我正在使用Spring Security进行认证的Grails,我需要在登录之前解锁用户的帐户
@Transactional(readOnly=true, noRollbackFor=[IllegalArgumentException, UsernameNotFoundException])
userDetails loaduserbyusername(字符串用户名(抛出usernamenotfoundexception {
User user = User.findByUsername(username)
// Check and unlock account if 24 Hrs has been passed
userService.checkAndUnlockAccountAfter24Hrs(user.id);
if (!user) throw new NoStackUsernameNotFoundException()
def roles = user.authorities
// or if you are using role groups:
// def roles = user.authorities.collect { it.authorities }.flatten().unique()
def authorities = roles.collect {
new SimpleGrantedAuthority(it.authority)
}
return new MyUserDetails(user.username, user.password, user.enabled,
!user.accountExpired, !user.passwordExpired,
!user.accountLocked, authorities ?: NO_ROLES, user.id,
user.name)
}
现在,当我使用记住我登录时检查时,它显示错误:
-
| Error 2017-04-18 12:24:40,426 [http-bio-8080-exec-3] ERROR
[/].[default] - Servlet.service() for servlet [default] in context
with path [] threw exception
Message: retrieveUser returned null - a violation of the interface contract
Line | Method
->> 76 | attemptAuthentication in grails.plugin.springsecurity.web.authentication.RequestHolderAuthenticationFilter
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
| 49 | doFilter in ''
| 82 | doFilter . . . . . . in grails.plugin.springsecurity.web.authentication.logout.MutableLogoutFilter
| 100 | doFilter in com.brandseye.cors.CorsFilter
| 1145 | runWorker . . . . . . in java.util.concurrent.ThreadPoolExecutor
| 615 | run in java.util.concurrent.ThreadPoolExecutor$Worker
^ 744 | run . . . . . . . . . in java.lang.Thread
您有三个选项:
- 在每次运行中在
boostrap
中评论该代码;除了第一次。 - 删除数据库并为每个运行创建数据库
- hacky方法:
这样使用condition(ternary operator)
:
def adminRole = Role.findByAuthority('ROLE_ADMIN') ? : new Role(authority: 'ROLE_ADMIN').save(flush: true)
def userRole = Role.findByAuthority('ROLE_USER') ? : new Role(authority: 'ROLE_USER').save(flush: true)
def adminUser = User.findByUsername('admin') ? : new User(username: 'admin', password: 'admin', enabled: true).save(flush: true)
def user = User.findByUsername('user') ? : new User(username: 'user', password: 'user', enabled: true).save(flush: true)
if (!adminUser.authorities.contains('ROLE_ADMIN')) {
UserRole.create(adminUser, adminRole)
}
if (!user.authorities.contains('ROLE_USER')) {
UserRole.create(user, userRole)
}