Question

我有一个用户模型

  @Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "user_id")
private Long id;

@Size(min = 2, max = 20)
@NotBlank
private String firstName;

@Size(min = 2, max = 40)
@NotBlank
private String lastName;

@NotBlank
@Size(max = 20)
private String username;

@NotBlank
@Email
private String email;

@Enumerated(EnumType.STRING)
@NotNull
private Gender gender;

@NotBlank
private String password;

boolean isActive;


//Contructors,getters,setters

和自定义实现UserDetailsService

public class CustomUserDetailsService implements UserDetailsService {

private UserRepository userRepository;

@Autowired
public CustomUserDetailsService(UserRepository userRepository) {
    this.userRepository = userRepository;
}

@Override
public UserDetails loadUserByUsername(String usernameOrEmail) throws UsernameNotFoundException {
    User user = userRepository.findByUsernameOrEmail(usernameOrEmail, usernameOrEmail)
            .orElseThrow(() ->
                    new UsernameNotFoundException("User not found with username or email : " + usernameOrEmail)
            );
    //???
}

我想允许人们使用用户名或电子邮件登录，但是我不知道从哪里开始寻找实现此目的的方法。当我使用唯一的用户名登录时，我实现了org.springframework.security.core.userdetails.User这样的用户：

org.springframework.security.core.userdetails.User userDetails = 
            new org.springframework.security.core.userdetails.User(
                    user.getEmail(), 
                    user.getPassword(), 
                    convertAuthorities(user.getRoles()));
    return userDetails;
}

private Set<GrantedAuthority> convertAuthorities(Set<UserRole> userRoles) {
    Set<GrantedAuthority> authorities = new HashSet<>();
    for(UserRole ur: userRoles) {
        authorities.add(new SimpleGrantedAuthority(ur.getRole()));
    }
    return authorities;
}

但是我不知道如何使用用户名或电子邮件登录来实现这一点。非常感谢您提供帮助和指针。

Answer 1

其他流程将保持不变。唯一更改的地方是在Userrepository查找查询中

 @Override
public UserDetails loadUserByUsername(String usernameOrEmail) throws UsernameNotFoundException {
    List<User> users = userRepository.findByUsernameOrEmail(usernameOrEmail)
        .orElseThrow(() ->
            new UsernameNotFoundException("User not found with username or email : " + usernameOrEmail)
    );


    User firstUser =  users.get(0);
    User userDetails = 
            new org.springframework.security.core.userdetails.User(
                    firstUser.getEmail(), 
                    firstUser.getPassword(), 
                    convertAuthorities(firstUser.getRoles()));
    return userDetails;
}

public interface UserRepository extends JpaRepository<User, Long> {

  @Query(value = "SELECT u FROM USER u WHERE u.EMAIL_ADDRESS = ?1 OR u.USER_NAME= ?1")
  List<User> findByUsernameOrEmail(String usernameOrEmail);

}

Spring Security如何使用用户名或电子邮件登录

1 个答案: