Не проходит авторизация spring secirity
Пишу небольшое приложение используя Spring Security. Вроде бы все сделал, но авторизация не проходит, хотя в БД есть пользователь с указанными логином и паролем
В чем может быть проблема?
Класс контроллер
@Controller
@RequestMapping("/auth")
public class AuthController {
private final UserValidator userValidator;
private final UserService userService;
private final ModelMapper modelMapper;
@Autowired
public AuthController(UserValidator userValidator, UserService userService, ModelMapper modelMapper) {
this.userValidator = userValidator;
this.userService = userService;
this.modelMapper = modelMapper;
}
@GetMapping("/login")
public String loginPage() {
return "auth/login";
}
@GetMapping("/registration")
public String registrationPage(@ModelAttribute("user") UserDTO userDTO) {
return "auth/registration";
}
@PostMapping("/registration")
public String performRegistration(@ModelAttribute("user") @Valid UserDTO userDTO, BindingResult bindingResult) {
User user = convertToUser(userDTO);
userValidator.validate(user, bindingResult);
if (bindingResult.hasErrors()) {
StringBuilder errorMessage = new StringBuilder();
List<FieldError> errors = bindingResult.getFieldErrors();
for (FieldError error : errors) {
errorMessage.append(error.getField()).append(error.getDefaultMessage()).append(";");
}
System.out.println(errorMessage);
return "/auth/registration";
}
userService.registerUser(user);
return "redirect:/auth/login";
}
private User convertToUser(UserDTO userDTO) {
return modelMapper.map(userDTO, User.class);
}
}
Класс SecurityConfig
@EnableWebSecurity
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
private final UsersDetailsService usersDetailsService;
@Autowired
public SecurityConfig(UsersDetailsService usersDetailsService) {
this.usersDetailsService = usersDetailsService;
}
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.authorizeRequests()
.antMatchers("/styles/css/style.css","/js/bootstrap.js","/images/icons/registration_icon.png").permitAll()
.antMatchers("/auth/login", "/auth/registration", "/error").permitAll()
.anyRequest().hasAnyRole("USER", "ADMIN")
.and()
.formLogin()
.loginPage("/auth/login")
.loginProcessingUrl("/process_login")
.defaultSuccessUrl("/hello", true)
.failureUrl("/auth/login?error")
.and()
.logout()
.logoutUrl("/logout")
.logoutSuccessUrl("/auth/login");
}
@Override
protected void configure(AuthenticationManagerBuilder auth) throws Exception {
auth.userDetailsService(usersDetailsService).passwordEncoder(getPasswordEncoder());
}
@Bean
public PasswordEncoder getPasswordEncoder() {
return new BCryptPasswordEncoder();
}
}
Класс UsersDetails
public class UsersDetails implements UserDetails {
private final User user;
@Autowired
public UsersDetails(User user) {
this.user = user;
}
@Override
public Collection<? extends GrantedAuthority> getAuthorities() {
System.out.println(user.getRole() + " ***");
return Collections.singletonList(new SimpleGrantedAuthority(user.getRole()));
}
@Override
public String getPassword() {
return user.getPassword();
}
@Override
public String getUsername() {
return user.getUsername();
}
@Override
public boolean isAccountNonExpired() {
return false;
}
@Override
public boolean isAccountNonLocked() {
return false;
}
@Override
public boolean isCredentialsNonExpired() {
return false;
}
@Override
public boolean isEnabled() {
return false;
}
public User getUser() {
return user;
}
}
Класс UsersDetailsService
@Service
public class UsersDetailsService implements UserDetailsService {
private final UserRepository userRepository;
@Autowired
public UsersDetailsService(UserRepository userRepository) {
this.userRepository = userRepository;
}
@Override
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
Optional<User> user = userRepository.findByUsername(username);
if (user.isEmpty()) {
throw new UsernameNotFoundException("User not found!");
} else {
System.out.println(user.get());
return new UsersDetails(user.get());
}
}
}
Класс UserService
@Service
@Transactional(readOnly = true)
public class UserService {
private final UserRepository repository;
private final PasswordEncoder passwordEncoder;
@Autowired
public UserService(UserRepository repository, PasswordEncoder passwordEncoder) {
this.repository = repository;
this.passwordEncoder = passwordEncoder;
}
public Optional<User> findByUsername(String username) {
Optional<User> personOptional = repository.findByUsername(username);
return personOptional;
}
@Transactional
public void registerUser(User user) {
user.setPassword(passwordEncoder.encode(user.getPassword()));
user.setRole("ROLE_USER");
user.setCreateDate(LocalDateTime.now());
user.setUpdateDate(LocalDateTime.now());
user.setStatus(1);
repository.save(user); //Сохраняем пользователя
}
}
UserDTO
public class UserDTO {
@NotNull(message = "Фамилия пользователя не должна быть пустой")
private String surname;
@NotNull(message = "Имя пользователя не должно быть пустым")
private String name;
@Column(name = "patronymic")
private String patronymic;
@NotNull(message = "Дата рождения пользователя не должно быть пустым")
private LocalDate birthDate;
private String address;
private String note;
private String role;
@NotNull(message = "Статус пользователя не может быть пустым")
private final int status = 1;
