# Spring Security
自定义登录
package com.demo.services;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.UsernamePasswordAuthentication;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
public class Auth {
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;
public User authenticateUsernameAndPassword(String username, String password) {
try {
// User user = userService.findByUsername(username);
User user = userDetailsService.loadUserByUsername(username);
if (user != null && bCryptPasswordEncoder.matches(password, user.getPassword())) {
return user;
}
} catch (UserNotFoundException e) {
e.printStackTrace();
}
return null;
}
public void authWithUser(HttpServletRequest request, User user) {
if (user == null) {
throw new Exception("Invalid username or password");
}
UsernamePasswordAuthentication authentication = new UsernamePasswordAuthentication(user, password,
user.getAuthorities());
authentication.setDetails(new WebAuthenticationDetails(request));
SecurityContextHolder.getContext().setAuthentication(authentication);
HttpSession session = request.getSession();
session.setAttribute(Constants.SESSION_KEY_AUTHENTICATION, authentication);
}
public void login(String username, String password, HttpServletRequest request, HttpServletResponse response) {
User user = authenticateUsernameAndPassword(username, password);
authWithUser(request, user);
// response.sendRedirect("/");
}
}
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
← 启动顺序 Spring MVC起步 →