:REST spring security - Manually authenticating a new user and getting access token

前端 未结 1 2198
感动是毒
感动是毒 2021-02-09 18:30

I am writing a RESTful webservice on grails, using rest spring security api. All good... now I want to login a user on registration, there is a registration action, and up on re

1条回答
  •  梦毁少年i
    2021-02-09 18:54

    The plugin is designed for applications where the frontend (a pure HTML/JS client using, for example, AngularJS) is separated from the backend (your Grails app). In such scenario, the backend has to send back the frontend the access token, and the frontend has to store it somehow (usually using local storage or cookies), to pass it as an HTTP on every subsequent request.

    You can do something like this in your controller:

    class RegisterController {
    
        def springSecurityService
        def tokenGenerator
        def tokenStorageService
    
        def register() {
             //do stuff
             springSecurityService.reauthenticate(username)
             String tokenValue = tokenGenerator.generateToken()
             tokenStorageService.storeToken(tokenValue, springSecurityService.principal)
    
             redirect url: "http://example.org/?access_token=${tokenValue}"
        } 
    }
    

    Then, the frontend can grab the token from the URL and pass it on every subsequent API request.

    0 讨论(0)
提交回复
热议问题