Spring boot - return user object after log in -

i have spring boot application websecurityconfigureradapter configured -

http.csrf().disable()                     .exceptionhandling()                     .authenticationentrypoint(restauthenticationentrypoint)                     .and()                 .authorizerequests()                     .antmatchers("/user/*", "/habbit/*").authenticated()                     .and()                 .formlogin()                     .loginprocessingurl("/login")                     .permitall()                     .usernameparameter("email")                     .passwordparameter("pass")                     .successhandler(authenticationsuccesshandler)                     .failurehandler(new simpleurlauthenticationfailurehandler())                     .and()                 .logout()                     .logouturl("/logout")                     .invalidatehttpsession(true); 

can add own controller would, after successful authentication, return custom object details authenticated user?

update: clarity, i'm using angular application client. need make 2 requests form client server: 1. post request /login url authentication. 2. request retrieve authenticated user data.

my aim have 1st request return me user information don't have make 2dn request. 1st request authenticates user, creates session on server , send '200 ok' status response no data. want return success response with data logged in user.

answered:

the correct answer in comments write here: needed redirect successhandler controller in turn returns logged in user info ( in case controller in url '/user/me':

 @override     public void onauthenticationsuccess(httpservletrequest request, httpservletresponse response,                                         authentication authentication) throws servletexception, ioexception {         clearauthenticationattributes(request);         getredirectstrategy().sendredirect(request, response, "/user/me");     } 

if understand problem right, can suggest next way.

first of have implement class, contain user information. class must inherited org.springframework.security.core.userdetails.user:

public class customuserdetails extends user {      public customuserdetails(string username, string password,          collection<? extends grantedauthority> authorities) {                     super(username, password, authorities);     }      //for example lets add person data             private string firstname;     private string lastname;      //getters , setters } 

next step, have create own implementation of interface org.springframework.security.core.userdetails.userdetailsservice:

@service public class customuserdetailservice implements userdetailsservice{      @override     public userdetails loaduserbyusername(string username) throws usernamenotfoundexception{                   if(stringutils.isempty(username))              throw new usernamenotfoundexception("user name empty");          //if don't use authority based security, add empty set         set<grantedauthority> authorities = new hashset<>();         customuserdetails userdetails = new customuserdetails(username, "", authorities);                      //here can load user's data db or          //any other source , do:         //userdetails.setfirstname(firstname);         //userdetails.setlastname(lastname);          return userdetails;     }  } 

as see, class has 1 method, can load , set custom user details. note, marked class @service annotation. can register in java-config or xml context.

now, access user data after successful authentication, can use next approach, when spring automatically pass principal in controller's method:

@controller public class mycontroller{      @requestmapping("/mapping")     public string mymethod(principal principal, modelmap model){         customuserdetails userdetails = (customuserdetails)principal;         model.addattribute("firstname", userdetails.getfirstname());         model.addattribute("lastname", userdetails.getlastname());     } } 

or 1 way:

@controller public class mycontroller{      @requestmapping("/mapping")     public string mymethod(modelmap model){         authentication auth = securitycontextholder.getcontext().getauthentication();         customuserdetails userdetails = (customuserdetails)auth.getprincipal();         model.addattribute("firstname", userdetails.getfirstname());         model.addattribute("lastname", userdetails.getlastname());     } } 

this method can used in other places, spring not pass principal automatically.

to go specific address after successful authentication can use simpleurlauthenticationsuccesshandler. create in config:

@bean public savedrequestawareauthenticationsuccesshandler successhandler() {     savedrequestawareauthenticationsuccesshandler successhandler = new savedrequestawareauthenticationsuccesshandler();     successhandler.settargeturlparameter("/succeslogin");     return successhandler; } 

and use in configuration:

http.formlogin()     .loginprocessingurl("/login")     .permitall()     .usernameparameter("email")     .passwordparameter("pass")     .successhandler(successhandler()) 

after can create controller, send response speciafied url:

@controller @requestmapping("/sucesslogin") public class successlogincontroller{       @requestmapping(method = requestmethod.post)      public string index(modelmap model, principal principal){          //here can return view response      }  } 

of cause, can return not view, json response (using @responsebody annotation), or else, depends on front-end. hope helpful.