Spring Security重写验证密码-前端传入加密过后的密码

前言

前端登录传值 加密过后的密码。后端需要先将密码解密 再进行密码验证。 

一、DaoAuthenticationProvider？

Spring Security 获取用户信息之后进行密码验证的方法(additionalAuthenticationChecks)在这个类中

二、解决方案

1.将additionalAuthenticationChecks方法进行重写，先对加密的密码进行 解密 然后再执行密码校验的逻辑。
2.修改security配置，添加自己的身份验证类。

//将additionalAuthenticationChecks方法进行重写，先对加密的密码进行 解密 然后再执行密码校验的逻辑
@Slf4j
public class DecodePwdAuthenticationProvider extends DaoAuthenticationProvider {

    public DecodePwdAuthenticationProvider(UserDetailsServiceImpl userDetailsService){
        setUserDetailsService(userDetailsService);
    }


    @Override
    protected void additionalAuthenticationChecks(UserDetails userDetails, UsernamePasswordAuthenticationToken authentication) throws AuthenticationException {
        if (authentication.getCredentials() == null) {
            this.logger.debug("Authentication failed: no credentials provided");
            throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
        } else {
            String presentedPassword = authentication.getCredentials().toString();

            //Base64解密
            presentedPassword = new String(Base64.getDecoder().decode(presentedPassword));
            BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
            if (!passwordEncoder.matches(presentedPassword, userDetails.getPassword())) {
                this.logger.debug("Authentication failed: password does not match stored value");
                throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "Bad credentials"));
            }
        }
    }

}

//修改security配置，添加自己的身份验证类
@Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(new DecodePwdAuthenticationProvider(userDetailsService));
        auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
    }