Last active
June 10, 2018 20:36
-
-
Save OmarElgabry/a96b441061cc6f368b3ea4d83343865b to your computer and use it in GitHub Desktop.
UserDetailsService Implementation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.eureka.auth.security; | |
| import java.util.Arrays; | |
| import java.util.List; | |
| import org.springframework.beans.factory.annotation.Autowired; | |
| import org.springframework.security.core.GrantedAuthority; | |
| import org.springframework.security.core.authority.AuthorityUtils; | |
| import org.springframework.security.core.userdetails.User; | |
| import org.springframework.security.core.userdetails.UserDetails; | |
| import org.springframework.security.core.userdetails.UserDetailsService; | |
| import org.springframework.security.core.userdetails.UsernameNotFoundException; | |
| import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; | |
| import org.springframework.stereotype.Service; | |
| @Service // It has to be annotated with @Service. | |
| public class UserDetailsServiceImpl implements UserDetailsService { | |
| @Autowired | |
| private BCryptPasswordEncoder encoder; | |
| @Override | |
| public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException { | |
| // hard coding the users. All passwords must be encoded. | |
| final List<AppUser> users = Arrays.asList( | |
| new AppUser(1, "omar", encoder.encode("12345"), "USER"), | |
| new AppUser(2, "admin", encoder.encode("12345"), "ADMIN") | |
| ); | |
| for(AppUser appUser: users) { | |
| if(appUser.getUsername().equals(username)) { | |
| // Remember that Spring needs roles to be in this format: "ROLE_" + userRole (i.e. "ROLE_ADMIN") | |
| // So, we need to set it to that format, so we can verify and compare roles (i.e. hasRole("ADMIN")). | |
| List<GrantedAuthority> grantedAuthorities = AuthorityUtils | |
| .commaSeparatedStringToAuthorityList("ROLE_" + appUser.getRole()); | |
| // The "User" class is provided by Spring and represents a model class for user to be returned by UserDetailsService | |
| // And used by auth manager to verify and check user authentication. | |
| return new User(appUser.getUsername(), appUser.getPassword(), grantedAuthorities); | |
| } | |
| } | |
| // If user not found. Throw this exception. | |
| throw new UsernameNotFoundException("Username: " + username + " not found"); | |
| } | |
| // A (temporary) class represent the user saved in the database. | |
| private static class AppUser { | |
| private Integer id; | |
| private String username, password; | |
| private String role; | |
| public AppUser(Integer id, String username, String password, String role) { | |
| this.id = id; | |
| this.username = username; | |
| this.password = password; | |
| this.role = role; | |
| } | |
| // getters and setters .... | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment