问题:
Principal.getName()返回电子邮件而不是用户名
程志新
我有一个使用Spring Security的应用程序。在成功注册后,我试图获取用户的姓名,但当我进入登录页面时,我收到的是电子邮件而不是姓名。成功登录后,我提供了一个屏幕截图。
在上图中,我想要名字,而不是电子邮件地址。
我在给你上课,我认为这最重要。
控制器类
package com.andrekreou.iot.crypto.controller;
import com.andrekreou.iot.crypto.service.CryptoNewsService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import javax.servlet.http.HttpServletRequest;
import java.security.Principal;
@Controller
public class NewsHTMLController {
CryptoNewsService cryptoNewsService;
@Autowired
public NewsHTMLController(CryptoNewsService cryptoNewsService) {
this.cryptoNewsService = cryptoNewsService;
}
@GetMapping("/")
public String main(Model model, Principal principal){
String name = principal.getName();
model.addAttribute("name",name);
return "welcome";
}
@GetMapping("/login")
public String getLoginView() {
return "login";
}
}
安全配置类
package com.andrekreou.iot.authentication.security;
import com.andrekreou.iot.authentication.user.ApplicationUserService;
import lombok.AllArgsConstructor;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.SecurityFilterChain;
@Configuration
@AllArgsConstructor
@EnableWebSecurity
public class ApplicationSecurityConfig {
private final ApplicationUserService applicationUserService;
private final BCryptPasswordEncoder bCryptPasswordEncoder;
@Bean
protected SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
http
.csrf().disable()
.authorizeRequests()
.antMatchers("/api/v*/registration/**","/register*","/login","/registration","/registration-complete").permitAll()
//.antMatchers("/show-news-contents").hasRole(ADMIN.name())
.anyRequest()
.authenticated()
.and()
.formLogin()
.loginPage("/login")
.permitAll()
.defaultSuccessUrl("/",true)
.and()
.logout()
.logoutUrl("/logout")
.clearAuthentication(true)
.invalidateHttpSession(true)
.deleteCookies("JSESSIONID","Idea-2e8e7cee")
.logoutSuccessUrl("/login");
return http.build();
}
@Bean
public AuthenticationManager authenticationManager(AuthenticationConfiguration authenticationConfiguration) throws Exception {
return authenticationConfiguration.getAuthenticationManager();
}
@Bean
public DaoAuthenticationProvider daoAuthenticationProvider() {
DaoAuthenticationProvider provider =
new DaoAuthenticationProvider();
provider.setPasswordEncoder(bCryptPasswordEncoder);
provider.setUserDetailsService(applicationUserService);
return provider;
}
}
LOGIN.HTML
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<meta name="description" content="">
<meta name="author" content="">
<title>login</title>
<link href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta/css/bootstrap.min.css" rel="stylesheet"
integrity="sha384-/Y6pD6FV/Vv2HJnA6t+vslU6fwYXjCFtcEpHbNJ0lyAFsXTsjBbfaDjzALeQsN6M" crossorigin="anonymous">
<link href="https://getbootstrap.com/docs/4.0/examples/signin/signin.css" rel="stylesheet" crossorigin="anonymous">
<style>
body {
background-color: #3e3e3e;
color: white;
}
h2 {
text-align: center;
}
</style>
</head>
<body>
<div class="container">
<form class="form-signin" method="post" action="/login">
<h2 class="form-signin-heading">Please Login</h2>
<p>
<label for="username" class="sr-only">Username</label>
<input type="text" id="username" name="username" class="form-control" placeholder="username" required=""
autofocus="">
</p>
<p>
<label for="password" class="sr-only">Password</label>
