使用電子郵件和用戶名作為Grails中Spring安全插件的登錄

Question

我在我的Grails應用程序中使用spring安全插件，我希望注冊的用戶使用注冊過程中提供的用戶名或電子郵件地址登錄應用程序。（就像fb一樣）

我已經看過網絡並關注Grails文檔::: http://grails-plugins.github.io/grails-spring-security-core/docs/manual/guide/single.html#4.1%20Person%20Class

但找不到任何解決方案。

任何幫助將受到高度贊賞。

提前致謝

Answer 1

從spring-security的角度來看，你應該做的是實現自己的org.springframework.security.core.userdetails.UserDetailsS​​ervice

public class MyUserServiceImpl implements UserDetailsService{

    @Autowired
    private AdminUserDao dao;

    @Override
    public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException, DataAccessException {

    ... Here comes your logic to get your the user based on email or userid ...

    }
}

在你的spring配置中，你必須引用你的UserDetails類：

<authentication-manager>
    <authentication-provider user-service-ref="myUserServiceImpl" />
</authentication-manager>

心連心

Answer 2

我認為最近有什么關於此的。 在更高版本的spring security / grails 3.2.8中。 這是我的：

這是在服務中創建的服務。 用戶電子郵件位於User之外的單獨類中，因此attributes.email檢查否則您可以執行User.findByUsernameOrEmail(username,username)

所以我將UserEmailUserService作為服務：

package com.app.users

import grails.plugin.springsecurity.userdetails.GormUserDetailsService
import grails.transaction.Transactional
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken
import org.springframework.security.core.Authentication
import org.springframework.security.core.GrantedAuthority
import org.springframework.security.core.authority.SimpleGrantedAuthority
import org.springframework.security.core.context.SecurityContextHolder
import org.springframework.security.core.userdetails.UserDetails
import org.springframework.security.core.userdetails.UsernameNotFoundException

class UserEmailUserService extends GormUserDetailsService{

    UserDetails loadUserByUsername(String username, boolean loadRoles)
            throws UsernameNotFoundException {
        return loadUserByUsername(username)
    }

    @Transactional
    UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
        //enable login with either username or password
        User user = User.find {
            username == username || attributes.email == username
        }
        if (!user) throw new UsernameNotFoundException('User not found', username)
        UserDetails userDetails = new org.springframework.security.core.userdetails.User(user.username, user.getPassword(),
                user.enabled, !user.accountExpired, !user.passwordExpired, !user.accountLocked, getAuthorities(user.roles))
        Authentication authentication = new UsernamePasswordAuthenticationToken(userDetails, null, userDetails.getAuthorities())
        SecurityContextHolder.getContext().setAuthentication(authentication);
        return userDetails
    }

    public static List<GrantedAuthority> getAuthorities(Set<Role> roles) {
       List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>()
       roles?.each { role ->
          authorities.add(new SimpleGrantedAuthority(role.authority))
       }
       return authorities
   }
}

然后在conf/spring/resources.groovy ：

import com.app.users.UserEmailUserService

// Place your Spring DSL code here
beans = {
      userDetailsService(UserEmailUserService){
            grailsApplication = ref('grailsApplication')
        }
}

請注意我調用了user.roles這是我在用戶類中進行的自定義調用。 由於我有組角色等：

Set<Role> getRoles() {
    UserRole.findAllByUser(this)*.role
}