it looks like beforeInsert is never triggered and the password is stored as plain text in DB, I have a User domain-class like this:
class User {
String email
String name
String surname
String phone
String password
static constraints = {
email(blank:false, email:true, unique:true)
name(blank:false)
surname(blank:false)
phone(blank:false)
password(blank:false, password:true)
}
def beforeInsert = { encodePassword() }
def beforeUpdate() {
if (isDirty('password')) {
encodePassword()
}
}
protected void encodePassword() {
password = springSecurityService.encodePassword(password)
}
}
Any idea of what am I doing wrong?
Thanks in advance!
It's weird and I don't know why, but this works, I changed the beforeInsert var to a method, and added the transient springSecurityService
class User {
transient springSecurityService
String email
String name
String surname
String phone
String password
static constraints = {
email(blank:false, email:true, unique:true)
name(blank:false)
surname(blank:false)
phone(blank:false)
password(blank:false, password:true)
}
def beforeInsert() {
encodePassword()
}
def beforeUpdate() {
if (isDirty('password')) {
encodePassword()
}
}
protected void encodePassword() {
password = springSecurityService.encodePassword(password)
}
}