使用电子邮件地址作为唯一标识符,而不是使用Shiro for Grails的用户名

时间:2013-08-20 10:47:49

标签: authentication grails shiro

我希望在Grails应用中使用用户名/密码组合进行身份验证,而不是使用电子邮件/密码。我试图对AuthControler.groovy和ShiroDbReal.groovy进行更改以允许此操作,但它不允许我登录。

这是我的模型类

class User {
String email
String passwordHash
byte[] passwordSalt


static belongsTo = Account
static hasMany = [ roles: Role, permissions: String ]

static constraints = {
    email (nullable: false, blank: false, unique: true)
}
}

这是我的AuthController signIn函数

def signIn = {
    def authToken = new UsernamePasswordToken(params.email, params.password as String)

    if (params.rememberMe) {
        authToken.rememberMe = true
    }

    def targetUri = params.targetUri ?: "/"

    def savedRequest = WebUtils.getSavedRequest(request)
    if (savedRequest) {
        targetUri = savedRequest.requestURI - request.contextPath
        if (savedRequest.queryString) targetUri = targetUri + '?' + savedRequest.queryString
    }

    try{
        SecurityUtils.subject.login(authToken)
        redirect(uri: targetUri)
    }
    catch (AuthenticationException ex){
        log.info "Authentication failure for user '${params.username}'."
        flash.message = message(code: "login.failed")
        redirect(action: "login", params: m)
    }
}

最后我的ShiroDbReal.groovy 

    def authenticate(authToken) {
    log.info "Attempting to authenticate ${authToken.username} in DB realm..."
    def email = authToken.username

    if (email == null) {
        throw new AccountException("Null usernames are not allowed by this realm.")
    }

    def user = User.findByEmail(email)
    if (!user) {
        throw new UnknownAccountException("No account found for user [${username}]")
    }

    log.info "Found user '${user.username}' in DB"
    def account = new SimpleAuthenticationInfo(email, user.passwordHash, new SimpleByteSource(user.passwordSalt), "ShiroDbRealm")

    if (!credentialMatcher.doCredentialsMatch(authToken, account)) {
        log.info "Invalid password (DB realm)"
        throw new IncorrectCredentialsException("Invalid password for user '${username}'")
    }

    return account
}

我收到一个' groovy.lang.MissingPropertyException:没有这样的属性:类的用户名:icango.User'在' SecurityUtils.subject.login(authToken)'的调试器中出现异常方法调用。

我不确定在哪里查看,因为我无法找到有关更改唯一标识符的任何文档。任何帮助都会非常感激。

2 个答案:

答案 0 :(得分:2)

您忘记更改以下行:

log.info "Found user '${user.username}' in DB"

将其删除或更改为:

log.info "Found user '${user.email}' in DB"

应该修复它。

答案 1 :(得分:0)

顺便提一下,所有例外情况都是如此......您应该将所有用户名出现更改为电子邮件。

相关问题
最新问题