I'm working on my next app, and the use case is that after a user signs up, he/she will be redirected to the dashboard "page". Spring security is great for adding out of the box functionality, but after combing through the documentation, it was unable to fulfill what I wanted to do. The problem is creating a user and a user role has nothing to do with the fact that the user is authenticated. I searched The Google and came across someone who had the same problem. Apparently he was directed to the
helper class methods in the plugin. Turns out there is a poorly documented method, there,
reauthenticate(). I didn't bother to completely read what the method did because of the name. I wanted something along the lines of authenticate(), not reauthenticate(). The documentation and the sample use case they described didn't make it apparent that it was the method to use either.
So, anyways, to make it work, my controller method looks like this:
def save() {
def userInstance = new User(params)
if (!userInstance.save(flush: true)) {
render(view: "create", model: [userInstance: userInstance])
return
}
def userRole = Role.findByAuthority('ROLE_USER')
UserRole.create(userInstance, userRole, true)
// use this to set the context.
springSecurityService.reauthenticate(userInstance.email);
flash.message = message(code: 'default.created.message', args: [message(code: 'user.label', default: 'User'), userInstance.id])
redirect(controller: 'dashboard', id: userInstance.id)
}
No comments:
Post a Comment