@NotNull(message = "Логин пользователя не может быть пустым")
private String username;
@NotNull(message = "Пароль пользователя не может быть пустым")
private String password;
public String getSurname() {
return surname;
}
public void setSurname(String surname) {
this.surname = surname;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPatronymic() {
return patronymic;
}
public void setPatronymic(String patronymic) {
this.patronymic = patronymic;
}
public LocalDate getBirthDate() {
return birthDate;
}
public void setBirthDate(LocalDate birthDate) {
this.birthDate = birthDate;
}
public String getAddress() {
return address;
}
public void setAddress(String address) {
this.address = address;
}
public String getNote() {
return note;
}
public void setNote(String note) {
this.note = note;
}
public String getRole() {
return role;
}
public void setRole(String role) {
this.role = role;
}
public int getStatus() {
return status;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
User
@Entity
@Table(name = "users")
public class User {
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
@Column(name = "id")
private int id;
@Column(name = "create_date")
@NotNull(message = "При добавлении пользователя дата создания не должна быть пустой")
private LocalDateTime createDate;
@Column(name = "update_date")
@NotNull(message = "При обнновлении пользователя дата обновления не должна быть пустой")
private LocalDateTime updateDate;
@Column(name = "surname")
@NotNull(message = "Фамилия пользователя не должна быть пустой")
private String surname;
@Column(name = "name")
@NotNull(message = "Имя пользователя не должно быть пустым")
private String name;
@Column(name = "patronymic")
private String patronymic;
@Column(name = "birth_date")
@NotNull(message = "Дата рождения пользователя не должно быть пустым")
private LocalDate birthDate;
@Column(name = "address")
private String address;
@Column(name = "note")
private String note;
@Column(name = "role")
private String role;
@Column(name = "status")
@NotNull(message = "Статус пользователя не может быть пустым")
private int status;
@Column(name = "username")
@NotNull(message = "Логин пользователя не может быть пустым")
private String username;
@Column(name = "password")
@NotNull(message = "Пароль пользователя не может быть пустым")
private String password;
public User() {}
public User(String surname, String name, String patronymic, LocalDate birthDate, String address, String note, int status, String username, String password) {
this.surname = surname;
this.name = name;
this.patronymic = patronymic;
this.birthDate = birthDate;
this.address = address;
this.note = note;
this.status = status;
this.username = username;
this.password = password;
}
public int getId() {
return id;
}
public void setId(int id) {
this.id = id;
}
public LocalDateTime getCreateDate() {
return createDate;
}
public void setCreateDate(LocalDateTime createDate) {
this.createDate = createDate;
}
public LocalDateTime getUpdateDate() {
return updateDate;
}
public void setUpdateDate(LocalDateTime updateDate) {
this.updateDate = updateDate;
}
public String getSurname() {
return surname;
}
public void setSurname(String surname) {
this.surname = surname;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getPatronymic() {
return patronymic;
}
public void setPatronymic(String patronymic) {
this.patronymic = patronymic;
}
public LocalDate getBirthDate() {
return birthDate;
}
public void setBirthDate(LocalDate birthDate) {
this.birthDate = birthDate;
}
public String getAddress() {
return address;
}
public void setAddress(String address) {
this.address = address;
}
public String getNote() {
return note;
}
public void setNote(String note) {
this.note = note;
}
public String getRole() {
return role;
}
public void setRole(String role) {
this.role = role;
}
public int getStatus() {
return status;
}
public void setStatus(int status) {
this.status = status;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
@Override
public String toString() {
return "User{" +
"surname='" + surname + '\'' +
", name='" + name + '\'' +
", patronymic='" + patronymic + '\'' +
", birthDate=" + birthDate +
", address='" + address + '\'' +
", note='" + note + '\'' +
", status=" + status +
", username='" + username + '\'' +
", password='" + password + '\'' +
'}';
}
}
Бин ModelMapper
@Bean
public ModelMapper modelMapper() {
return new ModelMapper();
}
Форма login.html
<!DOCTYPE html>
<html lang="en" xmlns:th="http://www.thymeleaf.org">
<head>
<meta charset="UTF-8">
<link rel="stylesheet" th:href="@{/styles/css/style.css}"/>
<title>Login page</title>
</head>
<body>
<div class="login_form">
<div class="header_wrapper">
<img th:src="@{/images/icons/authorization_icon.png}" alt="Иконка"/>
<h2>Авторизация пользователя</h2>
</div>
<div class="form_wrapper">
<form name="f" method="post" action="/process_login">
<input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}">
<input type="text" name="username" id="username" placeholder="Логин"/>
<input type="password" name="password" id="password" placeholder="Пароль"/>
<div class="error_block" th:if="${param.error}" style="color: red">
<span>Неправильные логин или пароль</span>
</div>
<input type="submit" value="Авторизация"/>
</form>
</div>
</div>
</body>
</html>