使用电子邮件和用户名作为Grails中Spring安全插件的登录

时间:2013-09-29 07:23:38

标签: grails spring-security

我在Grails应用程序中使用spring安全插件,我希望注册的用户使用注册过程中提供的用户名或电子邮件地址登录应用程序。(就像fb一样)

我已经查看了网页并关注Grails docs ::: http://grails-plugins.github.io/grails-spring-security-core/docs/manual/guide/single.html#4.1%20Person%20Class

但找不到任何解决方案。

任何帮助都将受到高度赞赏。

提前致谢

2 个答案:

答案 0 :(得分:8)

从弹簧安全的角度来看,您应该做的是实现自己的 org.springframework.security.core.userdetails.UserDetailsS​​ervice 

public class MyUserServiceImpl implements UserDetailsService{

    @Autowired
    private AdminUserDao dao;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {

    ... Here comes your logic to get your the user based on email or userid ...

    }
}
在你的spring配置中

你必须引用你的UserDetails类:

<authentication-manager>
    <authentication-provider user-service-ref="myUserServiceImpl" />
</authentication-manager>

HTH

答案 1 :(得分:0)

我认为最近没有任何相关内容。在更高版本的spring security / grails 3.2.8中。这是我的:

这是在服务中创建的服务。用户电子邮件位于User之外的单独类中,因此attributes.email检查,否则您可以User.findByUsernameOrEmail(username,username)

所以我将UserEmailUserService作为服务:

package com.app.users

import grails.plugin.springsecurity.userdetails.GormUserDetailsService
import grails.transaction.Transactional
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
import org.springframework.security.core.Authentication
import org.springframework.security.core.GrantedAuthority
import org.springframework.security.core.authority.SimpleGrantedAuthority
import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.security.core.userdetails.UserDetails
import org.springframework.security.core.userdetails.UsernameNotFoundException

class UserEmailUserService extends GormUserDetailsService{

    UserDetails loadUserByUsername(String username, boolean loadRoles)
            throws UsernameNotFoundException {
        return loadUserByUsername(username)
    }

    @Transactional
    UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        //enable login with either username or password
        User user = User.find {
            username == username || attributes.email == username
        }
        if (!user) throw new UsernameNotFoundException('User not found', username)
        UserDetails userDetails = new org.springframework.security.core.userdetails.User(user.username, user.getPassword(),
                user.enabled, !user.accountExpired, !user.passwordExpired, !user.accountLocked, getAuthorities(user.roles))
        Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities())
        SecurityContextHolder.getContext().setAuthentication(authentication);
        return userDetails
    }

    public static List<GrantedAuthority> getAuthorities(Set<Role> roles) {
       List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>()
       roles?.each { role ->
          authorities.add(new SimpleGrantedAuthority(role.authority))
       }
       return authorities
   }
}

然后在conf/spring/resources.groovy

import com.app.users.UserEmailUserService

// Place your Spring DSL code here
beans = {
      userDetailsService(UserEmailUserService){
            grailsApplication = ref('grailsApplication')
        }
}

请注意我拨打了user.roles这是我在用户类中进行的自定义调用。由于我有组角色等:

Set<Role> getRoles() {
    UserRole.findAllByUser(this)*.role
}
相关问题
最新问题