唐山烟草后端
blame | 历史 | 补丁 | 提交 | 提交对比 | ignore whitespace
wjli
2024-04-10 81af4cff627b7ec1e125b90f4fd57392c6d70588 
 xboot-core/src/main/java/cn/exrick/xboot/core/config/security/DaoAuthenticationProvider.java


@@ -1,13 +1,16 @@


package cn.exrick.xboot.core.config.security;




import cn.exrick.xboot.core.common.utils.ResultUtil;


import cn.hutool.extra.spring.SpringUtil;


import jodd.util.Base64;


import org.springframework.context.annotation.Configuration;


import org.springframework.security.authentication.BadCredentialsException;


import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;


import org.springframework.security.core.AuthenticationException;


import org.springframework.security.core.userdetails.UserDetails;


import org.springframework.security.core.userdetails.UserDetailsService;


import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;


import org.springframework.stereotype.Component;




/**


@@ -17,8 +20,16 @@


public class DaoAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {


    @Override


    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {


        if (authentication.getCredentials()==null){


            throw new BadCredentialsException("密码为空");


        }


        String password= authentication.getCredentials().toString();


        password = Base64.decodeToString(password);


        if (!new BCryptPasswordEncoder().matches(password, userDetails.getPassword())) {


            throw new BadCredentialsException("密码错误");


        }






        UsernamePasswordAuthenticationToken newAuthentication = new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), password);


        newAuthentication.setDetails(authentication.getDetails());


    }