英文:
Spring security login - WebSecurityCongiurerAdapter
问题
我在数据库中存储了我的用户,用户类的样式如下:
@Entity
data class User(
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
val id: Long = 0,
val joinDate: LocalDateTime,
val userName: String,
val firstName: String,
val email: String,
val password: String,
@ManyToMany(fetch = FetchType.EAGER)
@JoinTable(name = "users_roles", joinColumns = [JoinColumn(name = "user_id", referencedColumnName = "id")], inverseJoinColumns = [JoinColumn(name = "role_id", referencedColumnName = "id")])
val roles: List<Role> = listOf(),
@Column(name = "enabled")
var enabled: Boolean = false
)
@Repository
interface UserRepository : JpaRepository<User, Long> {
fun findByEmail(email: String): User?
fun findByUserName(userName: String): User?
}
我已经设置好了注册部分,然而登录是我正在努力解决的部分。我在网上找到了几个示例,但它们都是针对硬编码登录的,我找不到任何适用于像我这样的数据库的示例。在过去我曾经做过类似的事情(几个月前,项目已不复存在),我记得我不仅仅是用PostMapping来完成的,还使用了下面这些方法:
@Override
public void configure(AuthenticationManagerBuilder auth)
和
@Override
public void configure(HttpSecurity http)
来自WebSecurityConfigurerAdapter。
如果有人知道我可以从哪里开始,那将非常感谢。谢谢。
英文:
I have my users stored in a database, the class for users looks like this
@Entity
data class User(
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
val id:Long = 0,
val joinDate: LocalDateTime,
val userName:String,
val firstName:String,
val email:String,
val password:String,
@ManyToMany(fetch = FetchType.EAGER)
@JoinTable(name = "users_roles", joinColumns = [JoinColumn(name = "user_id", referencedColumnName = "id")], inverseJoinColumns = [JoinColumn(name = "role_id", referencedColumnName = "id")])
val roles:List<Role> = listOf(),
@Column(name = "enabled")
var enabled:Boolean = false
)
@Repository
interface UserRepository:JpaRepository<User, Long> {
fun findByEmail(email:String):User?
fun findByUserName(userName:String):User?
}
I have got the registration setup, however the login is the part I am struggling with. I have found several examples online, however they are all for hard-coded logins, and I cannot find any for databases , like I have. I have done this in past ( months ago - no longer have project), and I remember not doing it just with a PostMapping thing, but with these methods
@Override
public void configure(AuthenticationManagerBuilder auth)
and
@Override
public void configure(HttpSecurity http)
from WebSecurityConfigurerAdapter.
If anyone knows where I can get started that would be much appreciated. Thanks
答案1
得分: 0
你可以通过以下方式配置你的 Web 适配器:
@Configuration
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.denyAll();
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
@Autowired
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(this.userDetailsService);
}
}
在用户详细信息服务中,你可以验证用户详细信息:
public class UserDetailsService implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// 这应该返回 Spring Security 用户详细信息,并在未找到时抛出错误
}
}
英文:
You can configure your web adapter this way:
@Configuration
public class WebSecurityConfiguration extends WebSecurityConfigurerAdapter {
@Autowired
private UserDetailsService userDetailsService;
@Override
protected void configure(HttpSecurity httpSecurity) throws Exception {
httpSecurity.denyAll();
}
@Override
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
@Override
@Autowired
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(this.userDetailsService);
}
}
In user details service, you can verify the user details:
public class UserDetailsService implements UserDetailsService {
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
// this should return spring security user details, and throw an error if not found
}
}
专注分享java语言的经验与见解,让所有开发者获益!
评论