其他文章是介绍使用邮箱以及验证码登录的方式,如果变成如下这种通过用户名或者邮箱的登录方式呢? https://gitee.com/pmh905001/moikiitos/
spring-security只实现用了用户名+密码登录,没有邮箱+密码登录的方式该怎么进行扩展呢?
翻了下源代码,做法如下:在spring-security.xml添加一个能够支持邮箱登录的bean,并且注入到:authentication-manager 下的 authentication-provider
<beans:bean id="userDetailsManager" class="com.hyxc.moikiitos.services.UserDetailsServiceImpl"> <beans:property name="dataSource" ref="dataSource" /> </beans:bean> <beans:bean id="encoder" class="org.springframework.security.crypto.password.StandardPasswordEncoder"/> <authentication-manager> <authentication-provider user-service-ref="userDetailsManager"> <password-encoder ref="encoder" /> </authentication-provider> </authentication-manager>
剩下的事情就是扩展 JdbcUserDetailsManager,只需要覆盖 loadUsersByUsername(String username)方法,让email字段也能作为查询条件即可。代码如下:
package com.hyxc.moikiitos.services; import java.sql.ResultSet; import java.sql.SQLException; import java.util.List; import org.springframework.jdbc.core.RowMapper; import org.springframework.security.core.authority.AuthorityUtils; import org.springframework.security.core.userdetails.User; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.provisioning.JdbcUserDetailsManager; public class UserDetailsServiceImpl extends JdbcUserDetailsManager { @Override protected List<UserDetails> loadUsersByUsername(String username) { return getJdbcTemplate().query("select username,password,enabled from users where username = ? or email = ?", new String[] { username, username }, new RowMapper<UserDetails>() { public UserDetails mapRow(ResultSet rs, int rowNum) throws SQLException { String username = rs.getString(1); String password = rs.getString(2); boolean enabled = rs.getBoolean(3); return new User(username, password, enabled, true, true, true, AuthorityUtils.NO_AUTHORITIES); } }); } }
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。