使用电子邮件和用户名作为Grails中Spring安全插件的登录

Question

我在我的Grails应用程序中使用spring安全插件，我希望注册的用户使用注册过程中提供的用户名或电子邮件地址登录应用程序。（就像fb一样）

我已经看过网络并关注Grails文档::: http://grails-plugins.github.io/grails-spring-security-core/docs/manual/guide/single.html#4.1%20Person%20Class

但找不到任何解决方案。

任何帮助将受到高度赞赏。

提前致谢

Answer 1

从spring-security的角度来看，你应该做的是实现自己的org.springframework.security.core.userdetails.UserDetailsS​​ervice

public class MyUserServiceImpl implements UserDetailsService{

    @Autowired
    private AdminUserDao dao;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {

    ... Here comes your logic to get your the user based on email or userid ...

    }
}

在你的spring配置中，你必须引用你的UserDetails类：

<authentication-manager>
    <authentication-provider user-service-ref="myUserServiceImpl" />
</authentication-manager>

心连心

Answer 2

我认为最近有什么关于此的。 在更高版本的spring security / grails 3.2.8中。 这是我的：

这是在服务中创建的服务。 用户电子邮件位于User之外的单独类中，因此attributes.email检查否则您可以执行User.findByUsernameOrEmail(username,username)

所以我将UserEmailUserService作为服务：

package com.app.users

import grails.plugin.springsecurity.userdetails.GormUserDetailsService
import grails.transaction.Transactional
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
import org.springframework.security.core.Authentication
import org.springframework.security.core.GrantedAuthority
import org.springframework.security.core.authority.SimpleGrantedAuthority
import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.security.core.userdetails.UserDetails
import org.springframework.security.core.userdetails.UsernameNotFoundException

class UserEmailUserService extends GormUserDetailsService{

    UserDetails loadUserByUsername(String username, boolean loadRoles)
            throws UsernameNotFoundException {
        return loadUserByUsername(username)
    }

    @Transactional
    UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        //enable login with either username or password
        User user = User.find {
            username == username || attributes.email == username
        }
        if (!user) throw new UsernameNotFoundException('User not found', username)
        UserDetails userDetails = new org.springframework.security.core.userdetails.User(user.username, user.getPassword(),
                user.enabled, !user.accountExpired, !user.passwordExpired, !user.accountLocked, getAuthorities(user.roles))
        Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities())
        SecurityContextHolder.getContext().setAuthentication(authentication);
        return userDetails
    }

    public static List<GrantedAuthority> getAuthorities(Set<Role> roles) {
       List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>()
       roles?.each { role ->
          authorities.add(new SimpleGrantedAuthority(role.authority))
       }
       return authorities
   }
}

然后在conf/spring/resources.groovy ：

import com.app.users.UserEmailUserService

// Place your Spring DSL code here
beans = {
      userDetailsService(UserEmailUserService){
            grailsApplication = ref('grailsApplication')
        }
}

请注意我调用了user.roles这是我在用户类中进行的自定义调用。 由于我有组角色等：

Set<Role> getRoles() {
    UserRole.findAllByUser(this)*.role
}