spring-boot - 如何在春季启动中检查帐户活动邮件?
问题描述
我在 Spring Boot 中使用 smtp 邮件进行注册,但是登录时我无法检查帐户是否处于活动状态,我将 AuthenticationSuccessHandler 添加到 Spring Security 但是当帐户处于活动状态时我无法删除 JSESSIONID,这是我的代码:
public class CustomAuthenticationSuccessHandler
implements AuthenticationSuccessHandler {
@Autowired
UserServiceImpl userService;
@Override
public void onAuthenticationSuccess(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Authentication authentication) throws IOException, ServletException {
String username = authentication.getName();
User user = userService.findUserActiveByUsername(username);
if(user!=null){
httpServletResponse.sendRedirect("/home");
}
else {
Cookie cookie = new Cookie("JSESSIONID", null);
cookie.setMaxAge(0);
cookie.setSecure(true);
cookie.setHttpOnly(true);
cookie.setPath("/");
httpServletResponse.addCookie(cookie);
httpServletResponse.sendRedirect("/login?message=error1");
}
}
}
弹簧安全:
http.authorizeRequests().antMatchers("/confirm-account**","/registration**", "/js/**", "/css/**", "/img/**", "/webjars/**", "/icons/**", "/dist/**",
"/linechar/**", "/plugins/**", "/bootstrap/**","/apis/**","/cart**","/product**","/products**","/images/**","/**").permitAll()
.antMatchers("/admin/**").hasRole("ADMIN")
.and().formLogin()
.loginPage("/login")
// .defaultSuccessUrl("/home")//
.successHandler(authenticationFailureHandler())
.failureUrl("/login?message=error")//
.permitAll().and()
.logout().invalidateHttpSession(true).clearAuthentication(true)
.logoutRequestMatcher(new AntPathRequestMatcher("/logout")).logoutSuccessUrl("/login?message=logout")
.permitAll();
存储库:
@Query(value = "select * from user where username=?1 and enabled=1",nativeQuery = true)
User getUserByUserActiveName(String username);
解决方案
推荐阅读
- linux - 无法找到默认 shell 为 bash 的常规文件,但当它是 ksh 时可以工作
- linux - 在 Bash 脚本中将文件内容作为密码参数传递
- matlab - 制定没有图像的 MatLab 深度神经网络
- python - 会话对象上的 Flask 会话(文件系统)UnPicklingError,是否有大小限制或者我是否有损坏?
- c# - 导航后重新创建页面/列表视图。PushAsync Xamarin.forms
- javascript - 录制时未捕获会议中所有用户的音频
- javascript - Firestore Timestamp.fromDate 不是 UTC
- django - 是否可以覆盖 Django 针对 UniqueConstraint 错误显示的错误消息?(完整性错误)
- javascript - 找不到模块'react-native'
- python - 过滤一个 numpy 数组以仅保留运行的最小值?