Spring Boot应用程序与Spring Security:只允许特定人员注册应用程序。

huangapple go评论77阅读模式
英文:

Spring boot application with spring security: Only allow certain people to register for the application

问题

我已开始创建一个与此教程中的类似的Spring Boot应用程序。该应用程序目前允许用户注册和登录,以便让他们访问受保护的资源。目前,登录和注册页面对任何人都可用。我想要更改它,以便只有通过电子邮件发送链接(管理员将能够发送链接)的人才能注册应用程序。基本上,我需要一种方法来控制谁能注册应用程序。我找不到有关如何实现这样的功能的任何信息。这是否可能?对于如何实现此功能的任何建议/链接/信息将不胜感激!

英文:

I have started creating a spring boot app very similar to the one in this tutorial. The app currently allows users to register and login, enabling them to access protected resources. Right now the login and registration pages are available to anyone. I want to change it so that only people who are sent a link via email (that admins will be able to send) are able to register for the application. Basically I need a way to control who is able to register for the app. I cannot find any info on how something like this would be possible. Is this possible? Any suggestions/links/info on how to do this would be appreciated!

答案1

得分: 0

如果您正在使用Spring视图,您可以在服务器端控制参数等内容,以查看是否有来自电子邮件的注册代码,例如http://<mysite>/registration?code=signupjohn。然后,如果它无效或已被使用,您可以抛出异常。Spring Boot允许您将此类资源公开。您只需要创建管理员功能来生成注册密钥、存储它们并自行发送电子邮件。

英文:

If you're using spring views, you have server-side control to check for parameters and such to see if there is a registration code from an email such as http://<mysite>/registration?code=signupjohn. You can then throw an exception if it's invalid or already been used. Spring Boot does allow you to put resources like that out into the open. You'd just have to create the admin functionality to generate registration keys, store them and email them on your own.

huangapple
  • 本文由 发表于 2020年8月8日 07:16:39
  • 转载请务必保留本文链接:https://go.coder-hub.com/63310249.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定