1. 首頁
  2. 問答
  3. Spring Boot + Mongo + JWT

Spring Boot + Mongo + JWT

2017-04-05 103 views
1

我正在編寫JWTLoginFilter以檢查用戶並對其進行身份驗證,但我無法向DB發出請求。Spring Boot + Mongo + JWT

這是我的登錄過濾器的代碼:

import com.fasterxml.jackson.databind.ObjectMapper; 
import it.gate42.Model.Credential; 
import it.gate42.Model.User; 
import it.gate42.repository.User.UserRepository; 
import org.slf4j.Logger; 
import org.slf4j.LoggerFactory; 
import org.springframework.beans.factory.annotation.Autowired; 
import org.springframework.security.authentication.AuthenticationManager; 
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; 
import org.springframework.security.core.Authentication; 
import org.springframework.security.core.AuthenticationException; 
import org.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter; 
import org.springframework.security.web.util.matcher.AntPathRequestMatcher; 

import javax.servlet.FilterChain; 
import javax.servlet.ServletException; 
import javax.servlet.http.HttpServletRequest; 
import javax.servlet.http.HttpServletResponse; 
import java.io.IOException; 
import java.util.Collections; 

public class JWTLoginFilter extends AbstractAuthenticationProcessingFilter { 

    private static final Logger LOGGER = LoggerFactory.getLogger(JWTLoginFilter.class); 

    @Autowired 
    UserRepository userRepository; 

    public JWTLoginFilter(String url, AuthenticationManager authManager) { 
     super(new AntPathRequestMatcher(url)); 
     setAuthenticationManager(authManager); 
    } 

    @Override 
    public Authentication attemptAuthentication(HttpServletRequest req, HttpServletResponse res) throws AuthenticationException, IOException, ServletException { 

     Credential creds = new ObjectMapper().readValue(req.getInputStream(), Credential.class); 

     User user = null; 
     user = userRepository.login(creds); 

     return new UsernamePasswordAuthenticationToken(
       creds.getUsername(), 
       creds.getPassword() 
     ); 

     /*return getAuthenticationManager().authenticate(
       new UsernamePasswordAuthenticationToken(
         creds.getUsername(), 
         creds.getPassword(), 
         Collections.emptyList() 
       ) 
     );*/ 
    } 

    @Override 
    protected void successfulAuthentication(HttpServletRequest req, HttpServletResponse res, FilterChain chain, Authentication auth) throws IOException, ServletException { 
     LOGGER.info("a: " + auth.toString()); 
     TokenAuthenticationService.addAuthentication(res, auth.getName()); 
    } 
}

上userRepository任何函數調用我收到一個:

java.lang.NullPointerException: null 
    at it.gate42.Config.Security.JWTLoginFilter.attemptAuthentication

如何,我可以到我的DB溝通辦理登機手續的用戶?我使用Spring引導,Jersey,JWT,Mongo和Spring安全來過濾路由。下面

來源

2017-04-05 Marco Ferraioli

+1

看起來像JWTLoginFilter不是Spring bean,這就是爲什麼依賴注入不起作用。你應該提供彈簧配置。 –

+0

這是我的安全配置:https://gist.github.com/paranoiasystem/3e97a1b8d01003045a4cfbf972b5794b –

+1

嘗試將您的userRepository注入SecurityConfig類,並將該實例傳遞給構造函數中的過濾器。 –

回答

1

在該同一類JWTLoginFilter,添加代碼:

@Bean 
public UserRepository userRepository() { 
return new UserRepository(); 
}

在同一類中,刪除該代碼:

@Autowired 
UserRepository userRepository;

在方法attemptAuthentication(),改變存儲庫:

user = userRepository().login(creds);

來源

2018-01-07 18:13:53

相關問題

 相關問題