![](/img/trans.png)
[英]SpringBoot login with Spring Security with JWT for REST API
[英]How to login via Rest API using ReactiveUserDetailsService springboot
我在springboot中使用反應式彈簧安全性,我的前端是用Angular 6構建的,如果我使用springboot默認登錄表單,一切都可以正常工作。
我想使用rest api登錄。
休息登錄方式:
@PostMapping(path = "/login", consumes = MediaType.APPLICATION_JSON_VALUE)
public Mono<UserDetails> login(@RequestBody User user) {
Mono<UserDetails> isLoggedIn = Mono.empty();
try{
isLoggedIn = this.userDetailsService.findByUsername(user.getUsername());
}catch (RuntimeException e){
return isLoggedIn;
}
return isLoggedIn;
}
我的SecurityConfig如下:
@Configuration
@EnableWebFluxSecurity
public class SecurityConfig {
@Bean
SecurityWebFilterChain springSecurityFilterChain(ServerHttpSecurity http) {
http.authorizeExchange().pathMatchers("/login","/signup","/api/users/login","/ui/**","/webjars/**").permitAll()
.anyExchange().authenticated()
.and()
.httpBasic().disable()
.formLogin().disable()
.csrf().disable()
.logout().disable();
return http.build();
}
}
我的ReactiveUserDetailService如下:
@Component
public class ServiceReactiveUserDetailsService implements ReactiveUserDetailsService {
private UserRepo userRepo;
public ServiceReactiveUserDetailsService(UserRepo userRepo) {
this.userRepo = userRepo;
}
@Bean
PasswordEncoder passwordEncoder() {
return PasswordEncoderFactories.createDelegatingPasswordEncoder();
}
@Override
public Mono<UserDetails> findByUsername(String username) {
return this.userRepo.findByUsername(username).map(CustomUser::new);
}
private class CustomUser extends User implements UserDetails {
public CustomUser(User user) {
super(user);
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
return AuthorityUtils.createAuthorityList("ROLE_USER");
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return true;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return true;
}
}
}
我是春季世界的新手,將不勝感激
也許嘗試使用formLogin.loginPage方法指向您的登錄方法,而不是禁用formLogin。 我認為問題出在您的安全性配置中。
編輯:這些工具可能會有所幫助: https ://dzone.com/articles/reactive-spring-security-for-webflux-rest-web-serv https://www.baeldung.com/spring-security-5-reactive
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.