Deadbolt播放Java首次登录时更改密码 [英] Deadbolt play java Change password the first time login

问题描述

我有4个组:admin，service，user，guest，admin在数据库中创建，第一次admin登录需要更改密码，我想重定向到表单更改密码，只有admin需要，我在onAuthFailure中设置了重定向，但是服务，用户，访客没有通过某种操作进行身份验证并重定向更改密码形式，有个好主意，请告诉我，对于每个角色，我应该怎么做来重定向另一个链接? ，我只是在2天之内阅读了有关固定螺栓的文档，对我的英语理解不了吗?

I have 4 group: admin, service, user, guest, admin is created in database, the first time admin login required change password, I want to redirect to form change password and only admin need that, I set redirect in onAuthFailure, but service, user, guest that not authentication in some action and redirect change password form, have a good idea, please tell me, what should I do for every role redirect an other link? , I just read document about deadbolt in 2 day, can I don't understand more, sorry for my English.

谢谢.

推荐答案

在DeadboltHandler实现中，onAuthFailure方法可以使用getSubject获取当前用户，并通过该方法获得当前用户的角色.用户.

Within a DeadboltHandler implementation, the onAuthFailure method can use the getSubject to get the current user, and through that, the roles held by the user.

public class MyDeadboltHandler implements DeadboltHandler {
    private final DeadboltExecutionContextProvider executionContextProvider;
    private final DeadboltAnalyzer analyzer;

    @Inject
    public MyDeadboltHandler(final ExecutionContextProvider ecProvider,
                             final DeadboltAnalyzer analyzer) {
        this.executionContextProvider = ecProvider.get();
        this.analyzer =analyzer;
    }

    public CompletionStage<Result> onAuthFailure(Http.Context context,
                                                 Optional<String> content) {
        final ExecutionContext executionContext = executionContextProvider.get();
        final ExecutionContextExecutor executor = HttpExecution.fromThread(executionContext);
        return getSubject(context).thenApplyAsync(maybeSubject ->
            maybeSubject.map(subject -> analyzer.hasRole(maybeSubject, "admin") ? /*go to admin section*/
                                                                                : /*go to non-admin section*/)
                        .orElseGet(() -> /*no user present*/),
                                   executor);
    }

    // other methods
}

在该示例中的任何地方都有评论，例如/*go to admin section*/，您需要将其替换为Result.

Anywhere there's a comment in that example, e.g. /*go to admin section*/ you need to replace it with a Result.

DeadboltAnalyzer中还有其他方法可用，因此如果需要，您可以进行的检查不仅限于analyzer.hasRole(maybeSubject, "admin").

There are other methods available in DeadboltAnalyzer, so you can have more complex checks than just analyzer.hasRole(maybeSubject, "admin") if necessary.

这篇关于Deadbolt播放Java首次登录时更改密码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！