Spring mvc Spring启动密码Bcrypt
我有springboot rest代码来注册一些用户。我用bycrpt编码器对它进行编码。代码如下所示Spring mvc Spring启动密码Bcrypt,spring-mvc,spring-boot,Spring Mvc,Spring Boot,我有springboot rest代码来注册一些用户。我用bycrpt编码器对它进行编码。代码如下所示 @RequestMapping(value="/customer/new", method=RequestMethod.POST) public Customer newCustomer (@RequestBody Customer customer){ customer.setPassword(new BCryptPasswordEncoder().encod
@RequestMapping(value="/customer/new", method=RequestMethod.POST)
public Customer newCustomer (@RequestBody Customer customer){
customer.setPassword(new BCryptPasswordEncoder().encode(customer.getPassword()));
return customerservice.saveCustomer(customer);
}
@RequestMapping(value = "customer/login", method = RequestMethod.POST)
public String login(@RequestBody Customer login) throws ServletException {
String jwtToken = "";
if (login.getUsername()== null || login.getPassword()== null) {
throw new ServletException("Please fill in username and password");
}
String username = login.getUsername();
String password = new BCryptPasswordEncoder().encode(login.getPassword());
Customer customer = customerservice.findByusername(username);
if (customer == null) {
throw new ServletException("Username not found.");
}
String pwd = customer.getPassword();
if (!password.equals(pwd)) {
throw new ServletException("Invalid login. Please check your name and password.");
}
因此,它成功地用编码密码存储了密码
像这样的事
$2a$10$f25IxR/b7wNJBl7Zi.zEMOzpR2nDEw7IJwR3tv/BVKsKJRAtDe1Mq
因此,我使登录rest控制器如下所示
@RequestMapping(value="/customer/new", method=RequestMethod.POST)
public Customer newCustomer (@RequestBody Customer customer){
customer.setPassword(new BCryptPasswordEncoder().encode(customer.getPassword()));
return customerservice.saveCustomer(customer);
}
@RequestMapping(value = "customer/login", method = RequestMethod.POST)
public String login(@RequestBody Customer login) throws ServletException {
String jwtToken = "";
if (login.getUsername()== null || login.getPassword()== null) {
throw new ServletException("Please fill in username and password");
}
String username = login.getUsername();
String password = new BCryptPasswordEncoder().encode(login.getPassword());
Customer customer = customerservice.findByusername(username);
if (customer == null) {
throw new ServletException("Username not found.");
}
String pwd = customer.getPassword();
if (!password.equals(pwd)) {
throw new ServletException("Invalid login. Please check your name and password.");
}
登录rest控制器从输入获取用户名,从用户输入获取密码。我尝试对密码进行编码,这样它就可以作为Bcrypt编码的密码返回,并与之前存储的密码匹配
但它不匹配。我可以得到相同的密码编码。如何解决这个问题?
使用springboot rest的im新手BCryptPasswordEncoder的encode()
方法返回一个salt散列。这意味着使用相同的参数调用此方法将不会返回相同的值
因此是matches()
方法。使用此选项验证密码
您还应该将BCryptPasswordEncoder用作bean,以便可以自动连接它
@Configuration
public class SomeConfigurationClass {
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(12);
}
}
BCryptPasswordEncoder的encode()
方法返回一个salt散列。这意味着使用相同的参数调用此方法将不会返回相同的值
因此是matches()
方法。使用此选项验证密码
您还应该将BCryptPasswordEncoder用作bean,以便可以自动连接它
@Configuration
public class SomeConfigurationClass {
@Bean
public BCryptPasswordEncoder passwordEncoder() {
return new BCryptPasswordEncoder(12);
}
}
你的代码很好。调试代码以查找问题。在匹配之前打印或调试编码和存储的密码您的代码正常。调试代码以查找问题。在匹配之前打印或调试编码和存储的密码