英文:
Spring boot application with spring security: Only allow certain people to register for the application
问题
我已开始创建一个与此教程中的类似的Spring Boot应用程序。该应用程序目前允许用户注册和登录,以便让他们访问受保护的资源。目前,登录和注册页面对任何人都可用。我想要更改它,以便只有通过电子邮件发送链接(管理员将能够发送链接)的人才能注册应用程序。基本上,我需要一种方法来控制谁能注册应用程序。我找不到有关如何实现这样的功能的任何信息。这是否可能?对于如何实现此功能的任何建议/链接/信息将不胜感激!
英文:
I have started creating a spring boot app very similar to the one in this tutorial. The app currently allows users to register and login, enabling them to access protected resources. Right now the login and registration pages are available to anyone. I want to change it so that only people who are sent a link via email (that admins will be able to send) are able to register for the application. Basically I need a way to control who is able to register for the app. I cannot find any info on how something like this would be possible. Is this possible? Any suggestions/links/info on how to do this would be appreciated!
答案1
得分: 0
如果您正在使用Spring视图,您可以在服务器端控制参数等内容,以查看是否有来自电子邮件的注册代码,例如http://<mysite>/registration?code=signupjohn。然后,如果它无效或已被使用,您可以抛出异常。Spring Boot允许您将此类资源公开。您只需要创建管理员功能来生成注册密钥、存储它们并自行发送电子邮件。
英文:
If you're using spring views, you have server-side control to check for parameters and such to see if there is a registration code from an email such as http://<mysite>/registration?code=signupjohn. You can then throw an exception if it's invalid or already been used. Spring Boot does allow you to put resources like that out into the open. You'd just have to create the admin functionality to generate registration keys, store them and email them on your own.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论