[英]How to store hashed password in database?
Here are my register controller and user service.这是我的注册 controller 和用户服务。 Why can I not store my password in my database?为什么我不能将密码存储在我的数据库中?
When I'm using Postman it returns values of the hashed password, but when I check my database it only stores the "email" and the password is null.当我使用 Postman 时,它返回散列密码的值,但是当我检查我的数据库时,它只存储“电子邮件”并且密码是 null。 Why?为什么? Should I create another table Password to store them?我应该创建另一个表密码来存储它们吗?
package demo2.demo.Controller;
import demo2.demo.data.model.User;
import demo2.demo.data.service.UserService;
import demo2.demo.model.dto.UserDTO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;
@RestController
public class LoginController {
@Autowired
private UserService userService;
@Autowired
private PasswordEncoder passwordEncoder;
@PostMapping(path = "/register")
public User registerNewUser(@RequestBody UserDTO userDTO) {
User user = new User();
user.setEmail(userDTO.getEmail());
user.setPassword(userDTO.getPassword());
userService.register(user);
return user;
}
}
package demo2.demo.data.service;
import demo2.demo.constant.RoleConstant;
import demo2.demo.data.model.User;
import demo2.demo.data.model.UserRole;
import demo2.demo.data.repository.UserRepository;
import demo2.demo.data.repository.UserRoleRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
@Service
public class UserService {
@Autowired
private UserRepository userRepository;
@Autowired
private UserRoleRepository userRoleRepository;
@Bean
public PasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder();
}
// find by email
public User findByEmail(String email) {
return (User) userRepository.findUserByEmail(email);
}
// find by id
public User findByID(int id) { return userRepository.findById(id).orElse(null);}
// register
public void register(User user) {
try {
// hash password
user.setPassword(passwordEncoder().encode(user.getPassword()));
// save user
userRepository.save(user);
// tạo quyền role
UserRole userRole = new UserRole();
userRole.setRoleID(RoleConstant.roleUser);
userRole.setUserID(user.getId());
userRoleRepository.save(userRole);
}catch (Exception e) {
e.getMessage();
}
}
}
this is my user_role class这是我的用户角色 class
@Entity(name = "dbo_user_role")
public class UserRole {
@GeneratedValue(strategy = GenerationType.AUTO)
@Column(name = "user_role_id")
@Id
private int id;
@Column(name = "role_id")
private int roleID;
@Column(name = "user_id")
private int userID;
// getter&setter
This is role class这是角色 class
@Entity(name = "dbo_role")
public class Role {
@GeneratedValue(strategy = GenerationType.AUTO)
@Column(name = "role_id")
@Id
private int id;
private String name;
@ManyToMany(fetch = FetchType.LAZY,
cascade = {
CascadeType.MERGE,
CascadeType.PERSIST
})
@JoinTable(name = "dbo_user_role",
joinColumns = {@JoinColumn(name = "role_id")},
inverseJoinColumns = {@JoinColumn(name = "user_id")})
// getter&setter
And this is role class这是角色 class
@Entity(name = "dbo_user")
public class User {
@GeneratedValue(strategy = GenerationType.AUTO)
@Column(name = "user_id")
@Id
private int id;
private String email;
@Transient
private String password;
@Transient
avoids the persistence of the password-field. @Transient
避免了密码字段的持久性。
From https://docs.jboss.org/hibernate/jpa/2.1/api/javax/persistence/Transient.html来自https://docs.jboss.org/hibernate/jpa/2.1/api/javax/persistence/Transient.html
Specifies that the property or field is not persistent.指定属性或字段不是持久的。
In order to store the contents of the field, remove the @Transient
annotation.为了存储字段的内容,删除@Transient
注释。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.