:REST spring security - Manually authenticating a new user and getting access token

Question

I am writing a RESTful webservice on grails, using rest spring security api. All good... now I want to login a user on registration, there is a registration action, and up on re

Answer 1

The plugin is designed for applications where the frontend (a pure HTML/JS client using, for example, AngularJS) is separated from the backend (your Grails app). In such scenario, the backend has to send back the frontend the access token, and the frontend has to store it somehow (usually using local storage or cookies), to pass it as an HTTP on every subsequent request.

You can do something like this in your controller:

class RegisterController {

    def springSecurityService
    def tokenGenerator
    def tokenStorageService

    def register() {
         //do stuff
         springSecurityService.reauthenticate(username)
         String tokenValue = tokenGenerator.generateToken()
         tokenStorageService.storeToken(tokenValue, springSecurityService.principal)

         redirect url: "http://example.org/?access_token=${tokenValue}"
    } 
}

Then, the frontend can grab the token from the URL and pass it on every subsequent API request.