您的位置: 首页  >  技术问答  >  Spring Boot + Mongo + JWT

Spring Boot + Mongo + JWT

分类: 技术问答 2022-06-16 16:43:21
问题描述:

我正在编写JWTLoginFilter以检查用户并对其进行身份验证,但我无法向DB发出请求。Spring Boot + Mongo + JWT

这是我的登录过滤器的代码:

import com.fasterxml.jackson.databind.ObjectMapper; 
import it.gate42.Model.Credential; 
import it.gate42.Model.User; 
import it.gate42.repository.User.UserRepository; 
import org.slf4j.Logger; 
import org.slf4j.LoggerFactory; 
import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.security.authentication.AuthenticationManager; 
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 
import org.springframework.security.core.Authentication; 
import org.springframework.security.core.AuthenticationException; 
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; 
import org.springframework.security.web.util.matcher.AntPathRequestMatcher; 

import javax.servlet.FilterChain; 
import javax.servlet.ServletException; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
import java.io.IOException; 
import java.util.Collections; 

public class JWTLoginFilter extends AbstractAuthenticationProcessingFilter { 

    private static final Logger LOGGER = LoggerFactory.getLogger(JWTLoginFilter.class); 

    @Autowired 
    UserRepository userRepository; 

    public JWTLoginFilter(String url, AuthenticationManager authManager) { 
     super(new AntPathRequestMatcher(url)); 
     setAuthenticationManager(authManager); 
    } 

    @Override 
    public Authentication attemptAuthentication(HttpServletRequest req, HttpServletResponse res) throws AuthenticationException, IOException, ServletException { 

     Credential creds = new ObjectMapper().readValue(req.getInputStream(), Credential.class); 

     User user = null; 
     user = userRepository.login(creds); 

     return new UsernamePasswordAuthenticationToken(
       creds.getUsername(), 
       creds.getPassword() 
     ); 

     /*return getAuthenticationManager().authenticate(
       new UsernamePasswordAuthenticationToken(
         creds.getUsername(), 
         creds.getPassword(), 
         Collections.emptyList() 
       ) 
     );*/ 
    } 

    @Override 
    protected void successfulAuthentication(HttpServletRequest req, HttpServletResponse res, FilterChain chain, Authentication auth) throws IOException, ServletException { 
     LOGGER.info("a: " + auth.toString()); 
     TokenAuthenticationService.addAuthentication(res, auth.getName()); 
    } 
}

上userRepository任何函数调用我收到一个:

java.lang.NullPointerException: null 
    at it.gate42.Config.Security.JWTLoginFilter.attemptAuthentication

如何,我可以到我的DB沟通办理登机手续的用户?我使用Spring引导,Jersey,JWT,Mongo和Spring安全来过滤路由。下面

+1

看起来像JWTLoginFilter不是Spring bean,这就是为什么依赖注入不起作用。你应该提供弹簧配置。 –

+0

这是我的安全配置:https://gist.github.com/paranoiasystem/3e97a1b8d01003045a4cfbf972b5794b –

+1

尝试将您的userRepository注入SecurityConfig类,并将该实例传递给构造函数中的过滤器。 –

在该同一类JWTLoginFilter,添加代码:

@Bean 
public UserRepository userRepository() { 
return new UserRepository(); 
}

在同一类中,删除该代码:

@Autowired 
UserRepository userRepository;

在方法attemptAuthentication(),改变存储库:

user = userRepository().login(creds);

相关推荐