Spring安全登录 – WebSecurityConfigurerAdapter

huangapple 未分类评论45阅读模式
英文:

Spring security login - WebSecurityCongiurerAdapter

问题

我在数据库中存储了我的用户,用户类的样式如下:

@Entity
data class User(
        @Id
        @GeneratedValue(strategy = GenerationType.AUTO)
        val id: Long = 0,
        val joinDate: LocalDateTime,
        val userName: String,
        val firstName: String,
        val email: String,
        val password: String,
        @ManyToMany(fetch = FetchType.EAGER)
        @JoinTable(name = "users_roles", joinColumns = [JoinColumn(name = "user_id", referencedColumnName = "id")], inverseJoinColumns = [JoinColumn(name = "role_id", referencedColumnName = "id")])
        val roles: List<Role> = listOf(),
        @Column(name = "enabled")
        var enabled: Boolean = false
)
@Repository
interface UserRepository : JpaRepository<User, Long> {
    fun findByEmail(email: String): User?

    fun findByUserName(userName: String): User?
}

我已经设置好了注册部分,然而登录是我正在努力解决的部分。我在网上找到了几个示例,但它们都是针对硬编码登录的,我找不到任何适用于像我这样的数据库的示例。在过去我曾经做过类似的事情(几个月前,项目已不复存在),我记得我不仅仅是用PostMapping来完成的,还使用了下面这些方法:

@Override
public void configure(AuthenticationManagerBuilder auth)


@Override
public void configure(HttpSecurity http)

来自WebSecurityConfigurerAdapter。

如果有人知道我可以从哪里开始,那将非常感谢。谢谢。

英文:

I have my users stored in a database, the class for users looks like this

@Entity
data class User(
        @Id
        @GeneratedValue(strategy = GenerationType.AUTO)
        val id:Long = 0,
        val joinDate: LocalDateTime,
        val userName:String,
        val firstName:String,
        val email:String,
        val password:String,
        @ManyToMany(fetch = FetchType.EAGER)
        @JoinTable(name = &quot;users_roles&quot;, joinColumns = [JoinColumn(name = &quot;user_id&quot;, referencedColumnName = &quot;id&quot;)], inverseJoinColumns = [JoinColumn(name = &quot;role_id&quot;, referencedColumnName = &quot;id&quot;)])
        val roles:List&lt;Role&gt; = listOf(),
        @Column(name = &quot;enabled&quot;)
        var enabled:Boolean = false
)
@Repository
interface UserRepository:JpaRepository&lt;User, Long&gt; {
    fun findByEmail(email:String):User?

    fun findByUserName(userName:String):User?
}

I have got the registration setup, however the login is the part I am struggling with. I have found several examples online, however they are all for hard-coded logins, and I cannot find any for databases , like I have. I have done this in past ( months ago - no longer have project), and I remember not doing it just with a PostMapping thing, but with these methods

@Override
public void configure(AuthenticationManagerBuilder auth)

and

@Override
public void configure(HttpSecurity http)

from WebSecurityConfigurerAdapter.

If anyone knows where I can get started that would be much appreciated. Thanks

答案1

得分: 0

你可以通过以下方式配置你的 Web 适配器:

@Configuration
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
    
    @Autowired
    private UserDetailsService userDetailsService;

    @Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity.denyAll();
    }
    
    @Override
    @Bean
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }
    
    @Override
    @Autowired
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(this.userDetailsService);
    }
}

在用户详细信息服务中,你可以验证用户详细信息:

public class UserDetailsService implements UserDetailsService {
    
    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        // 这应该返回 Spring Security 用户详细信息,并在未找到时抛出错误
    }
}
英文:

You can configure your web adapter this way:

@Configuration
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
	
	@Autowired
	private UserDetailsService userDetailsService;

	@Override
	protected void configure(HttpSecurity httpSecurity) throws Exception {
		httpSecurity.denyAll();
	}
	
	@Override
	@Bean
	public AuthenticationManager authenticationManagerBean() throws Exception {
		return super.authenticationManagerBean();
	}
	
	@Override
	@Autowired
	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
		auth.userDetailsService(this.userDetailsService);
	}

}

In user details service, you can verify the user details:

public class UserDetailsService implements UserDetailsService {

	@Override
	public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {

	 // this should return spring security user details, and throw an error if not found
	}

}

huangapple
  • 本文由 发表于 2020年7月26日 19:12:14
  • 转载请务必保留本文链接:https://java.coder-hub.com/63099326.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定