[英]JPA - Java Spring Boot - problems finding account with password encoding?
I am new to JPA - I've started to build a user system and added the encoding bean to my pom. 我是JPA的新手-我已经开始构建用户系统并将编码bean添加到我的pom中。
When I do a search on the table for just an email address - it finds the user and comes back with the data. 当我在表格上仅搜索电子邮件地址时,它会找到用户并返回数据。
TblLogin acc = tblLoginRepository.findByEmail(email);
and the repo I have for this is as follows. 我为此的回购如下。
public interface TblLoginRepository extends JpaRepository<TblLogin, String> {
TblLogin findByEmail(String email) throws Exception;
}
-- when I try and do a look up with the password encoded it doesn't find the user - and I am not sure why as the data appears correct? -当我尝试使用编码的密码进行查找时,找不到用户-而且我不确定为什么数据看起来正确吗?
with password 带密码
TblLogin checkAccount = tblLoginRepository.findByEmailAndPassword(email,passwordEncoder.encode(password));
repo2 回购2
public interface TblLoginRepository extends JpaRepository<TblLogin, String> {
TblLogin findByEmail(String email) throws Exception;
TblLogin findByEmailAndPassword(String email, String password) throws Exception;
}
-- -
is it because my type for password has changed? 是因为我的密码类型已更改? - should it be checking for something else... -是否应检查其他事项...
I don't exactly know how you did implement it. 我不完全知道您是如何实现的。 Make sure about few things while implementing that functionality. 在实现该功能时,请确保几件事。
1 - register PasswordEncoder bean: 1-注册PasswordEncoder bean:
public PassordEncoder encoder() {
return new BCryptPasswordEncoder(11, new SecureRandom("seed".getBytes("UTF-8)));
}
depend on custom "seed" (for security reasons) 取决于自定义的“种子”(出于安全原因)
2 - make sure you are encoding within same character charset. 2-确保您在同一字符字符集中编码。 As said earlier... I do not know HOW you retrieve your password that you are hashing. 如前所述,...我不知道您如何检索哈希的密码。 Give a try construction (ugly) as follows: 进行如下尝试的构造(难看):
String passwordToHash = new String(password.getBytes("UTF-8"));
3 - How do you store hash in your DB? 3-如何将哈希存储在数据库中? Can you verify whether hash that you generate during "save" process and the one you are having stored after that process is the same? 您可以验证在“保存”过程中生成的散列与在该过程之后存储的散列是否相同吗?
Hope it helps. 希望能帮助到你。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.