唐山烟草后端
parent: 362358f7 | 补丁 | 提交 | ignore whitespace
wjli
2024-04-08 fc96e4d7fc20dbec5d2d96c6e8c557c1cc3212d3 
修改密码错误登录bug
2个文件已修改
13 ■■■■■ 已修改文件
xboot-core/src/main/java/cn/exrick/xboot/core/config/security/DaoAuthenticationProvider.java 11 ●●●●● 补丁 | 查看 | 原始文档 | blame | 历史
xboot-core/src/main/java/cn/exrick/xboot/core/config/security/WebSecurityConfig.java 2 ●●● 补丁 | 查看 | 原始文档 | blame | 历史 
 xboot-core/src/main/java/cn/exrick/xboot/core/config/security/DaoAuthenticationProvider.java


@@ -1,13 +1,16 @@


package cn.exrick.xboot.core.config.security;




import cn.exrick.xboot.core.common.utils.ResultUtil;


import cn.hutool.extra.spring.SpringUtil;


import jodd.util.Base64;


import org.springframework.context.annotation.Configuration;


import org.springframework.security.authentication.BadCredentialsException;


import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;


import org.springframework.security.authentication.dao.AbstractUserDetailsAuthenticationProvider;


import org.springframework.security.core.AuthenticationException;


import org.springframework.security.core.userdetails.UserDetails;


import org.springframework.security.core.userdetails.UserDetailsService;


import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;


import org.springframework.stereotype.Component;




/**


@@ -17,8 +20,16 @@


public class DaoAuthenticationProvider extends AbstractUserDetailsAuthenticationProvider {


    @Override


    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {


        if (authentication.getCredentials()==null){


            throw new BadCredentialsException("密码为空");


        }


        String password= authentication.getCredentials().toString();


        password = Base64.decodeToString(password);


        if (!new BCryptPasswordEncoder().matches(password, userDetails.getPassword())) {


            throw new BadCredentialsException("密码错误");


        }






        UsernamePasswordAuthenticationToken newAuthentication = new UsernamePasswordAuthenticationToken(authentication.getPrincipal(), password);


        newAuthentication.setDetails(authentication.getDetails());


    }




 xboot-core/src/main/java/cn/exrick/xboot/core/config/security/WebSecurityConfig.java


@@ -133,7 +133,7 @@


                .exceptionHandling().accessDeniedHandler(accessDeniedHandler)


                .and()


                //图形验证码过滤器


                //.addFilterBefore(imageValidateFilter, UsernamePasswordAuthenticationFilter.class)


                .addFilterBefore(imageValidateFilter, UsernamePasswordAuthenticationFilter.class)


                // 短信验证码过滤器


                //.addFilterBefore(smsValidateFilter, UsernamePasswordAuthenticationFilter.class)


                // vaptcha验证码过滤器