0

我有一个 user.java 类

@javax.persistence.Entity
@Table(name="users")
public class User extends Model implements RoleHolder {


   public User(String email, String password, String firstName, String lastName, Status status, List<UserRole> roles){
    this.email = email;
    this.password = Crypto.passwordHash(password+email);
    this.firstName = firstName;
    this.lastName = lastName;
    this.status = status; 
    this.roles = roles;
}

还有一个users.java

public class Users extends CRUD {

}

但是,当我创建一个用户时,它会在数据库中存储一个明文密码,而不是一个加盐和散列的密码?任何想法为什么?

4

1 回答 1

0

您应该从控制器类中的 CRUD 类重写create()和方法。save()Users

也许解决方案看起来像这样:

@CRUD.For(User.class)
public class Users extends CRUD {
   /**
    * Re-implement Create (C) method
    * @throws Exception
    */
   public static void create() throws Exception {
      // Get model type
      ObjectType type = ObjectType.get(getControllerClass());
      notFoundIfNull(type); // render not found error if framework can't determine model type
      Constructor<?> constructor = type.entityClass.getDeclaredConstructor();
      constructor.setAccessible(true);

      // Create new instance of model
      User object = (User) constructor.newInstance();
      // Bind all parameter value from submitted form
      Binder.bindBean(params.getRootParamNode(), "object", object);
      // Hash the password
      object.password = Crypto.passwordHash(object.email + object.password);

      // Check validity of model
      validation.valid(object);
      if (validation.hasErrors()) {
         renderArgs.put("error", play.i18n.Messages.get("crud.hasErrors"));
         try {
            render(request.controller.replace(".", "/") + "/blank.html", type, object);
         } catch (TemplateNotFoundException e) {
            render("CRUD/blank.html", type, object);
         }
      }
      object._save(); // Finally, save the model
      flash.success(play.i18n.Messages.get("crud.created", type.modelName));
      if (params.get("_save") != null) {
         redirect(request.controller + ".list");
      }
      if (params.get("_saveAndAddAnother") != null) {
         redirect(request.controller + ".blank");
      }
      redirect(request.controller + ".show", object._key());
   }

   /**
    * Re-implement Update (U) mehod
    * @param id
    * @throws Exception
    */
   public static void save(String id) throws Exception {
      // Get model type
      ObjectType type = ObjectType.get(getControllerClass());
      notFoundIfNull(type); // render not found error if framework can't determine model type

      // Find the model to be updated
      User object = (User) type.findById(id);
      notFoundIfNull(object); // render not found error if framework can't determine model record
      // Bind all parameter value from submitted form
      Binder.bindBean(params.getRootParamNode(), "object", object);
      // Hash the password
      object.password = Crypto.passwordHash(object.email + object.password);

      // Check validity of model
      validation.valid(object);
      if (validation.hasErrors()) {
         renderArgs.put("error", play.i18n.Messages.get("crud.hasErrors"));
         try {
            render(request.controller.replace(".", "/") + "/show.html", type, object);
         } catch (TemplateNotFoundException e) {
            render("CRUD/show.html", type, object);
         }
      }
      object._save(); // Finally, save changes
      flash.success(play.i18n.Messages.get("crud.saved", type.modelName));
      if (params.get("_save") != null) {
         redirect(request.controller + ".list");
      }
      redirect(request.controller + ".show", object._key());
   }
}
于 2013-03-05T01:47:35.257 回答