Java 验证控制器上的字段(作为请求主体),但不验证是否将其保存在数据库中
我的Spring boot项目中有以下实体类:Java 验证控制器上的字段(作为请求主体),但不验证是否将其保存在数据库中,java,spring,Java,Spring,我的Spring boot项目中有以下实体类: @Entity @Table(name="user_account_entity") @JsonDeserialize(using = UserAccountDeserializer.class) public class UserAccountEntity implements UserDetails { private final static String ROLE_USER = "ROLE_USER"; @Id
@Entity
@Table(name="user_account_entity")
@JsonDeserialize(using = UserAccountDeserializer.class)
public class UserAccountEntity implements UserDetails {
private final static String ROLE_USER = "ROLE_USER";
@Id
@NotBlank
private String id;
@NotBlank(message="Username cannot be empty")
@Email(message="Username must be a valid email address")
private String username;
@NotBlank(message="Password cannot be empty")
@Password
private String password;
@NotNull
@MapsId
@OneToOne(cascade = CascadeType.ALL, fetch = FetchType.LAZY)
private UserEntity user;
public UserAccountEntity(final String username, final String password) {
this.password = password.trim();
this.username = username.trim();
}
public UserAccountEntity() {}
//setters and getters
}
以及以下控制器:
@RequestMapping("/api/authentication")
public class UserAccountControllerImpl implements UserAccountController {
@Autowired
private UserAccountService userAccountService;
@Autowired
private PasswordEncoder passwordEncoder;
@Override
public String create(@RequestBody UserAccountEntity userAccount,
HttpServletResponse response) {
String username = userAccount.getUsername();
String password = userAccount.getPassword();
UserEntity user = new UserEntity();
UserAccountEntity userAccount = new UserAccountEntity(username,
passwordEncoder.encode(password));
userAccount.setUser(user);
userAccountRepository.save(userAccount);
return userAccountService.authenticateUserAndSetResponsenHeader(
username, password, response);
}
}
如您所见,我有一个用于字段密码的自定义验证程序:
如何验证控制器中请求正文中的密码字段,而不是在保存时验证?由于我在保存字段时对其进行了编码,因此在保存字段时验证不会通过 第一步是在请求主体上使用@Valid。因此,新的代码更改如下所示:
@Override
public String create (@Valid @RequestBody UserAccountEntity userAccount,
HttpServletResponse response) {
...
}
在此之后,您可以使用InitBinder绑定自定义验证器:
@InitBinder
public void binder(WebDataBinder binder) {
binder.addValidator(new PasswordValidator());
}
请注意,标有@InitBinder的方法是控制器类的一部分。是否需要从UserAccountEntity类的字段中删除@Password?我有一个定义为ControllerAdvice的ExceptionHandlingController来处理验证器抛出的异常。我还需要保留它吗?如果您使用@InitBinder添加验证器,则不需要@Password
@InitBinder
public void binder(WebDataBinder binder) {
binder.addValidator(new PasswordValidator());
}