JWT Authentication with Spring boot Withot using userDetail
Question
I am implementing rest APIs for mobile App and want to use JWT token in that. I Have achieved this by implmenting it with userDetials object. Now my problem is I don't have a Users table in the database I just have a phone number and UUID. We can achieve this by changing the signature to use the phone number as a signature. But my question is how I will authenticate each request? And How I can validate the token using my own object which does not contains username and password. AS per my implementation I will have to se spring security and when I will use spring security. Spring Security will require UserDetail Service which will give me back spring User object. Any help will be appreciated.
2 answers
solution1
2 ACCPTED 2021-02-18 08:19:17
You can override this by implementing user details here is an example for authentication by username and domain
public class SimpleUserDetailsService implements UserDetailsService {
// ...
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
String usernameAndDomain = StringUtils.split(
username, String.valueOf(Character.LINE_SEPARATOR));//split as much as you want
if (usernameAndDomain == null || usernameAndDomain.length != 2) {
throw new UsernameNotFoundException("Username and domain must be provided");
}
User user = userRepository.findUser(usernameAndDomain[0], usernameAndDomain[1]);
if (user == null) {
throw new UsernameNotFoundException(
String.format("Username not found for domain, username=%s, domain=%s",
usernameAndDomain[0], usernameAndDomain[1]));
}
return user;
}
}
solution2
1 2021-02-18 09:31:44
Based on my comment , you should create a custom user details service. The loadUserByUsername() method of your SimpleUserDetailsService class should return your custom user details.
Entity
public class Pojo {
private String phoneNumber;
private String uuid;
// Getters Setters Constructors
}
Custom User Details
public class CustomUserDetails implements UserDetails {
private String username;
private String password;
private List<GrantedAuthority> authorities;
public CustomUserDetails(Pojo pojo) {
this.username = pojo.getPhoneNumber();
this.password = pojo.getUuid();
authorities = new ArrayList<>();
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return authorityList;
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return username;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
User details service impl
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.