I use Spring security. Is there a way to log in using email instead of a username in Spring security?
You need an "email" parameter in your login form
<input type="email" name="email">
Then let your custom WebSecurityConfigurerAdapter know that "email" is a principal parameter now
protected void configure(HttpSecurity http) throws Exception {
http
.formLogin()
.loginPage("/login")
.usernameParameter("email")
.permitAll()
.and()
.logout()
.permitAll();
}
Finally, override loadUserByUsername() in your UserDetailsService implementation
@Override
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
User user = userRepo.findByEmail(email);
if (user == null) {
throw new UsernameNotFoundException("Not found!");
}
return user;
}
The simplest way is just regard email
as username
.
For many cases, email contains your username. For example: [email protected]
. In this email, abc
is your username.
So you just need to let the user input email directly.
The only thing you need to update is change your query SQL similar as below:
Change (query by username):
SELECT username,password FROM users WHERE username=#{username}
to (query by email)
SELECT email AS username,password FROM users WHERE email=#{username}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With