有没有办法在LoginController的authfail操作中认证失败时,在spring安全核心grails插件中找回用户输入的密码?
def authfail = {
def msg = ''
// I can get the username as below
def username = session[UsernamePasswordAuthenticationFilter.SPRING_SECURITY_LAST_USERNAME_KEY]
// There is UsernamePasswordAuthenticationFilter.SPRING_SEC
步骤:
1. 输入邮箱地址(暂时只考虑一种邮箱,例如:新浪),系统发送邮件,其邮件关键内容为:
http://localhost:8080/project/xxx.action?uuid=xxxxxxxx-xxxx-xxxx-xxxxxxxxxxxxxxxx
2. 注意点,如下:
a) UUID不允许重复
b) 当重复找回密码时,以最后一次发送的UUID为准,过期或错误的UUID视为无效
c) UUID由网站验证,成功后帮助用户找回密码