Example #1
0
  public static void authenticate(
      @Required String username, String password, String hash, boolean remember) throws Throwable {
    Boolean allowed = false;
    allowed = Security.authenticate(username, password);

    String redirectUrl = flash.get("url");

    if (validation.hasErrors() || !allowed) {
      flash.put("url", redirectUrl);

      flash.error("secure.error");
      params.flash();
      Secure.login();
    }

    session.put("username", username);

    if (remember) {
      response.setCookie("rememberme", Crypto.sign(username) + "-" + username, "30d");
    }

    if (redirectUrl == null) redirectUrl = "/";

    if (hash != null) redirectUrl += hash;

    redirect(redirectUrl);
  }
Example #2
0
 public void beforeRoleCheck() {
   // Note that if you provide your own implementation of Secure's Security class you would refer
   // to that instead
   if (!Secure.Security.isConnected()) {
     try {
       if (!session.contains("username")) {
         flash.put("url", "GET".equals(request.method) ? request.url : "/");
         Secure.login();
       }
     } catch (Throwable t) {
       // handle this in an app-specific way
     }
   }
 }
Example #3
0
  public static void forget() throws Throwable {

    String username = params.get("username");
    String mobile = params.get("mobile");

    Profile p = Profile.find("user.username=? and contact_phone=?", username, mobile).first();
    if (p == null) {
      flash.error("用户名和手机不匹配,请确认您输入的信息");
      flash.put("username", username);
      toForget();
    } else {
      // SendSMS
      SendMessage m = new SendMessage();
      m.sendSms(p.contact_phone, "您的密码为:" + p.user.password, "0000009");
      flash.success("您的密码已发送您的手机,请查收");
      flash.put("username", username);
      Secure.login();
    }
  }