ALque7RFwlv3rqdDF5JdDebMsmsjIQRfFJYgJ.2IxUwxTMz.XAvBu") ~~~