SpringSecurity user account has been locked
01 Abnormal occurrence scenario
- When I customize the login interface
- The following are the implementation classes of my UserDetailsService and UserDetails interfaces
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
private MsUserServiceImp msUserServiceImp;
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
LambdaQueryWrapper<MsUser> qw=new LambdaQueryWrapper<>();
qw.eq(MsUser::getUsername,username);
MsUser user = msUserServiceImp.getOne(qw);
LoginUser loginUser = new LoginUser();
loginUser.setMsUser(user);
return loginUser;
}
}
@Data
@NoArgsConstructor
@AllArgsConstructor
public class LoginUser implements UserDetails {
private MsUser msUser;
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return null;
}
@Override
public String getPassword() {
return msUser.getPassword();
}
@Override
public String getUsername() {
return msUser.getUsername();
}
@Override
public boolean isAccountNonExpired() {
return false;
}
@Override
public boolean isAccountNonLocked() {
return false;
}
@Override
public boolean isCredentialsNonExpired() {
return false;
}
@Override
public boolean isEnabled() {
return false;
}
}
02 Reasons for the problem
- The default method of the overridden UserDetails class returns false
1.isAccountNonExpired()
- Determine whether the account has expired
2.isAccountNonLocked()
- Determine if account is locked
3.isCredentialsNonExpired()
- Whether the credentials have expired or not, that is, whether the login time has expired.
4.isEnabled()
03 Solution
- You can avoid being locked by setting the above methods, that is, all methods, in the implementation class of the UserDetails interface to true.