SpringSecurity custom user password verification - Code World

SpringSecurity custom user password verification

Others 2020-04-11 16:43:12 views: null

After my user password is entered in the foreground, it needs to be encrypted and compared with the user name association, so the implementation class of AuthenticationProvider is rewritten for processing;

@Component
public class MyAuthenticationProvider implements AuthenticationProvider {

    @Autowired
    private ISysUserService iSysUserService;
    @Autowired
    private PasswordEncorder passwordEncorder;

    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        String username = authentication.getName();
        String presentedPassword = (String)authentication.getCredentials();
        UserDetails userDeatils = null;
        // Acquire user information based on user name 
        SysUser sysUser = this .iSysUserService.getUserByName (username);
         if (StringUtils.isEmpty (sysUser)) {
             throw  new BadCredentialsException ("Username does not exist" ); 
        } else { 
            userDeatils = new User ( username, sysUser.getPassword (), AuthorityUtils.commaSeparatedStringToAuthorityList ("USER" )); 
            // Custom encryption rules, user name, input password and salt value stored in the database are encrypted 
            String encodedPassword = PasswordUtil.encrypt (username, presentedPassword , sysUser.getSalt ());
             if(authentication.getCredentials () == null ) {
                 throw  new BadCredentialsException ("Login name or password error" ); 
            } else  if (! this .passwordEncorder.matches (encodedPassword, userDeatils.getPassword ())) {
                 throw  new BadCredentialsException (" Incorrect login or password " ); 
            } else { 
                UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken (userDeatils, authentication.getCredentials (), userDeatils.getAuthorities ()); 
                result.setDetails (authentication.getDetails ());
                return result;
            }
        }
    }

    @Override
    public boolean supports(Class<?> authentication) {
        return true;
    }
}

Then enable it in SecurityConfiguration

@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
    auth.authenticationProvider(this.myAuthenticationProvider);
}

Guess you like

Origin www.cnblogs.com/brucebai/p/12680494.html

SpringSecurity custom user password verification

SpringSecurity performs custom Token verification

Springboot and Springsecurity authorization verification, and user login

SpringSecurity user authentication three ways to set the user name and password

The Shrio framework implements custom password verification rules

SpringSecurity series of custom login verification result of treatment success and failure

SpringSecurity-7-Custom AuthenticationProvider implements graphic verification code

springsecurity + session sharing + redis user login, permission verification,

springsecurity extend custom session management - Provides administrators kicked user calls

how to disable password after inheriting AbstractUser to make a custom user

SpringSecurity custom UsernamePasswordAuthenticationFilter

SpringSecurity custom forms login

SpringSecurity anonymous user access

[Java exercise] Implement a simple console version user login program, the program starts to prompt the user to enter the user name and password. If the user name and password are wrong, use a custom exception method to handle

uniapp custom input box, realize verification code input box, password input box, compatible with WeChat applet

Springboot user registration, password recovery email verification code is stored in redis, valid for three minutes

Write a system (login, register, verify username, password and verification code, overwrite storage user)

Koa Learning 4: Password encryption, login verification, token issuance, user authentication

27. The user registration scenarios: Data Validation (2): custom validation tag, regular verification

Custom verification in Laravel, such as ID verification

CAS password encryption verification

js verification password

Vue password verification

Password strength verification toolkit

ubuntu Change Password user password

antd + react custom verification

go gin custom verification

04 user registration verification

User login information verification

User addition and data verification

Recommended

The United States plans to restrict the export of large AI models to China and Russia

Apple to reach agreement with OpenAI to bring ChatGPT to iPhone

Ranking

whisper-webui installation tutorial is silky and easy to use

[Base] Laravel concepts laravel basis, the custom service provider: Contracts, ServiceContainer, ServiceProvider, Facades relations

Import torchvision error problem solving DLL: module not found

observer & watch & notify = pub & sub

A small turntable program [HTML + CSS + JS]

CorelDRAW 2018 shortcuts Daquan

Supervise el botón de menú para lograr un gatillo de presión prolongada

JS将时间秒转换成天小时分钟秒的字符串

RIP basic configuration

[Deleted] solution to a problem a few questions (Noip1994)

Daily

More

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)

2024-05-03(8)

2024-05-02(0)