当我从邮递员登录时,我得到了像401 Unauthorized这样的错误

时间:2017-10-25 14:20:44

标签: java mysql spring spring-security 

@RestController
public class LoginController {

@Autowired
private UserService userService;

@RequestMapping(value={"/logins"}, method = RequestMethod.GET)
public ModelAndView logins(@RequestBody User user, BindingResult bindingResult){
    ModelAndView modelAndView = new ModelAndView();
    modelAndView.setViewName("logins");
    return modelAndView;
}
@RequestMapping(value= {"/login"}, method=RequestMethod.POST)
public ModelAndView login(@Valid @RequestBody User user, BindingResult bindingResult){

    ModelAndView modelAndView = new ModelAndView();
    User userExists = userService.findUserByEmail(user.getEmail());
    if (userExists != null) {
        bindingResult
                .rejectValue("email", "error.user",
                        "There is already a user registered with the email provided");
    }
    if (bindingResult.hasErrors()) {
        modelAndView.setViewName("login");
    } else {
        userService.saveUser(user);
        modelAndView.addObject("successMessage", "User has been login successfully");
        modelAndView.addObject("user", new User());
        modelAndView.setViewName("login");

    }
    return modelAndView;
}

@RequestMapping(value="/admin/home", method = RequestMethod.GET)
public ModelAndView home(){
    ModelAndView modelAndView = new ModelAndView();
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
    User user = userService.findUserByEmail(auth.getName());
    modelAndView.addObject("userName", "Welcome " + user.getName());
    modelAndView.addObject("adminMessage","Content Available Only for Users with Admin Role");
    modelAndView.setViewName("admin/home");
    return modelAndView;
}

}

@Service("userService")
public class Userserviceimpl implements UserService {


@Autowired
private UserRepository userRepository;
@Autowired
private RoleRepository roleRepository;
@Autowired
private BCryptPasswordEncoder bCryptPasswordEncoder;


@Override
public User findUserByEmail(String email) {
    return userRepository.findByEmail(email);

}

@Override
public void saveUser(User user) {

    user.setPassword(bCryptPasswordEncoder.encode(user.getPassword()));
    user.setActive(1);
    Role userRole = roleRepository.findByRole("SUPERADMIN");
    user.setRoles(new HashSet<Role>(Arrays.asList(userRole)));
    userRepository.save(user);
}

}

@Configuration
public class WebMvcConfig extends WebMvcConfigurerAdapter {

@Bean
public BCryptPasswordEncoder passwordEncoder() {
    BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
    return bCryptPasswordEncoder;
}
}

public class Role {

@Id
private int roll_id;

private String role;

...

}

我在邮递员中的输入

  

[{      &#34;电子邮件&#34;:&#34; abc@gmail.com" ;,      &#34;密码&#34;:&#34;通过&#34 ;,      &#34;名称&#34;:&#34; JOHN&#34 ;,      &#34;有源&#34;:&#34; 1&#34 ;,      &#34;作用&#34;:[{          &#34;作用&#34;:&#34;管理&#34;       }]      }]

如果我发送它我有这样的错误

  

{          &#34;时间戳&#34;:1508938909379,          &#34; status&#34;:401,          &#34;错误&#34;:&#34;未经授权&#34;,          &#34; message&#34;:&#34;访问此资源需要完全身份验证&#34;,          &#34;路径&#34;:&#34; / login&#34;      }

我在mysql数据库中有3个表,如userrole以及user_role

1 个答案:

答案 0 :(得分:2)

你的json身体在阵列中。尝试

  { "email":"abc@gmail.com",
"password":"pass",
"name":"JOHN",
"active":"1",
"roles":[{ "role":"admin" }] //check this in your User.class if it is list,Ok. if not remove box brackets
}
相关问题
最新问题