i faced this problem , when i send request with invalid user credentials. If user credentials are valid , everything works normal.
Controller
@RestController
@RequestMapping(value = "/auth/")
public class AuthenticationRestController {
private final AuthenticationManager authenticationManager;
private final JwtTokenProvider jwtTokenProvider;
private final UserService userService;
@Autowired
public AuthenticationRestController(AuthenticationManager authenticationManager, JwtTokenProvider jwtTokenProvider, UserService userService) {
this.authenticationManager = authenticationManager;
this.jwtTokenProvider = jwtTokenProvider;
this.userService = userService;
}
@PostMapping("login")
@ResponseBody
public AuthenticationResponseDTO login(@RequestBody AuthenticationRequestDTO requestDto) {
try {
String email = requestDto.getEmail();
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(email, requestDto.getPassword()));
userService.findByEmail(email);
String token = jwtTokenProvider.createToken(email);
return AuthenticationResponseDTO.builder()
.token(token)
.email(email)
.build();
} catch (AuthenticationException e) {
throw new BadCredentialsException("Invalid username or password");
}
}
}
WebSecurity config
@Override
protected void configure(HttpSecurity http) throws Exception {
http
.httpBasic().disable()
.csrf().disable()
.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
.and()
.authorizeRequests()
.antMatchers("/",
"/auth**",
"/auth/login**",
"/registration/**/**",
"/password/restore**",
"/js/**",
"/assets/**",
"/error**").permitAll()
.antMatchers(ADMIN_ENDPOINT).hasRole("ADMIN")
.anyRequest().authenticated()
.and()
.apply(new JwtConfigurer(jwtTokenProvider))
.and()
.logout().permitAll();
}
if i send success request,
{
"email" : "[email protected]",
"password" : "test"
}
i get this
{
"email": "[email protected]",
"token": "eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJhZG1pbkBnbWFpbC5jb20iLCJyb2xlcyI6WyJVU0VSIiwiRU5URVJQUklTRV9VU0VSIiwiTU9ERVJBVE9SIiwiQURNSU4iXSwiaWF0IjoxNTcyOTQ0Mzg0LCJleHAiOjE1NzI5NDc5ODR9.D1RCgT9xI1EavnHvKVs2vB9RjnxUXQ3z9Ne9hxcIa60"
}
But if i send bad credentials :
{
"email" : "[email protected]",
"password" : "wrong"
}
i get this :
{
"timestamp": "2019-11-05T09:01:30.291+0000",
"status": 500,
"error": "Internal Server Error",
"message": "Invalid username or password",
"trace": "org.springframework.security.authentication.BadCredentialsException:...
}
that is OK ,BUT i get Error in my logs
**org.thymeleaf.exceptions.TemplateInputException: Error resolving template [auth/login], template might not exist or might not be accessible by any of the configured Template Resolvers**
Can someone help with this problem?
I found the solution , but still don't know why it works like this.
I add this configuration ,and now have no errors
@Configuration
public class WebMvcConfig implements WebMvcConfigurer {
@Bean
public WebServerFactoryCustomizer<ConfigurableWebServerFactory> webServerCustomizer() {
return container -> container.addErrorPages(new ErrorPage(HttpStatus.NOT_FOUND, "/"));
}
}
Please can someone explain me what was my problem?)
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments