我想通过登录来实现remember me功能,该功能使用POST端点。为了登录用户,我实现了自定义LoginFormFilter并将其映射到/login URL。过滤器的实现如下所示
@Override
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) {
try {
String requestBody = IOUtils.toString(request.getReader());
LoginRequest authRequest = mapper.readValue(requestBody, LoginRequest.class);
UsernamePasswordAuthenticationToken token =
new UsernamePasswordAuthenticationToken(authRequest.getUsername(), authRequest.getPassword());
return this.getAuthenticationManager().authenticate(token);
....
身份验证正常,用户可以成功登录。
在configure类的@Configuration方法中,我向配置添加了rememberMe。
http
...
.rememberMe().key("remember-me").tokeValiditySeconds(100) // for test
但是当我使用该正文发布到URL /登录
时{
"username": "User",
"password": "1111",
"remember-me": true
}
似乎没有按预期添加Cookie remember-me。怎么了?