播放框架-securesocial userpass实施 [英] play framework - securesocial userpass implementation
问题描述
我正在使用Play 2.1和securesocial主快照.
I'm using Play 2.1 and securesocial master snapshot.
我已经实现了find&保存UserService(扩展了UserServicePlugin),如下所示:
I've implemented find & save of UserService (extends UserServicePlugin) as follows:
查找方法如下:
def find(userId: UserId): Option[Identity] = {
val user = User.findByUserId(userId);
user match {
case Some(user) => {
val socialUser = new SocialUser(userId, null, null, user.name, Option(user.email), Option(user.photo), AuthenticationMethod("userPassword"), null, null, Some(PasswordInfo(PasswordHasher.BCryptHasher, BCrypt.hashpw(user.password, BCrypt.gensalt(10)))))
Option(socialUser)
}
case None => {
None
}
}
}
保存方法如下:
def save(user: Identity): Identity = {
user.id.providerId match {
case "facebook" => {
}
case "google" => {
}
case "twitter" => {
}
case "userpass" => {
val eUser = User.findByEmail(user.id.id) match {
case Some(eUser) => {
//Existing User - update only
}
case None => {
val appUser: User = new User(NotAssigned, "student", user.id.providerId, user.fullName, user.id.id, user.passwordInfo.get.password, null, null, null, null, null, "active")
User.create(appUser)
}
}
}
}
user
}
在将密码保存(注册)到数据库时,我不确定该密码是否应该加密,并且上面的内容始终显示您输入的凭据无效."
When saving (signup) the password is being encrpted into the database, I'm not sure whether it should be encrypted or not and the above always says "The credentials you entered are not valid."
但是,如果我在如下所示的find方法中使用单词"password"(字符串)而不是user.password(来自数据库),它将正确地验证凭据,并将我登录:
But if I use the word "password" (String) instead of user.password (from database) in find method like below it valids the credentials correctly, and logs me in:
val socialUser = new SocialUser(userId, null, null, user.name, Option(user.email), Option(user.photo), AuthenticationMethod("userPassword"), null, null, Some(PasswordInfo(PasswordHasher.BCryptHasher, BCrypt.hashpw("password", BCrypt.gensalt(10)))))
在这里,我认为它再次尝试从数据库(已经加密)中加密密码...我想,我应该保存密码而不进行加密,或者获取用户在登录页面中输入的密码才能使用在查找方法中.谁能帮助我,谢谢.
Here I think it is again trying to encrypt the password from the database (which is already encrypted) ... I guess, I should either save the password without encrypting or get the password entered by the user in login page to use in find method. Could anyone please help me, thanks.
我相信以下是所有社交网络和Google的两个切入点. UserPass提供者!
I believe the following are the two entry points for all Social Networks & the UserPass provider!
获取/authenticate/:provider securesocial.controllers.ProviderController.authenticate(provider)
GET /authenticate/:provider securesocial.controllers.ProviderController.authenticate(provider)
POST/authenticate/:provider securesocial.controllers.ProviderController.authenticateByPost(provider)
POST /authenticate/:provider securesocial.controllers.ProviderController.authenticateByPost(provider)
我认为这些实现是与securesocial插件一起提供的吗?还是应该复制相同?这是最好的解决方案!
I think these implementations comes with the securesocial plugin? or should be replicate the same? Is it the best solution!!
我正在使用MySQL,下面是我的表:
I'm using MySQL and the below is my table:
create table t_users (
id int unsigned not null auto_increment,
user_type enum('admin', 'user') not null default 'user',
login_type set('userpass', 'facebook', 'google', 'twitter') not null default 'userpass',
name varchar(64) not null,
email varchar(128) null,
password varchar(128),
mobile varchar(10) null,
facebook varchar(64) null,
google varchar(64) null,
twitter varchar(64) null,
photo varchar(128),
status enum('registered', 'active', 'suspended', 'deleted') not null default 'registered',
modified timestamp not null,
last_login timestamp not null,
primary key (id),
unique(email),
unique(facebook),
unique(google),
unique(twitter)
) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=utf8;
推荐答案
正确的查找方法如下:
def find(userId: UserId): Option[Identity] = {
val user = User.findByUserId(userId);
user match {
case Some(user) => {
val socialUser = new SocialUser(userId, null, null, user.name, Option(user.email), Option(user.photo), AuthenticationMethod("userPassword"), null, null, Some(PasswordInfo(PasswordHasher.BCryptHasher, user.password)))
Option(socialUser)
}
case None => {
None
}
}
}
这篇关于播放框架-securesocial userpass实施的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
