SpringSecurity 用户帐号已被锁定

01 异常发生场景

• 当我自定义登录接口时
• 以下是我的UserDetailsService和UserDetails接口的实现类

@Service
public class UserDetailsServiceImpl implements UserDetailsService {@Autowiredprivate MsUserServiceImp msUserServiceImp;@Overridepublic UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {//使用mybatis-plus,获取到账号密码数据LambdaQueryWrapper<MsUser> qw=new LambdaQueryWrapper<>();qw.eq(MsUser::getUsername,username);MsUser user = msUserServiceImp.getOne(qw);LoginUser loginUser = new LoginUser();loginUser.setMsUser(user);return loginUser;}
}

@Data
@NoArgsConstructor
@AllArgsConstructor
public class LoginUser implements UserDetails {private MsUser msUser;@Overridepublic Collection<? extends GrantedAuthority> getAuthorities() {return null;}@Overridepublic String getPassword() {return msUser.getPassword();}@Overridepublic String getUsername() {return msUser.getUsername();}@Overridepublic boolean isAccountNonExpired() {return false;}@Overridepublic boolean isAccountNonLocked() {return false;}@Overridepublic boolean isCredentialsNonExpired() {return false;}@Overridepublic boolean isEnabled() {return false;}
}

02 问题发生的原因

• 重写的UserDetails类默认方法返回值为false

1.isAccountNonExpired()

• 判断帐户是否过期

2.isAccountNonLocked()

• 判断帐户是否锁定

3.isCredentialsNonExpired()

• 凭据是否过期，就是登录时间到没到

4.isEnabled()

• 是否启动

03 解决方式

• 将UserDetails接口的实现类里上述方法，也就是所有方法设置为true就可以避免被锁定了