Java 1687 1 (#9450)
* used password encoder over plaintext password * used password encoder over plaintext password
This commit is contained in:
parent
10c4ebad08
commit
32259e7caf
|
@ -5,11 +5,18 @@ import java.util.Collection;
|
||||||
|
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
import org.springframework.stereotype.Repository;
|
import org.springframework.stereotype.Repository;
|
||||||
|
|
||||||
@Repository("userRepository")
|
@Repository("userRepository")
|
||||||
public class CustomUserRepository implements UserRepository {
|
public class CustomUserRepository implements UserRepository {
|
||||||
|
|
||||||
|
private PasswordEncoder passwordEncoder;
|
||||||
|
|
||||||
|
public CustomUserRepository(PasswordEncoder passwordEncoder) {
|
||||||
|
this.passwordEncoder = passwordEncoder;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public User findUser(String username, String domain) {
|
public User findUser(String username, String domain) {
|
||||||
if (StringUtils.isAnyBlank(username, domain)) {
|
if (StringUtils.isAnyBlank(username, domain)) {
|
||||||
|
@ -17,7 +24,7 @@ public class CustomUserRepository implements UserRepository {
|
||||||
} else {
|
} else {
|
||||||
Collection<? extends GrantedAuthority> authorities = new ArrayList<>();
|
Collection<? extends GrantedAuthority> authorities = new ArrayList<>();
|
||||||
User user = new User(username, domain,
|
User user = new User(username, domain,
|
||||||
"$2a$10$U3GhSMpsMSOE8Kqsbn58/edxDBKlVuYMh7qk/7ErApYFjJzi2VG5K", true,
|
passwordEncoder.encode("secret"), true,
|
||||||
true, true, true, authorities);
|
true, true, true, authorities);
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
package com.baeldung.loginextrafieldscustom;
|
package com.baeldung.loginextrafieldscustom;
|
||||||
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.PropertySource;
|
import org.springframework.context.annotation.PropertySource;
|
||||||
import org.springframework.security.authentication.AuthenticationProvider;
|
import org.springframework.security.authentication.AuthenticationProvider;
|
||||||
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
|
||||||
|
@ -56,6 +57,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
return new SimpleUrlAuthenticationFailureHandler("/login?error=true");
|
return new SimpleUrlAuthenticationFailureHandler("/login?error=true");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
public PasswordEncoder passwordEncoder() {
|
public PasswordEncoder passwordEncoder() {
|
||||||
return new BCryptPasswordEncoder();
|
return new BCryptPasswordEncoder();
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
package com.baeldung.loginextrafieldssimple;
|
package com.baeldung.loginextrafieldssimple;
|
||||||
|
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
import org.springframework.context.annotation.Bean;
|
||||||
import org.springframework.context.annotation.PropertySource;
|
import org.springframework.context.annotation.PropertySource;
|
||||||
import org.springframework.security.authentication.AuthenticationProvider;
|
import org.springframework.security.authentication.AuthenticationProvider;
|
||||||
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
|
||||||
|
@ -59,6 +60,7 @@ public class SecurityConfig extends WebSecurityConfigurerAdapter {
|
||||||
return new SimpleUrlAuthenticationFailureHandler("/login?error=true");
|
return new SimpleUrlAuthenticationFailureHandler("/login?error=true");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Bean
|
||||||
public PasswordEncoder passwordEncoder() {
|
public PasswordEncoder passwordEncoder() {
|
||||||
return new BCryptPasswordEncoder();
|
return new BCryptPasswordEncoder();
|
||||||
}
|
}
|
||||||
|
|
|
@ -5,11 +5,18 @@ import java.util.Collection;
|
||||||
|
|
||||||
import org.apache.commons.lang3.StringUtils;
|
import org.apache.commons.lang3.StringUtils;
|
||||||
import org.springframework.security.core.GrantedAuthority;
|
import org.springframework.security.core.GrantedAuthority;
|
||||||
|
import org.springframework.security.crypto.password.PasswordEncoder;
|
||||||
import org.springframework.stereotype.Repository;
|
import org.springframework.stereotype.Repository;
|
||||||
|
|
||||||
@Repository("userRepository")
|
@Repository("userRepository")
|
||||||
public class SimpleUserRepository implements UserRepository {
|
public class SimpleUserRepository implements UserRepository {
|
||||||
|
|
||||||
|
private PasswordEncoder passwordEncoder;
|
||||||
|
|
||||||
|
public SimpleUserRepository(PasswordEncoder passwordEncoder) {
|
||||||
|
this.passwordEncoder = passwordEncoder;
|
||||||
|
}
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
public User findUser(String username, String domain) {
|
public User findUser(String username, String domain) {
|
||||||
if (StringUtils.isAnyBlank(username, domain)) {
|
if (StringUtils.isAnyBlank(username, domain)) {
|
||||||
|
@ -17,7 +24,7 @@ public class SimpleUserRepository implements UserRepository {
|
||||||
} else {
|
} else {
|
||||||
Collection<? extends GrantedAuthority> authorities = new ArrayList<>();
|
Collection<? extends GrantedAuthority> authorities = new ArrayList<>();
|
||||||
User user = new User(username, domain,
|
User user = new User(username, domain,
|
||||||
"$2a$10$U3GhSMpsMSOE8Kqsbn58/edxDBKlVuYMh7qk/7ErApYFjJzi2VG5K", true,
|
passwordEncoder.encode("secret"), true,
|
||||||
true, true, true, authorities);
|
true, true, true, authorities);
|
||||||
return user;
|
return user;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue