在Spring security 5中出现了一个接口(interface)ReactiveUserDetailsService .
现在我的问题是如何使用以下方法实现 UserDetailsService:
- Spring-data-Mongo
- Spring 安全 (5)
我有(内存中存储的用户)
@Bean
public MapReactiveUserDetailsService userDetailsService() {
UserDetails user = User.withDefaultPasswordEncoder().username("test").password("password").roles("USER").build();
UserDetails admin = User.withDefaultPasswordEncoder().username("admin").password("admin").roles("USER", "ADMIN").build();
return new MapReactiveUserDetailsService(user, admin);
}
我想要的:
@Document(collection = "user")
public class User implements UserDetails {
@Id
private Long id;
private LocalDate createdAt;
private String username;
private String password;
private boolean accountNonLocker;
private boolean enabled;
@DBRef
private List<GrantedAuthority> grantedAuthorities;
//getters and setters
}
@Component
public class SecUserDetailsService implements ReactiveUserDetailsService {
}
而且我不知道如何实现它。在网络上找不到任何资源。
最佳答案
已经找到解决方法:
UseAccount类中实现UserDetails接口(interface),并创建实现GrantedAuthority接口(interface)的Role类:
作用
@Data
@Document
public class Role implements GrantedAuthority {
@Id
private String id;
@Override
public String getAuthority() {
return id;
}
}
使用帐号
@Data
@Builder
@NoArgsConstructor
@AllArgsConstructor
@Document
public class UserAccount implements UserDetails {
@Id
private String id;
private String username;
private String password;
private String firstName;
private String lastName;
private String idnp;
@Email
private String email;
@Builder.Default()
private boolean active = true;
@Builder.Default()
@DBRef
private List<Role> roles = new ArrayList<>();
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return roles;
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return active;
}
@Override
public boolean isAccountNonLocked() {
return active;
}
@Override
public boolean isCredentialsNonExpired() {
return active;
}
@Override
public boolean isEnabled() {
return active;
}
@Override
public String getName() {
return firstName + " " + lastName;
}
}
@Configuration
@EnableWebFluxSecurity
public class SecurityConfiguration {
@Bean
SecurityWebFilterChain springWebFilterChain(ServerHttpSecurity http) {
return http
.csrf().disable()
.authorizeExchange()
.pathMatchers("/login", "/logout").permitAll()
.pathMatchers("/i18n/**",
"/css/**",
"/fonts/**",
"/icons-reference/**",
"/img/**",
"/js/**",
"/vendor/**").permitAll()
.anyExchange()
.authenticated()
.and()
.formLogin()
.loginPage("/login")
.and()
.logout()
.logoutUrl("/logout")
.and()
.build();
}
//in case you want to encrypt password
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
}
@Component
public class SecUserDetailsService implements ReactiveUserDetailsService {
@Autowired
public ReactiveUserAccountRepository reactiveUserAccountRepository;
@Override
public Mono<UserDetails> findByUsername(String username) {
Mono<UserAccount> data = reactiveUserAccountRepository.findByUsername(username);
return data.cast(UserDetails.class);
}
}
关于java - 如何使用 MongoDB 实现 ReactiveUserDetailsService,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/47570125/