下面是我的身份验证控制器
@RequestMapping(value = "/generate-token", method = RequestMethod.POST)
public ApiResponse<AuthToken> register(@RequestBody LoginUser loginUser) throws AuthenticationException {
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(loginUser.getUsername(), loginUser.getPassword()));
final Userss user = userService.findOne(loginUser.getUsername());
final String token = jwtTokenUtil.generateToken(user);
return new ApiResponse<>(2, 200, "success",new AuthToken(token, user.getUsername()));
}`
下面是我的jwtAuthentication
@Override
protected void doFilterInternal(HttpServletRequest req, HttpServletResponse res, FilterChain chain) throws IOException, ServletException {
String header = req.getHeader(HEADER_STRING);
String username = null;
String authToken = null;
if (header != null && header.startsWith(TOKEN_PREFIX)) {
authToken = header.replace(TOKEN_PREFIX,"");
try {
username = jwtTokenUtil.getUsernameFromToken(authToken);
} catch (IllegalArgumentException e) {
logger.error("an error occured during getting username from token", e);
} catch (ExpiredJwtException e) {
logger.warn("the token is expired and not valid anymore", e);
} catch(SignatureException e){
logger.error("Authentication Failed. Username or Password not valid.");
}
} else {
logger.warn("couldn't find bearer string, will ignore the header");
}
if (username != null && SecurityContextHolder.getContext().getAuthentication() == null) {
UserDetails userDetails = userDetailsService.loadUserByUsername(username);
if (jwtTokenUtil.validateToken(authToken, userDetails)) {
UsernamePasswordAuthenticationToken authentication = new UsernamePasswordAuthenticationToken(userDetails, null, Arrays.asList(new SimpleGrantedAuthority("ROLE_ADMIN")));
authentication.setDetails(new WebAuthenticationDetailsSource().buildDetails(req));
logger.info("authenticated user " + username + ", setting security context");
SecurityContextHolder.getContext().setAuthentication(authentication);
String getit = userDetails.getUsername();
logger.info("=========================================" + getit);
}
}
chain.doFilter(req, res);
}
下面也是我的控制器
@RequestMapping("/getUserProfile")
public ApiResponse<Userss> userFront(@RequestBody Principal principal) {
Userss user = userService.findByUsername(principal.getName());
String firstName = user.getFirstName();
String lastName = user.getLastName();
String username = user.getUsername();
return new ApiResponse<>(3, HttpStatus.OK.value(), "User fetched successfully.",userService.findOne(username));
}
下面是我从angular登录的信息
login(loginPayload) : Observable<ApiResponse> {
return this.http.post<ApiResponse>('http://localhost:8060/' + 'token/generate-token', loginPayload);
}