@Override
protected void onLoginSuccess(HttpServletRequest request, HttpServletResponse response,
		Authentication successfulAuthentication) {
	// 1. 登錄的用戶名賬號(hào)	
	String username = successfulAuthentication.getName();
	// 2. 生成一個(gè)Token
	PersistentRememberMeToken persistentToken = new PersistentRememberMeToken(username, generateSeriesData(),
			generateTokenData(), new Date());
	try {
		// 3. 持久化到數(shù)據(jù)庫(kù)中
		this.tokenRepository.createNewToken(persistentToken);
		// 4. 添加到Cookie中
		addCookie(persistentToken, request, response);
	}
	catch (Exception ex) {
		this.logger.error("Failed to save persistent token ", ex);
	}
}

@Override
protected UserDetails processAutoLoginCookie(String[] cookieTokens, HttpServletRequest request,
		HttpServletResponse response) {
	// 1. cookie殘缺	
	if (cookieTokens.length != 2) {
		throw new InvalidCookieException("Cookie token did not contain " + 2 + " tokens, but contained '"
				+ Arrays.asList(cookieTokens) + "'");
	}
	String presentedSeries = cookieTokens[0];
	String presentedToken = cookieTokens[1];
	PersistentRememberMeToken token = this.tokenRepository.getTokenForSeries(presentedSeries);
	
	....
	// 2. 這里有一大堆的校驗(yàn)失敗
	....
	
	// 3. 校驗(yàn)成功，重新生成Cookie等一系列操作
	PersistentRememberMeToken newToken = new PersistentRememberMeToken(token.getUsername(), token.getSeries(),
			generateTokenData(), new Date());
	try {
		this.tokenRepository.updateToken(newToken.getSeries(), newToken.getTokenValue(), newToken.getDate());
		addCookie(newToken, request, response);
	}
	
	// 4. 查用戶（因?yàn)橛锌赡苡脩魟h除掉）
	return getUserDetailsService().loadUserByUsername(token.getUsername());
}

// 操作token的數(shù)據(jù)表
create table persistent_logins (
    username varchar(64) not null, 
    series varchar(64) primary key, 
    token varchar(64) not null, 
    last_used timestamp not null
)engine=innodb default charset=utf8

// 存放用戶信息表
create table `account` (
  `id` int(11) not null auto_increment comment '編號(hào)',
  `username` varchar(30) not null comment '姓名',
  `password` varchar(30) not null comment '密碼',
  `role` varchar(100) not null comment '權(quán)限',
  primary key (`id`)
) engine=innodb default charset=utf8
insert into account(`id`, `username`, `password`, `role`) values (1, 'admin', '123456', 'root')

// pojo
@Data
@AllArgsConstructor
@NoArgsConstructor
public class Account {

    private Integer id;
    private String username;
    private String password;
    private String role;
}

// mapper
@Mapper
@Repository
public interface AccountMapper {

    Account getLoginAccount(String username);
}

// accountmapper.xml
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE mapper
        PUBLIC "-//mybatis.org//DTD Mapper 3.0//EN"
        "http://mybatis.org/dtd/mybatis-3-mapper.dtd">
<mapper namespace="com.splay.mapper.AccountMapper">
    
    <select id="getLoginAccount" parameterType="string" resultType="Account">
        select *from account where username = #{username}
    </select>
</mapper>

@Service
public class UserDetailsServiceImpl implements UserDetailsService {

    // 注入dao層
    @Autowired
    AccountMapper mapper;

    @Autowired
    BCryptPasswordEncoder passwordEncoder;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException{
        Account account = mapper.getLoginAccount(username);
        System.out.println(account.toString());
        List<GrantedAuthority> list = new ArrayList<>();
        // SpringSecurity權(quán)限控制角色需要使用"ROLE_"開頭, 并且密碼在構(gòu)造時(shí)需要進(jìn)行加密。
        list.add(new SimpleGrantedAuthority("ROLE_" + account.getRole()));

        return new User(passwordEncoder.encode(account.getUsername()), passwordEncoder.encode(account.getPassword()), list);
    }
}

@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
	
	// 數(shù)據(jù)源
	@Autowired
    DataSource dataSource;

	// UserDetailsService實(shí)現(xiàn)類
	@Autowired
    UserDetailsService userDetailsService;

    // 注入密碼加密解密類
    @Bean
    public BCryptPasswordEncoder bCryptPasswordEncoder(){
        return new BCryptPasswordEncoder();
    }

    // 注入jdbc Token操作類
    @Bean
    PersistentTokenRepository persistentTokenRepository(){
        JdbcTokenRepositoryImpl repository = new JdbcTokenRepositoryImpl();
        repository.setCreateTableOnStartup(false);				//關(guān)閉自動(dòng)創(chuàng)建表
        repository.setDataSource(dataSource);					//注入數(shù)據(jù)源
        return repository;
    }
		
}

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {

	// 密碼需要進(jìn)行加密解密進(jìn)行驗(yàn)證匹配！
	auth.userDetailsService(userDetailsService).passwordEncoder(bCryptPasswordEncoder);
}

@Override
protected void configure(HttpSecurity http) throws Exception {
	http
        .formLogin()
        .loginPage("/login")                    // 登錄頁(yè)面
        .loginProcessingUrl("/user/login")      // 提交表單處理的請(qǐng)求，由Security實(shí)現(xiàn)
        .defaultSuccessUrl("/index",true).permitAll()      //成功訪問(wèn)哪里
    .and()
        .logout()
        .logoutUrl("/logout")
        .logoutSuccessUrl("/index").deleteCookies().permitAll()    //退出成功頁(yè)面

    // 2. 無(wú)需保護(hù)的頁(yè)面
    .and()
        .authorizeRequests()
            .antMatchers("/level1/**").permitAll()
            .antMatchers("/level2/**").hasAnyRole("customer", "admin")
            .antMatchers("/level3/**").hasRole("admin")
    .anyRequest().authenticated().and()
            .rememberMe()                                       //記住我
            .tokenRepository(persistentTokenRepository)         //注入操作token的jdbc
            .tokenValiditySeconds(60).rememberMeCookieName("remember-me")                   //Cookie有效時(shí)間 單位: 秒
            .userDetailsService(userDetailsService);             //注入用戶驗(yàn)證UserDetailsService
    http.exceptionHandling().accessDeniedPage("/nodeny");
    http.csrf().disable();
}

<form action="/user/login" method="post">
    用戶名: <input type="text" name="username"><br/>
    密碼: <input type="text" name="password"><br/>
    <input type="checkbox" name="remember-me">記住我<br/>
    <input type="submit" value="登錄"/>
</form>