Menu
I am writing a RESTful webservice on grails, using rest spring security api. All good... now I want to login a user on registration, there is a registration action, and up on registration completion, i would like to login that user. I found:
springSecurityService.reauthenticate(username) method
but that only login the user, but doesnt create access token in authentication_token table.
Is there other possible way to login and get the access token for that user?
619
The following Spring security setup works as following: The user logs in with a POST request containing his username and password, The server returns a temporary / permanent authentication token, The user sends the token within each HTTP request via an HTTP header Authorization: Bearer TOKEN .
The plugin is designed for applications where the frontend (a pure HTML/JS client using, for example, AngularJS) is separated from the backend (your Grails app). In such scenario, the backend has to send back the frontend the access token, and the frontend has to store it somehow (usually using local storage or cookies), to pass it as an HTTP on every subsequent request.
You can do something like this in your controller:
class RegisterController {
def springSecurityService
def tokenGenerator
def tokenStorageService
def register() {
//do stuff
springSecurityService.reauthenticate(username)
String tokenValue = tokenGenerator.generateToken()
tokenStorageService.storeToken(tokenValue, springSecurityService.principal)
redirect url: "http://example.org/?access_token=${tokenValue}"
}
}
Then, the frontend can grab the token from the URL and pass it on every subsequent API request.
181
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
