【发布时间】:2020-10-30 19:38:54
【问题描述】:
当我调用我的 API 来验证前端的令牌时,我在调用我的 UserDetailsService 的 loadUserByUsername 方法时遇到了问题。我能够将用户名传递给该方法,但我的userRepository 无法执行findByUsername 方法,我不确定发生了什么。我在调用之前打印出名称,它返回了正确的用户名,数据库中也存在该名称的用户。
这是我在控制台中得到的:
2020-07-09 22:46:55.121 INFO 18048 --- [nio-8080-exec-4] o.s.web.servlet.DispatcherServlet : Completed initialization in 10 ms
2020-07-09 22:46:55.153 INFO 18048 --- [nio-8080-exec-4] c.g.Apollo.security.jwt.JwtFilter : token not presented...
2020-07-09 22:46:55.759 INFO 18048 --- [nio-8080-exec-4] c.g.Apollo.service.UserService : success...
2020-07-09 22:47:10.885 INFO 18048 --- [nio-8080-exec-5] c.g.Apollo.security.jwt.JwtFilter : token not presented...
2020-07-09 22:47:10.898 INFO 18048 --- [nio-8080-exec-5] c.g.A.s.jwt.JwtUserDetailsService : load user... max123
2020-07-09 22:47:10.909 WARN 18048 --- [nio-8080-exec-5] g.e.SimpleDataFetcherExceptionHandler : Exception while fetching data (/verifyToken) : null
java.lang.NullPointerException: null
at com.**.Apollo.security.jwt.JwtUserDetailsService.loadUserByUsername(JwtUserDetailsService.java:23) ~[classes/:na]
at com.**.Apollo.service.UserService.verifyToken(UserService.java:173) ~[classes/:na]
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:na]
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[na:na]
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:na]
at java.base/java.lang.reflect.Method.invoke(Method.java:564) ~[na:na]
at io.leangen.graphql.metadata.execution.SingletonMethodInvoker.execute(SingletonMethodInvoker.java:21) ~[spqr-0.9.9.jar:na]
当我登录用户时,UserRepository 方法工作得很好,但在这里失败了。
JwtUserDetailsService,这是从 verifyToken 方法中调用的:
@Slf4j
@Service
public class JwtUserDetailsService implements UserDetailsService {
private UserRepository userRepository;
@Override
public UserDetails loadUserByUsername(String username) {
log.info("load user... {}", username);
Optional<User> user = userRepository.findByUsername(username);
log.info("after");
if (user.isPresent()) {
log.info("user:: {}", user.get().getUsername());
return getJwtUser(user.get());
} else {
log.info("user not found");
return null;
}
}
public JwtUser getJwtUser(User user) {
return new JwtUser(
user.getId(),
user.getUsername(),
user.getFirstName(),
user.getLastName(),
user.getEmail(),
user.getPassword(),
List.of(new SimpleGrantedAuthority(user.getRole().getRoleName().name())),
user.getEnabled(),
null
);
}
用户存储库:
@Repository
public interface UserRepository extends JpaRepository<User, Long> {
Optional<User> findByUsername(String username);
boolean existsByUsername(String username);
Optional<User> findByToken(String token);
}
UserSerice,这是暴露给前端的:
@GraphQLQuery
public User verifyToken(String token) {
Optional<User> optionalUser = userRepository.findByToken(token);
if(optionalUser.isPresent()) {
UserDetails userDetails = jwtUserDetailsService.loadUserByUsername(optionalUser.get().getUsername());
if(jwtTokenUtil.isTokenValid(token, userDetails)) {
return optionalUser.get();
}
}
return null;
}
【问题讨论】:
标签: spring spring-security spring-data-jpa spring-data