spring-boot - 编码密码看起来不像来自 Db 的 BCrypt
问题描述
我正在使用 Spring Security 执行简单的登录和注销操作,所有用户都存储在我的数据库中在此处输入图像描述
问题是每次我尝试登录时都会收到一条错误消息,提示“编码的密码看起来不像 BCrypt”,但它在我的数据库中编码。
安全配置.java
@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private CustomUserDetailService customUserDetailService;
@Override
public void configure(AuthenticationManagerBuilder authenticationManagerBuilder) throws Exception {
authenticationManagerBuilder
.userDetailsService(customUserDetailService)
.passwordEncoder(passwordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers(HttpMethod.OPTIONS,"/**").permitAll()
.anyRequest().authenticated()
.and()
.httpBasic();
}
@Bean
CorsConfigurationSource corsConfigurationSource() {
UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
source.registerCorsConfiguration("/**", new CorsConfiguration().applyPermitDefaultValues());
return source;
}
@Bean
public BCryptPasswordEncoder passwordEncoder(){
return new BCryptPasswordEncoder();
}
}
用户控制器.java
@RestController
@RequestMapping("/users")
@PreAuthorize("hasAnyRole('ADMIN')")
public class UserController {
@Autowired
private UserService userService;
@Autowired
private BCryptPasswordEncoder passwordEncoder;
@RequestMapping(method = RequestMethod.GET)
public Collection<User> getAllUser(){
return userService.getAllUser();
}
@RequestMapping(value = "/{id}", method = RequestMethod.GET)
public User getAllUserById(@PathVariable("id") long id){
return userService.getUserById(id);
}
@RequestMapping(value = "/email/{userEmail}", method = RequestMethod.GET)
public User getUserByUserEmail(@PathVariable ("userEmail") String userEmail){
return userService.getUserByEmail(userEmail);
}
@RequestMapping(value = "/{id}", method = RequestMethod.DELETE)
public String deleteUserById(@PathVariable("id") long id){
userService.removeUserById(id);
return "User has been deleted Successfully";
}
@RequestMapping(value = "/{id}", method = RequestMethod.PUT)
public String updateCoordinatorById(@RequestBody User user, @PathVariable("id") long id){
String pwd = user.getUserPassword();
String encryptPwd = passwordEncoder.encode(pwd);
user.setUserPassword(encryptPwd);
userService.updateUser(user,id);
return "User has been updated Successfully";
}
@RequestMapping(method = RequestMethod.POST)
public String insertCoordinator(@RequestBody User user){
String pwd = user.getUserPassword();
String encryptPwd = passwordEncoder.encode(pwd);
user.setUserPassword(encryptPwd);
userService.insertUser(user);
return "User added Successfully";
}
}
CustomerUserDetailsService.java
@Service
public class CustomUserDetailService implements UserDetailsService {
private UserDao userDao;
public CustomUserDetailService(UserDao userDao){
this.userDao = userDao;
}
@Override
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
User user = this.userDao.findUserByUserEmail(email);
CustomUserDetail userDetail =null;
if(user !=null){
userDetail= new CustomUserDetail();
userDetail.setUser(user);
}else{
throw new UsernameNotFoundException("user not exist with email: " +email);
}
return userDetail;
}
}
CustomUserDetail.java
@Data
public class CustomUserDetail implements UserDetails {
private User user;
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return user.getRoles().stream().map(r -> new
SimpleGrantedAuthority("ROLE_"+r)).collect(Collectors.toList());
}
@Override
public String getPassword() {
return user.getUserPassword();
}
@Override
public String getUsername() {
return user.getUserEmail();
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return this.user.getUserIsActive() == 1;
}
}
用户.java
@Data
@Entity
public class User{
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private Long id;
@Column(nullable = false)
private int userId;
@Column(nullable = false)
private String userSurname;
@Column(nullable = false)
private String userOtherName;
@Column(nullable = false)
private String userEmail;
private String userPassword;
private int userIsActive;
@OneToMany(cascade = CascadeType.ALL, fetch = FetchType.EAGER)
@JoinTable(name = "user_role", joinColumns = @JoinColumn(name = "user_id"), inverseJoinColumns = @JoinColumn(name = "role_id"))
private Set<Role> roles;
public String getUserPassword(){
return getUserSurname();
}
}
用户服务.java
@Service
public class UserService {
@Autowired
private UserDao userDao;
public Collection<User> getAllUser(){
return userDao.findAll();
}
public User getUserById(long id){
return userDao.findById(id).get();
}
public void removeUserById(long id){
userDao.deleteById(id);
}
public User updateUser(User user,long id){
return userDao.findById(id).map(user1 -> {
user1.setUserSurname(user.getUserSurname());
user1.setUserOtherName(user.getUserOtherName());
user1.setUserEmail(user.getUserEmail());
user1.setUserPassword(user.getUserPassword());
user1.setId(user.getId());
user1.setUserId(user.getUserId());
user1.setRoles(user.getRoles());
return userDao.save(user1);
}).orElseGet(() -> {
user.setId(id);
return userDao.save(user);
});
}
public void insertUser(User user) {
userDao.save(user);
}
public User getUserByEmail(String email){
return userDao.findUserByUserEmail(email);
}
}
解决方案
推荐阅读
- ios - 如何将在构建阶段创建的文件添加为捆绑资源?
- java - queued-work-looper Handler 在主线程上发布 Runnable 时创建的线程
- r - 查找长度不等的数据帧之间的最近坐标
- google-apps-script - 需要映射与 Excel 相同的图像名称并带有扩展名
- geoserver - 如何连接两个 Lightsail 实例,以便我可以从一个实例获取数据到另一个实例?
- sql - 如何快速获取 SQL 中存储过程的 last_elapsed_time
- tensorflow-federated - 编写 tensorflow 联合聚合函数(例如,tff.federated_mean)
- javascript - 查找字符串中存在的数组元素
- java - Spring boot:下载带有特殊字符的csv文件数据
- ansible - 选择attr中的Ansible jinja2转义点键