登录?登录后出错,没有消息

sdnqo3pr  于 2021-07-16  发布在  Java
关注(0)|答案(1)|浏览(244)

我有以下问题,我有简单的注册和登录到成功注册后与 Spring 安全网站(用户添加到数据库我添加屏幕下面)

当我想登录时,我只需进入url:
http://localhost:8080/登录?错误
我不知道是什么错用户名和密码是正确的
这是my view login.html

<form method="POST" th:action="@{/login}" id="loginForm">
    <div class="form-group">
    <label for="username">Nazwa użytkownika: </label>
    <input type="text" name="username" id="username" class="form-control">
    </div>
    <div class="form-group">
    <label for="password">Hasło: </label>
    <input type="password" name="password" id="password" class="form-control">
    </div>
    <br>
    <div class="form-group">
    <input type="submit" value="Zaloguj się" class="btn btn-primary">
    </div>
    <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form>

和securityconfig

package my.taco.web;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;

@Configuration
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {

    @Autowired
    private UserDetailsService userDetailsService;

    @Bean
    public PasswordEncoder encoder(){
        return new BCryptPasswordEncoder();
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception{
        auth
                .userDetailsService(userDetailsService)
                .passwordEncoder(encoder());
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception{
        http
                .authorizeRequests()
                .antMatchers("/design","/orders").access("hasRole('ROLE_USER')")
                .antMatchers("/","/**").access("permitAll")
                .and()
                .formLogin()
                .loginPage("/login")
                .usernameParameter("username")
                .passwordParameter("password")
                .defaultSuccessUrl("/design",true)
                .and()
                .logout()
                .logoutSuccessUrl("/");

    }

    @Override
    public void configure(WebSecurity web){
        web
                .ignoring()
                .antMatchers("/h2/**");
    }

}

我需要添加一些像日志控制器之类的东西?我是Spring的菜鸟谢谢大家的帮助。
添加了实现userdetailsservice以回复注解

package my.taco.services;

import my.taco.data.UserRepository;
import my.taco.models.User;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;

@Service
public class UserRepositoryUserDetailsService implements UserDetailsService {
    private UserRepository userRepo;

    @Autowired
    public UserRepositoryUserDetailsService(UserRepository userRepo){
        this.userRepo=userRepo;
    }

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException{
        User user=userRepo.findByUsername(username);
        if(user!=null){
            return user;
        }
        throw new UsernameNotFoundException("Użytkwonik "+username+ " nie został znaleziony");
    }
}

添加的用户类

package my.taco.models;

import lombok.AccessLevel;
import lombok.Data;
import lombok.NoArgsConstructor;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import java.util.Arrays;
import java.util.Collection;

@Entity
@Data
@NoArgsConstructor(access = AccessLevel.PRIVATE,force = true)
@RequiredArgsConstructor
public class User implements UserDetails {

    private static final long serialVersionUID=1L;

    @Id
    @GeneratedValue(strategy = GenerationType.IDENTITY)
    private long id;

    private final String username;
    private final String password;
    private final String fullname;
    private final String street;
    private final String city;
    private final String state;
    private final String zip;
    private final String phoneNumber;

    @Override
    public Collection<? extends GrantedAuthority> getAuthorities(){
        return Arrays.asList(new SimpleGrantedAuthority("ROLE_USER"));
    }
    @Override
    public boolean isAccountNonExpired(){
        return true;
    }
    @Override
    public boolean isAccountNonLocked(){
        return true;
    }
    @Override
    public boolean isCredentialsNonExpired(){
        return true;
    }
    @Override
    public boolean isEnabled(){
        return true;
    }
}
bmp9r5qi

bmp9r5qi1#

您好,在这种情况下,我建议您实现userdetailsservice:

@Service("userDetailsService")
public class UserDetailsServiceImpl implements UserDetailsService {

    private final LoginService loginService;

    @Autowired
    public UserDetailsServiceImpl(LoginService loginService) {
        this.loginService = loginService;
    }

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        LoginDto user = loginService.findUserByUsername(username);

        if (user == null) {
            throw new UsernameNotFoundException(username + " not found");
        }

        return new User(user.getUsername(), user.getPassword(), List.of(new SimpleGrantedAuthority(user.getRole())));
    }
}

您应该在 loadUserByUsername 方法,这将使您清楚地了解您的问题:所需的用户名没有出现,数据库中没有用户或其他内容。请记住 User 从包中删除类 org.springframework.security.core.userdetails . 祝您有个美好的一天

相关问题