上一节加入医疗,并实现了基本的配置,先把把验证码的校验和登录的校验床起来,并实现返回自定义token
新建验证码后台登陆service
@RequiredArgsConstructor
@Service
public class AdminLoginServiceImpl implements AdminLoginService {
final CaptchaService captchaService;
final SysUserTokenService sysUserTokenService;
final AuthenticationManager authenticationManager;
@Override
public RsObject login(String username, String password, String code, String uuid) {
// 校验验证码
boolean success = captchaService.validate(uuid, code);
if (!success){
throw new ServerException(ErrorCode.CAPTCHA_ERROR,"验证码错误");
}
// 用户验证
Authentication authentication = null;
try
{
UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken(username, password);
// 该方法会去调用UserDetailsServiceImpl.loadUserByUsername
authentication = authenticationManager.authenticate(authenticationToken);
}
catch (Exception e)
{
if (e instanceof BadCredentialsException)
{
throw new ServerException(ErrorCode.PASSWORD_ERROR, "用户名或者密码错误");
}
else
{
throw new ServerException(e.getMessage());
}
}
UserDetail loginUser = (UserDetail) authentication.getPrincipal();
// 生成token
return sysUserTokenService.createToken(loginUser.getId());
}
}
修改原本的登陆控制器
final AdminLoginService adminLoginService;
@PostMapping("login")
RsObject login(@RequestBody LoginDTO loginDTO){
return adminLoginService.login(loginDTO.getUsername(), loginDTO.getPassword(), loginDTO.getCaptcha(), loginDTO.getUuid());
}
把login接口加入白名单
security配置文件加入如下,要不然会全局获取不到AuthenticationManager bean
/**
* 解决 无法直接注入 AuthenticationManager
*
* @return
* @throws Exception
*/
@Bean
public AuthenticationManager authenticationManagerBean() throws Exception
{
return authenticationConfiguration.getAuthenticationManager();
}
启动服务端和admin页面前段
上面是故意输入错误验证码,会提示验证码错误
输入完毕后正确,下一步配置好token生成好校验,为RBAC做准备
页面更新:2024-04-13
本站资料均由网友自行发布提供,仅用于学习交流。如有版权问题,请与我联系,QQ:4156828
© CopyRight 2008-2024 All Rights Reserved. Powered By bs178.com 闽ICP备11008920号-3
闽公网安备35020302034844号