上一篇把Shiro部署到Grails上了,並且可以正常運行,雖然可以使用grails generate-all domain方式生成CRUD的腳手架增加用戶或角色,但是出於業務的角度考慮,我們不希望所有人都可以增加用戶信息,所以,我們新增加一個註冊的功能,供沒有賬號的人註冊自己的個人資料,而有admin權限的人可以登錄到系統使用CRUD去維護這些賬戶信息。
註冊
- 現在創建一個SignupController,用來處理註冊過程
$grails create-controller com.example.SignupController
- 在Controller中增加註冊方法
1 package com.example 2 3 import org.apache.shiro.authc.UsernamePasswordToken 4 import org.apache.shiro.SecurityUtils 5 6 class SignupController { 7 def shiroSecurityService 8 9 def index() { 10 User user = new User() 11 [user: user] 12 } 13 14 def register() { 15 // Check to see if the username already exists 16 def user = User.findByUsername(params.username) 17 if (user) { 18 flash.message = "User already exists with the username '${params.username}'" 19 redirect(action:'index') 20 } else { // User doesn't exist with username. Let's create one 21 // Make sure the passwords match 22 if (params.password != params.password2) { 23 flash.message = "Passwords do not match" 24 redirect(action:'index') 25 } else { // Passwords match. Let's attempt to save the user 26 // Create user 27 user = new User(username: params.username,passwordHash: shiroSecurityService.encodePassword(params.password)) 28 29 if (user.save()) { 30 // Add USER role to new user 31 user.addToRoles(Role.findByName('ROLE_USER')) 32 // Login user 33 def authToken = new UsernamePasswordToken(user.username, params.password) 34 SecurityUtils.subject.login(authToken) 35 36 redirect(controller: 'home', action: 'secured') 37 }else {} 38 } 39 } 40 } 41 }
- 在這個Controller中定義了index和register兩個action
- index action用來顯示註冊界面
- register action處理註冊結果,如果註冊成功則redirect到HomeController下的secured action
下面增加一個index.gsp界面,當訪問http://localhost:8080/shiro-example/home/index時跳轉到註冊界面
1 <%@ page contentType="text/html;charset=UTF-8"%> 2 <html> 3 <head> 4 <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /> 5 <title>Register</title> 6 <meta name="layout" content="main" /> 7 </head> 8 9 <body> 10 <h1>Signup</h1> 11 <g:if test="${flash.message}"> 12 <div class="alert alert-info">${flash.message}</div> 13 </g:if> 14 <g:hasErrors bean="${user}"> 15 <div class="alert alert-error"><g:renderErrors bean="${user}" as="list" /></div> 16 </g:hasErrors> 17 18 <g:form action="register"> 19 <fieldset class="form"><g:render template="register"/></fieldset> 20 21 <fieldset class="buttons"> 22 <g:submitButton name="submit" value="Submit"/> 23 </fieldset> 24 </g:form> 25 26 </body> 27 </html>
在這裏,使用<g:render template="register"/>引用了一個register模板,grails會去view下的當前gsp文件的相同目錄中去找_register.gsp文件。所以,再建一個_register.gsp文件,定義表單內容
1 <%@ page import="com.example.User" %> 2 3 <div class="fieldcontain ${hasErrors(bean: userInstance, field: 'username', 'error')} required"> 4 <label for="username"> 5 <g:message code="user.username.label" default="Username" /> 6 <span class="required-indicator">*</span> 7 </label> 8 <g:textField name="username" required="" value="${userInstance?.username}"/> 9 </div> 10 11 <div class="fieldcontain ${hasErrors(bean: userInstance, field: 'passwordHash', 'error')} required"> 12 <label for="password">Password</label> 13 <span class="required-indicator">*</span> 14 <g:passwordField name="password" value=""/> 15 </div> 16 17 <div class="fieldcontain ${hasErrors(bean: userInstance, field: 'passwordHash', 'error')} required"> 18 <label for="password">Confirm Password</label> 19 <span class="required-indicator">*</span> 20 <g:passwordField name="password2" value=""/> 21 </div>
- 現在訪問http://localhost:8080/shiro-example/signup,系統跳轉到signup/index註冊頁面,登記註冊信息
- 正常完成後跳轉到http://localhost:8080/shiro-example/home/secured,一切正常
