springsecurity自定义认证
- 手机
- 2025-08-28 07:48:02
// jwt 方式 package com.kongjs.note.system.convert; import com.kongjs.note.admin.model.dto.TokenInfoDTO; import com.kongjs.note.admin.service.TokenService; import jakarta.annotation.Resource; import jakarta.servlet.http.HttpServletRequest; import lombok.extern.slf4j.Slf4j; import org.springframework.security.authentication.AuthenticationDetailsSource; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.security.core.userdetails.UserDetailsService; import org.springframework.security.web.authentication.AuthenticationConverter; import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; import org.springframework.stereotype.Component; import org.springframework.util.ObjectUtils; import org.springframework.util.StringUtils; @Slf4j @Component public class JwtAuthenticationConverter implements AuthenticationConverter { private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource; @Resource private TokenService tokenService; @Resource private UserDetailsService userDetailsService; public JwtAuthenticationConverter() { this(new WebAuthenticationDetailsSource()); } public JwtAuthenticationConverter(AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) { this.authenticationDetailsSource = authenticationDetailsSource; } @Override public Authentication convert(HttpServletRequest request) { log.info("JwtAuthenticationConverter Start -->"); String token = request.getHeader("Token"); if (!StringUtils.hasText(token)) { return null; } TokenInfoDTO tokenInfoDTO = tokenService.parseAccessToken(token); if (ObjectUtils.isEmpty(tokenInfoDTO) || !StringUtils.hasText(tokenInfoDTO.getUsername())) { return null; } String username = tokenInfoDTO.getUsername(); UserDetails userDetails = userDetailsService.loadUserByUsername(username); UsernamePasswordAuthenticationToken result = UsernamePasswordAuthenticationToken.authenticated(userDetails.getUsername(), userDetails.getPassword(), userDetails.getAuthorities()); result.setDetails(this.authenticationDetailsSource.buildDetails(request)); return result; } protected void setDetails(HttpServletRequest request, UsernamePasswordAuthenticationToken authRequest) { authRequest.setDetails(this.authenticationDetailsSource.buildDetails(request)); } } package com.kongjs.note.system.convert; import com.kongjs.note.admin.security.authentication.dto.LoginDTO; import jakarta.servlet.http.HttpServletRequest; import org.springframework.http.MediaType; import org.springframework.http.converter.HttpMessageConverter; import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter; import org.springframework.http.server.ServletServerHttpRequest; import org.springframework.security.authentication.AuthenticationDetailsSource; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.web.authentication.AuthenticationConverter; import org.springframework.security.web.authentication.WebAuthenticationDetailsSource; public class RestAuthenticationConverter implements AuthenticationConverter { private final AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource; private final HttpMessageConverter<Object> converter = new MappingJackson2HttpMessageConverter(); public RestAuthenticationConverter() { this(new WebAuthenticationDetailsSource()); } public RestAuthenticationConverter(AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource) { this.authenticationDetailsSource = authenticationDetailsSource; } @Override public Authentication convert(HttpServletRequest request) { if (!request.getRequestURI().equals("/login")) { return null; } if (!request.getMethod().equals("POST")) { return null; } if (!MediaType.parseMediaType(request.getContentType()).equals(MediaType.APPLICATION_JSON)) { return null; } LoginDTO dto; try { dto = (LoginDTO) converter.read(LoginDTO.class, new ServletServerHttpRequest(request)); } catch (Exception e) { return null; } String username = dto.getUsername(); username = username != null ? username.trim() : ""; String password = dto.getPassword(); password = password != null ? password : ""; UsernamePasswordAuthenticationToken authRequest = UsernamePasswordAuthenticationToken.unauthenticated(username, password); this.setDetails(request, authRequest); return authRequest; } protected void setDetails(HttpServletRequest request, UsernamePasswordAuthenticationToken authRequest) { authRequest.setDetails(this.authenticationDetailsSource.buildDetails(request)); } }
springsecurity自定义认证由讯客互联手机栏目发布,感谢您对讯客互联的认可,以及对我们原创作品以及文章的青睐,非常欢迎各位朋友分享到个人网站或者朋友圈,但转载请说明文章出处“springsecurity自定义认证”
