Dav*_*idT 6 java spring spring-security oauth-2.0 jhipster
我正在寻找一种使用电子邮件/密码作为身份验证的方法,而不是默认的登录名(用户名)/ 密码.
我正在使用spring security oauth2.
这可能吗?我允许为用户更改电子邮件.
谷歌不是我的朋友.
我的代码也没有黑客攻击:当在登录列中放入相同的电子邮件时,我收到了身份验证错误
在'com.example.myjhipster.security.UserDetailsService'中找到('mine')解决方案
@Override
@Transactional
public UserDetails loadUserByUsername(final String login) {
log.debug("Authenticating {}", login);
String lowercaseLogin = login.toLowerCase();
// Optional<User> userFromDatabase = userRepository.findOneByLogin(login);
Optional<User> userFromDatabase = userRepository.findOneByEmail(login);
return userFromDatabase.map(user -> {
if (!user.getVerified()) {
throw new UserNotActivatedException("User " + lowercaseLogin + " was not activated");
}
List<GrantedAuthority> grantedAuthorities = user.getAuthorities().stream()
.map(authority -> new SimpleGrantedAuthority(authority.getName()))
.collect(Collectors.toList());
// return new org.springframework.security.core.userdetails.User(lowercaseLogin,
return new org.springframework.security.core.userdetails.User(user.getLogin(),
user.getPassword(),
grantedAuthorities);
}).orElseThrow(() -> new UsernameNotFoundException("User " + lowercaseLogin + " was not found in the database"));
}
| 归档时间: |
|
| 查看次数: |
2298 次 |
| 最近记录: |