我开始我的旅程与Spring,我已经尝试做简单的日志应用程序,但我绊倒across问题,我不能解决.我的代码符合,但当我试图登录,即使我插入正确的数据存在于数据库中,它从来没有让我槽.我相信有问题的函数loadUserByNode,因为它从来没有被调用,因为它既不抛出错误或记录任何东西. BLOG是我的程序代码
user.java
@Data
@Entity
@Table(name = "userinfo")
public class User {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "userkey")
private int userKey;
@Column(name = "emailaddress")
private String emailAddress;
@Column(name = "password")
private String password;
@Column(name = "role")
private String role;
}
字符串
UserRepository.java
public interface UserRepository extends JpaRepository<User,Long> {
Optional<User> findByEmailAddress(String email);
}
型
SecurityConfig.java
@Configuration
public class SecurityConfig {
private final UserDetail userDetail;
@Autowired
public SecurityConfig(UserDetail userDetail) {
this.userDetail = userDetail;
}
@Bean
public static PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
@Bean
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
http.csrf(AbstractHttpConfigurer::disable)
.authorizeHttpRequests(authorize ->
authorize.anyRequest().authenticated())
.formLogin(form -> form
.loginPage("/login")
.loginProcessingUrl("/login")
.defaultSuccessUrl("/")
.permitAll())
.logout(logout -> logout
.logoutRequestMatcher(new AntPathRequestMatcher("/logout"))
.permitAll());
http.userDetailsService(userDetail);
return http.build();
}
}
型
UserDetail.java
@Service
@Slf4j
public class UserDetail implements UserDetailsService {
private final UserRepository userRepository;
@Autowired
public UserDetail(UserRepository userRepository) {
this.userRepository = userRepository;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
Optional<User> user = userRepository.findByEmailAddress(username);
if(user.isEmpty()){
throw new UsernameNotFoundException("This email address does not exists");
}
User existingUser = user.get();
log.info("Email Address: {}, Password: {}", existingUser.getEmailAddress(), existingUser.getPassword());
return new org.springframework.security.core.userdetails.User(
username,
existingUser.getPassword(),
Collections.singletonList(new SimpleGrantedAuthority(existingUser.getRole())));
}
}
型
MainController.java
@Controller
@Slf4j
public class MainController {
@GetMapping("/login")
public String login(){
return "login";
}
@GetMapping("/logout")
public String logout(){
return "redirect:/login";
}
}
型
login.html的核心片段
<div class="col-md-6 offset-md-3">
<div th:if="${param.error}">
<div class="alert alert-danger">Invalid Email or Password</div>
</div>
<div th:if="${param.logout}">
<div class="alert alert-success">You have been logged out.</div>
</div>
<div class="card">
<div class="card-header">
<h2 class="text-center">Login</h2>
</div>
<div class="card-body">
<form method="POST" role="form" th:action="@{/login}"
class="form-horizontal">
<div class="form-group mb-3">
<label class="control-label"> Email address</label> <label for="emailAddress"></label>
<input type="text" id="emailAddress" name="emailAddress" class="form-control" placeholder="Enter email address" />
</div>
<div class="form-group mb-3">
<label class="control-label"> Password</label> <label for="password"></label>
<input type="password" id="password" name="password" class="form-control" placeholder="Enter password" />
</div>
<div class="form-group mb-3">
<button type="submit" class="btn btn-primary">Login</button>
</div>
</form>
</div>
</div>
</div>
型
我试图在代码的多个部分设置日志记录,即使在控制器中,它也总是返回email:null和password:null,因此我认为这个函数没有被调用。
1条答案
按热度按时间cuxqih211#
我建议加入一个自定义的
AuthenticationProvider
,特别是DaoAuthenticationProvider
,因为它从数据库中检索细节。下面是一个示例代码片段:字符串
这是一个自定义的
DaoAuthenticationProvider
,用于在Spring Security配置中处理身份验证。orderAuthenticationProvider
方法使用指定的UserDetailsService
创建和配置DaoAuthenticationProvider
。