authentication - 在Shiro for Grails中使用电子邮件地址作为唯一标识符而不是用户名

Question

我希望从在Grails应用程序中使用用户名/密码组合进行身份验证转向使用电子邮件/密码。我试图对AuthControler.groovy和ShiroDbReal.groovy进行更改，以允许此更改，但不允许我登录。

这是我的模特类

class User {
String email
String passwordHash
byte[] passwordSalt


static belongsTo = Account
static hasMany = [ roles: Role, permissions: String ]

static constraints = {
    email (nullable: false, blank: false, unique: true)
}
}

这是我的AuthController登录功能

def signIn = {
    def authToken = new UsernamePasswordToken(params.email, params.password as String)

    if (params.rememberMe) {
        authToken.rememberMe = true
    }

    def targetUri = params.targetUri ?: "/"

    def savedRequest = WebUtils.getSavedRequest(request)
    if (savedRequest) {
        targetUri = savedRequest.requestURI - request.contextPath
        if (savedRequest.queryString) targetUri = targetUri + '?' + savedRequest.queryString
    }

    try{
        SecurityUtils.subject.login(authToken)
        redirect(uri: targetUri)
    }
    catch (AuthenticationException ex){
        log.info "Authentication failure for user '${params.username}'."
        flash.message = message(code: "login.failed")
        redirect(action: "login", params: m)
    }
}

最后是我的ShiroDbReal.groovy

    def authenticate(authToken) {
    log.info "Attempting to authenticate ${authToken.username} in DB realm..."
    def email = authToken.username

    if (email == null) {
        throw new AccountException("Null usernames are not allowed by this realm.")
    }

    def user = User.findByEmail(email)
    if (!user) {
        throw new UnknownAccountException("No account found for user [${username}]")
    }

    log.info "Found user '${user.username}' in DB"
    def account = new SimpleAuthenticationInfo(email, user.passwordHash, new SimpleByteSource(user.passwordSalt), "ShiroDbRealm")

    if (!credentialMatcher.doCredentialsMatch(authToken, account)) {
        log.info "Invalid password (DB realm)"
        throw new IncorrectCredentialsException("Invalid password for user '${username}'")
    }

    return account
}

我在调试器的“SecurityUtils.subject.login(authToken)”方法调用中收到“groovy.lang.MissingPropertyException:无此类属性:类的用户名:icango.User”异常。

我不确定在哪里找，因为我找不到有关更改唯一标识符的任何文档。任何帮助将不胜感激。

Answer 1

您忘记更改以下行:

log.info "Found user '${user.username}' in DB"

删除或将其更改为:

log.info "Found user '${user.email}' in DB"

应该修复它。