如何解决Spring Security中如何通过用户ID查询用户
我有一个带有Spring Security的Spring Boot应用程序,其中扩展了org.springframework.security.core.userdetails.User类以创建自定义用户对象。我是硬编码用户,因为我只需要几个来测试一些功能。我根据用户ID或电子邮件ID查询并获取某个用户,这是我添加的自定义变量?有没有一种方法可以执行此操作而无需切换到jdbc身份验证等,因为我觉得它可能会使它变得过于复杂了?
我的自定义用户类别:
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.User;
import java.util.Collection;
import java.util.List;
public class Guest extends User {
public Guest(String username,String password,boolean enabled,boolean accountNonExpired,boolean credentialsNonExpired,boolean accountNonLocked,Collection<? extends GrantedAuthority> authorities) {
super(username,password,enabled,accountNonExpired,credentialsNonExpired,accountNonLocked,authorities);
}
private long id;
private String firstName;
private String lastName;
private String emailAddress;
private String phoneNumber;
//some getters and setters
public Guest(long id,String firstName,String lastName,String emailAddress,String phoneNumber,String username,List<GrantedAuthority> authorities,boolean accountNonLocked) {
super(username,authorities) ;
this.id=id;
this.firstName=firstName;
this.lastName=lastName;
this.emailAddress=emailAddress;
this.phoneNumber=phoneNumber;
}
}
我的新userdetailsService类:
@Service("userDetailsService")
public class MyUserDetailsService implements UserDetailsService {
private static List<Guest> users = new ArrayList();
public MyUserDetailsService() {
//hard-coding users
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
//building user here
}
SecurityConfig.java
@Configuration
@EnableWebSecurity
public class ApplicationSecurityConfiguration extends WebSecurityConfigurerAdapter{
@Autowired
@Qualifier("userDetailsService")
private UserDetailsService userDetailsService;
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
};
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder());
}
@Override
protected void configure(HttpSecurity http) throws Exception {
//authorization logic here
}
}
解决方法
您可以像下面的示例那样使用硬编码的值来做..如果需要进行模拟实现
public UserDetails loadUserByUsername(String userName){
//use your custom 'List<Guest> users' hardcoded values to create User object
User user = new User(username,password,enabled,accountNonExpired,credentialsNonExpired,accountNonLocked,authorities);
return user;
}
注意:-loadUserByUsername(String username)..这里的userName可以是userToken,其中包含您想要作为参考的任何信息。 (通常用于查询db来获取usrname并通过它的查询)..在这种情况下,可以说id ..一旦获得上面的id(作为userToken / userName),就可以与您的来宾列表进行比较以加载User对象
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。