使用Thymeleaf的基本表单登录SpringBoot无法正常工作吗?

时间:2019-11-21 08:47:51

标签: spring-boot thymeleaf

我是春季靴子的新手。我正在使用基本的百里香形式登录。但是,当我登录时,它返回“ localhost:8080 / login?error = true”。我不知道为什么我在数据库中的用户名和密码正确。也许我必须使用post方法添加一个新的控制器?请帮助我

这是我的安全配置类

protected void configure(HttpSecurity http) throws Exception {
    logger.info("-----configure(HttpSecurity http)");
    http.authorizeRequests()
                .antMatchers("/**").permitAll()
                .antMatchers("/user/**").hasAnyRole("USER")
                .anyRequest().authenticated()
                .and()
                .formLogin()
                .loginPage("/login")
                .defaultSuccessUrl("/home")
                .permitAll()
                .and()
                .logout()
                .permitAll()
                .and().csrf().disable();
}

@Autowired
public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
    logger.info("-----configureGlobal(AuthenticationManagerBuilder auth)");
    auth.userDetailsService(userDetailsService).passwordEncoder(passwordEncoder);
}

登录表单页面

<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
    <title>Login</title>
    <meta charset="utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1">
    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/css/bootstrap.min.css">
    <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js"></script>
    <script src="https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.7/umd/popper.min.js"></script>
    <script src="https://maxcdn.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js"></script>
</head>
<body>

<div class="container">
    <h2>Stacked form</h2>
    <form th:action="@{/login}" method="post">
        <div class="form-group">
            <input type="text" name="username" id="username" class="form-control input-lg"
                   placeholder="UserName" required="true" autofocus="true"/>
        </div>
        <div class="form-group">
            <input type="password" name="password" id="password" class="form-control input-lg"
                   placeholder="Password" required="true"/>
        </div>
        <div class="form-group form-check">
            <label class="form-check-label">
                <input class="form-check-input" type="checkbox" name="remember"> Remember me
            </label>
        </div>
        <a class="btn btn-success" th:href="@{'/register'}" role="button">Register</a>
        <button type="submit" class="btn btn-primary">Login</button>
    </form>
</div>
</body>
</html>

我的控制器

    @GetMapping("/login")
    public String login() {
        return "/login";
    }

实体

@Entity(name = "dbo_user")
public class User {
    @GeneratedValue(strategy = GenerationType.AUTO)
    @Column(name = "user_id")
    @Id
    private int id;
    private String email;
    private String password;
    private String username;
}

2 个答案:

答案 0 :(得分:2)

首先,User类必须实现如下的UserDetails接口: // userdetails方法

@Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        return this.roles.stream().map(SimpleGrantedAuthority::new).collect(toList());
    }


    @Override
    public String getUsername() {

        return this.getEmail();
    }


    @Override
    public boolean isAccountNonExpired() {

        return true;
    }


    @Override
    public boolean isAccountNonLocked() {
        return true;
    }


    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }


    @Override
    public boolean isEnabled() {
        return true;
    }

    @Transient
    private List<String> roles = Arrays.asList("ROLE_USER");
    public List<String> getRoles() {
        return roles;
    }

第二,您需要一个实现UserDetailsS​​ervice的类,如下所示:

@Service("customCustomerDetailsService")
public class CustomUserDetailsService implements UserDetailsService  {

    @Autowired
    private CredentialRepository users;    

    @Override
    public UserDetails loadUserByUsername(String email)  {

      return this.users.findByEmail(email)
            .orElseThrow(() -> new UsernameNotFoundException("Username: " + email + " not found"));


    }

}

然后您将该类自动连接到安全配置类

@Autowired
    CustomUserDetailsService customCustomerDetailsService;

您需要像这样在您的安全配置类中实现DAO DaoAuthenticationProvider:

@Bean
    public DaoAuthenticationProvider authenticationProvider() {
        DaoAuthenticationProvider authProvider = new DaoAuthenticationProvider();
        authProvider.setUserDetailsService(userDetailsService());
        authProvider.setPasswordEncoder(encoder());

        return authProvider;

我非常确定这个问题会在这个平台上得到回答。

答案 1 :(得分:0)

您是否正在使用百里香额外的安全性?如果是这样,那么您需要在登录页面上的maven / gradle和thymeleaf名称空间中包含依赖项。

   <dependency>
        <groupId>org.thymeleaf.extras</groupId>
        <artifactId>thymeleaf-extras-springsecurity5</artifactId>
        <version>3.0.4.RELEASE</version>
   </dependency>


<html xmlns="http://www.w3.org/1999/xhtml"
  xmlns:th="http://www.thymeleaf.org"
  xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
  xmlns:sec="http://www.thymeleaf.org/thymeleaf-extras-springsecurity5" lang="en">
相关问题
最新问题