From 407fc191d2420ccfd7f01e236749979e8c331a40 Mon Sep 17 00:00:00 2001
From: wjli <591616088@qq.com>
Date: 星期四, 11 四月 2024 17:31:30 +0800
Subject: [PATCH] 修改新验证条件下客户端无法登录bug,并去掉明文密码验证的登录代码

---
 xboot-core/src/main/java/cn/exrick/xboot/core/config/security/WebSecurityConfig.java         |    2 +-
 xboot-core/src/main/java/cn/exrick/xboot/core/config/security/DaoAuthenticationProvider.java |    4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/DaoAuthenticationProvider.java b/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/DaoAuthenticationProvider.java
index 80a4f40..ff23b5b 100644
--- a/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/DaoAuthenticationProvider.java
+++ b/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/DaoAuthenticationProvider.java
@@ -24,8 +24,10 @@
             throw new BadCredentialsException("瀵嗙爜涓虹┖");
         }
         String password= authentication.getCredentials().toString();
+        password = password.replace("\n","");
         password = Base64.decodeToString(password);
-        if (!new BCryptPasswordEncoder().matches(password, userDetails.getPassword())) {
+        boolean isPass = new BCryptPasswordEncoder().matches(password, userDetails.getPassword());
+        if (!isPass) {
             throw new BadCredentialsException("瀵嗙爜閿欒");
         }
 
diff --git a/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/WebSecurityConfig.java b/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/WebSecurityConfig.java
index fabd594..d4f0685 100644
--- a/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/WebSecurityConfig.java
+++ b/xboot-core/src/main/java/cn/exrick/xboot/core/config/security/WebSecurityConfig.java
@@ -82,7 +82,7 @@
     @Override
     protected void configure(AuthenticationManagerBuilder auth) throws Exception {
         auth.authenticationProvider(new DaoAuthenticationProvider());
-        auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
+        //auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
     }
 
     @Override

--
Gitblit v1.9.1