How to update securesocial username after user is created

StackOverflow https://stackoverflow.com/questions/18125954

Frage

I'm trying to write an editUser page with the Secure Social plugin implemented in a Play Framework app. I'm having trouble staying logged in after the username is changed. The issue occurs when I press submit for the editUser form after changing the username. It goes to the login page and says "You need to log in to access that page." The desired behavior is to redirect to editUser page without needing to relogin. In the database everything is successfully updated. So that works, it just is no longer is logged in.

Below is my controller method for my "User" controller for the POST of the user update.

If anyone could help me out with this it would be greatly appreciated. Thanks.

// The form uses the following case class
case class AccountInfo(userName: String, firstName: String, lastName: String, email: Option[String]) 

def update(username: String) = SecuredAction { implicit request =>
    this.editAccountForm.bindFromRequest.fold (
      hasErrors = { info =>
        Redirect(routes.Users.edit()).flashing(Flash(editAccountForm.data) +
          ("error" -> Messages("validation.errors")))
      },
      success = { info =>
        DB.withSession { implicit s: Session =>
          val uid = User.currentUser(request.user.id.id,providerId).get.uid
          User.update(uid, info, providerId)
        }
        val message = Messages("user.update.success")

        Redirect(routes.Users.edit()).flashing("success" -> message)
          .withCookies(request.cookies.get("id").get)
      }
    )
  }
War es hilfreich?

Lösung

By changing the username you are changing the values used to identify the user (username + provider id). What is happening is that on the next request SecureSocial is looking for the old username and since it can't find it in the database it just kicks you out.

What you should do besides updating the database is update the Authenticator stored for your current session. Something like:

SecureSocial.authenticatorFromRequest(request).map { authenticator =>
    val newId = request.user.id.copy( id = userName )
    Authenticator.save(authenticator.copy( userId = newId))
}

That should make it work. Also, you don't need to add the id cookie to your Redirect. SecureSocial does that for you.

Lizenziert unter: CC-BY-SA mit Zuschreibung
Nicht verbunden mit StackOverflow
scroll top