Skip to content

tsuyo/grails-captcha-sample

BranchesTags

Repository files navigation

Grails Captcha Sample

This is a grails sample application to use captcha with spring security (s2) login function

How to implement this from scratch

Create an app and install plugins

$ grails create-app grails-captcha-sample
$ cd grails-captcha-sample
$ vi grails-app/conf/BuildConfig.groovy
plugins {
	...
    compile ":spring-security-core:1.2.7.1"
    compile ":recaptcha:0.5.2"
}

$ grails compile

Spring Security Core Plugin

According to S2 Core Tutorials, you need to execute 's2-quickstart' command to setup User and Role domain objects etc.

$ grails s2-quickstart com.testapp User Role
$ vi grails-app/conf/BootStrap.groovy 
import com.testapp.Role
import com.testapp.User
import com.testapp.UserRole

class BootStrap {

    def init = { servletContext ->
	    def adminRole = new Role(authority: 'ROLE_ADMIN').save(flush: true)
		def userRole = new Role(authority: 'ROLE_USER').save(flush: true)

		def testUser = new User(username: 'me', enabled: true, password: 'password')
		testUser.save(flush: true)

		UserRole.create testUser, adminRole, true

		assert User.count() == 1
		assert Role.count() == 2
		assert UserRole.count() == 1
	}

	def destroy = {
    }
}

$ grails create-controller com.testapp.Secure
$ vi grails-app/controllers/com/testapp/SecureController.groovy
package com.testapp

import grails.plugins.springsecurity.Secured

class SecureController {

	@Secured(['ROLE_ADMIN'])
	def index() {
		render 'Secure access only'
	}
}

ReCaptcha Plugin

According to ReCaptcha Plugin Page, you need to create an account for Google ReCaptcha and get ReCaptcha API keys from there.

After getting keys, you can put them into RecaptchaConfig.groovy.

$ vi grails-app/conf/RecaptchaConfig.groovy
recaptcha {
    // These keys are generated by the ReCaptcha service
	publicKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
	privateKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
	...
}

Custom UserDetailsService

This time, you'll add a captcha function on login page (auth.gsp) in addition to password authentication. For that end, you need to create a custom UserDetailsService according to Custom UserDetailsService.

$ grails create-service com.testapp.CaptchaUserDetails
$ vi grails-app/services/com/testapp/CaptchaUserDetailsService.groovy 
(see the source file for actual contents)

Last pieces are DI definition for 'recaptchaService' in UserDetailsService and a customized GSP page with captcha (auth.gsp)

$ vi grails-app/conf/spring/resources.groovy
// Place your Spring DSL code here
beans = {
    userDetailsService(com.testapp.CaptchaUserDetailsService) {
        recaptchaService = ref('recaptchaService')
    }
}

$ vi grails-app/views/login/auth.gsp
...
    <p>
        <recaptcha:ifEnabled>
            <recaptcha:recaptcha />
            <recaptcha:ifFailed>CAPTCHA Failed: ${session["recaptcha_error"]}</recaptcha:ifFailed>
        </recaptcha:ifEnabled>
    </p>
...

Test

Now, you should have access control on /secure.

$ grails run-app

Try http://localhost:8080/grails-captcha-sample/secure with captcha as well as user/password ('me'/'password').

About

grails sample to login with captcha

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages