Spring Security 使用JSON 登录
public class CustomUsernamePasswordAuthenticationFilter extends UsernamePasswordAuthenticationFilter {
@Override
@SneakyThrows(IOException.class) //lombok try catch
public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response) throws AuthenticationException {
if (request.getContentType().contains(MediaType.APPLICATION_JSON_VALUE)) {
ObjectMapper mapper = new ObjectMapper();
Map<String,String> map = mapper.readValue(request.getInputStream(), Map.class);
String username = map.get(super.getUsernameParameter());
String password = map.get(super.getPasswordParameter());
if (username == null) {
username = "";
}
if (password == null) {
password = "";
}
username = username.trim();
UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(
username, password);
setDetails(request, authRequest);
return this.getAuthenticationManager().authenticate(authRequest);
}
return super.attemptAuthentication(request, response);
}
}
@EnableWebSecurity
public class SecurityConfig extends WebSecurityConfigurerAdapter {
@Override
protected void configure(HttpSecurity http) throws Exception {
http.addFilterAt(usernamePasswordAuthenticationFilter(), UsernamePasswordAuthenticationFilter.class)
}
CustomUsernamePasswordAuthenticationFilter usernamePasswordAuthenticationFilter() throws Exception {
CustomUsernamePasswordAuthenticationFilter filter = new CustomUsernamePasswordAuthenticationFilter();
filter.setAuthenticationManager(super.authenticationManagerBean());
filter.setFilterProcessesUrl(customSecurityProperties.getLoginUrl());
//处理登录成功
filter.setAuthenticationSuccessHandler(new AuthenticationSuccessHandler());
//处理登录失败
filter.setAuthenticationFailureHandler(new AuthenticationFailureHandler());
return filter;
}
}