<input type="password" id="password" name="password" class="form-control" placeholder="Password"
required="">
</p>
<button class="btn btn-lg btn-primary btn-block" type="submit">Login</button>
</form>
<form class="form-signin" method="get" action="/register">
<button class="btn btn-lg btn-primary btn-block" type="submit">Register</button>
</form>
</div>
</body>
</html>
应用程序用户类
package com.andrekreou.iot.authentication.user;
import com.andrekreou.iot.authentication.security.ApplicationUserRole;
import lombok.EqualsAndHashCode;
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import javax.persistence.*;
import java.util.Collection;
import java.util.Collections;
@Getter
@Setter
@EqualsAndHashCode
@NoArgsConstructor
@Entity
public class ApplicationUser implements UserDetails {
@Id
@SequenceGenerator(
name = "user_sequence",
sequenceName = "user_sequence",
allocationSize = 1
)
@GeneratedValue(
strategy = GenerationType.SEQUENCE,
generator = "user_sequence"
)
private Long id;
private String firstName;
private String lastName;
private String email;
private String password;
@Enumerated(EnumType.STRING)
private ApplicationUserRole applicationUserRole;
private Boolean locked = false;
private Boolean enabled = false;
//Constructor without the ID (it will be autogenerated)
public ApplicationUser(String firstName,
String lastName,
String email,
String password,
ApplicationUserRole applicationUserRole) {
this.firstName = firstName;
this.lastName = lastName;
this.email = email;
this.password = password;
this.applicationUserRole = applicationUserRole;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
SimpleGrantedAuthority authority =
new SimpleGrantedAuthority(applicationUserRole.name());
return Collections.singletonList(authority);
}
@Override
public String getPassword() {
return password;
}
@Override
public String getUsername() {
return email;
}
public String getFirstName() {
return firstName;
}
public String getLastName() {
return lastName;
}
@Override
public boolean isAccountNonExpired() {
return true;
}
@Override
public boolean isAccountNonLocked() {
return !locked;
}
@Override
public boolean isCredentialsNonExpired() {
return true;
}
@Override
public boolean isEnabled() {
return enabled;
}
}
共有1个答案
漆雕皓轩
您的代码,至少发布的代码,没有函数getName(),也许您指的是getUserName()。但是再看看它。
@Override
public String getUsername() {
return email;
}
你得到的正是你所编码的。也许需要什么:
@Override
public String getUsername() {
return firstName || ' ' || lastName;1
}
其中||是串联。对不起,但我不知道它的Spring安全功能/运算符。
类似资料:
-
使用Firebase,我可以使用电子邮件地址注册和登录用户。但是,如果我希望应用程序基于用户名怎么办?例如,您使用“Bobzilla”而不是“Bob@mail.com”登录? Firebase是否可以这样做?
-
问题内容: 现在,我已经建立了一个PHP电子邮件表单,并且一切正常。但是,在测试时,我只得到了发件人的电子邮件地址作为名称。我想要的是发件人的姓名,例如: 约翰·杜 科目科目科目 代替: j.doe@website.com 科目科目科目 下面是代码… 有谁可以帮助我吗?谢谢。 PHP: 问题答案: 在您的4行说完之后添加一行:
-
我想将Firebase用于我的网络应用程序,该应用程序适用于养老院中的痴呆症患者。他们没有电子邮件或社交网络帐户,因此需要简单的用户名/密码注册/登录。 最简单的方法是什么?从我在文档中看到的情况来看,我必须使用自定义的身份验证流,但我没有现有的身份验证服务器。 如果我确实需要这样做,那么提供代币的最简单方法是什么?Azure中有函数,AWS有Lambda,但我看这里没有Firebase
-
我正在实施firebase电子邮件验证,但是当用户收到电子邮件时,它会重定向到应用程序,这很好。当我尝试使用经过验证的电子邮件 始终返回 false。以下是我的代码:
-
问题内容: 我正在尝试创建一个php脚本,该脚本将使用mySQL数据库为我处理邮件列表,而我已将其中的大部分安装到位。不幸的是,我似乎无法使标题正常工作,并且我不确定问题出在哪里。 我在接收端得到的结果是: “noreply”@rilburskryler.net rn回复至:noreply@rilburskryler.netrnX-Mailer:PHP / 5.2.13rnMIME版本:1.0 问
-
我试图为一个web应用程序实现登录功能。我发现如果我使用“用户名”以外的字段,CakePHP不允许身份验证。您能解释一下我如何使用电子邮件字段而不是用户名字段进行身份验证吗。 我在下面分享用户表和验证码:: 用户表 认证码