如何在数据库中存储哈希密码?

时间:2019-11-19 07:40:58

标签: java spring hibernate spring-boot

这是我的注册控制器和用户服务。为什么我不能将密码存储在数据库中?

当我使用Postman时,它返回哈希密码的值,但是当我检查数据库时,它仅存储“电子邮件”,密码为null。为什么?我应该创建另一个表密码来存储它们吗?

package demo2.demo.Controller;

import demo2.demo.data.model.User;
import demo2.demo.data.service.UserService;
import demo2.demo.model.dto.UserDTO;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RestController;


@RestController
public class LoginController {

    @Autowired
    private UserService userService;
    @Autowired
    private PasswordEncoder passwordEncoder;

    @PostMapping(path = "/register")
    public User registerNewUser(@RequestBody UserDTO userDTO) {
        User user = new User();
        user.setEmail(userDTO.getEmail());
        user.setPassword(userDTO.getPassword());
        userService.register(user);
        return user;
    }
}
package demo2.demo.data.service;

import demo2.demo.constant.RoleConstant;
import demo2.demo.data.model.User;
import demo2.demo.data.model.UserRole;
import demo2.demo.data.repository.UserRepository;
import demo2.demo.data.repository.UserRoleRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;

@Service
public class UserService {

    @Autowired
    private UserRepository userRepository;
    @Autowired
    private UserRoleRepository userRoleRepository;

    @Bean
    public PasswordEncoder passwordEncoder() {
        return new BCryptPasswordEncoder();
    }

//  find by email
    public User findByEmail(String email) {
        return (User) userRepository.findUserByEmail(email);
    }
//    find by id
    public User findByID(int id) { return userRepository.findById(id).orElse(null);}

//    register
    public void register(User user) {
        try {
            //        hash password
            user.setPassword(passwordEncoder().encode(user.getPassword()));
            //        save user
            userRepository.save(user);
            //        tạo quyền role
            UserRole userRole = new UserRole();
            userRole.setRoleID(RoleConstant.roleUser);
            userRole.setUserID(user.getId());
            userRoleRepository.save(userRole);
        }catch (Exception e) {
            e.getMessage();
        }
    }
}

这是我的user_role类

@Entity(name = "dbo_user_role")
public class UserRole {
    @GeneratedValue(strategy = GenerationType.AUTO)
    @Column(name = "user_role_id")
    @Id
    private int id;
    @Column(name = "role_id")
    private int roleID;
    @Column(name = "user_id")
    private int userID;
//  getter&setter

这是角色类

@Entity(name = "dbo_role")
public class Role {
    @GeneratedValue(strategy = GenerationType.AUTO)
    @Column(name = "role_id")
    @Id
    private int id;
    private String name;

    @ManyToMany(fetch = FetchType.LAZY,
                cascade = {
                        CascadeType.MERGE,
                        CascadeType.PERSIST
                })
    @JoinTable(name = "dbo_user_role",
                joinColumns = {@JoinColumn(name = "role_id")},
                inverseJoinColumns = {@JoinColumn(name = "user_id")})
// getter&setter

这是角色类

@Entity(name = "dbo_user")
public class User {
    @GeneratedValue(strategy = GenerationType.AUTO)
    @Column(name = "user_id")
    @Id
    private int id;
    private String email;
    @Transient
    private String password;

1 个答案:

答案 0 :(得分:1)

@Transient避免了密码字段的持久性。

来自https://docs.jboss.org/hibernate/jpa/2.1/api/javax/persistence/Transient.html

  

指定属性或字段不是持久性的。

为了存储字段的内容,请删除@Transient批注。