我目前正在使用swagger测试我的spring boot应用程序的api,当我输入不匹配的密码,甚至是一个大小超出了这个大小的界限(最小值=5,最大值=15)的密码时,我并没有得到预期的404错误代码。其他实体变量的其他错误被正确捕获,但密码似乎没有任何错误。在我下面的实体中,我可能有不正确的plainpassword和repeatpassword来匹配吗?因为@passwordmatch注解似乎没有完成我所期望的比较plainpassword和repeatpassword的工作。
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
import javax.persistence.Transient;
import javax.persistence.UniqueConstraint;
import javax.validation.constraints.Email;
import javax.validation.constraints.NotBlank;
import javax.validation.constraints.Size;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import com.bcore.hw.validation.PasswordMatch;
import lombok.NoArgsConstructor;
import lombok.Data;
@Entity
@Table(name="users", uniqueConstraints={@UniqueConstraint(columnNames = {"email"})})
@PasswordMatch(message="{register.repeatPassword.mismatch}")
@NoArgsConstructor
@Data
public class SiteUser {
@Id
@GeneratedValue(strategy=GenerationType.AUTO)
private Long userId;
@Column(name="email", unique=true)
@Email(message="{register.email.invalid}")
@NotBlank(message="{register.email.invalid}")
private String email;
@Transient // meaning it will not be saved in DB
@Size(min=5, max=15, message="{register.password.size}")
private String plainPassword; //unencrytped
@Transient
private String repeatPassword;
@Column(name="password", length=60)
private String password;
@Column(name="role", length=20)
private String role;
@Column(name="enabled")
private Boolean enabled = false;
public void setPlainPassword(String plainPassword) {
//System.out.println("PASSWORD BEFORE " + plainPassword);
this.password = new BCryptPasswordEncoder().encode(plainPassword);
//System.out.println("HERE IS PASSWORD" + this.password + "PASSWORD LENGTH = " + (this.password).length());
this.plainPassword = plainPassword;
}
}使用自定义验证程序更新:
所以现在我有了passwordmatch.java和passwordmatchvalidator.java,但是对于如何在实体中设置@prepersist和@preupdate注解有点困惑:
package com.bcore.hw.validation;
import static java.lang.annotation.ElementType.TYPE;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
import java.lang.annotation.Documented;
import java.lang.annotation.Retention;
import java.lang.annotation.Target;
import javax.validation.Constraint;
import javax.validation.Payload;
@Target(TYPE)
@Retention(RUNTIME)
@Constraint(validatedBy=PasswordMatchValidator.class)
@Documented
public @interface PasswordMatch {
String message() default "{error.password.mismatch}";
Class<?>[] groups() default {};
Class<? extends Payload>[] payload() default {};
}
package com.bcore.hw.validation;
import javax.validation.ConstraintValidator;
import javax.validation.ConstraintValidatorContext;
import com.bcore.hw.model.SiteUser;
public class PasswordMatchValidator implements ConstraintValidator<PasswordMatch, SiteUser>{
@Override
public void initialize(PasswordMatch p) {
}
public boolean isValid(SiteUser user, ConstraintValidatorContext c) {
String plainPassword = user.getPlainPassword();
String repeatPassword = user.getRepeatPassword();
if(plainPassword == null || !plainPassword.equals(repeatPassword)) {
return false;
}
return true;
}
}当前在实体中,可以在类定义之前看到@passwordmatch,但这不起作用。所以,@prepersist和@preupdate只用于实体方法定义,但是我应该在它们下面放置什么方法呢?从passwordmatch接口调用isvalid()方法?不确定此时在实体中执行什么操作。
1条答案
按热度按时间sy5wg1nm1#
这似乎是这个错误在开放状态,因为
@Transient领域