I'm trying to see if a user who's trying to login has an enabled or disabled account, to do this I have a field in my User domain called active which is set to true if a user is enabled and vice versa.
In my CustomUserDetailsService I have the following to see if a user who's logging in can log in:
public UserDetails loadUserByUsername(String login)
throws UsernameNotFoundException {
AdeyTrack.domain.User domainUser = userRepo.findByLogin(login);
boolean enabled = domainUser.getActive(); // checking here if enabled
boolean accountNonExpired = true;
boolean credentialsNonExpired = true;
boolean accountNonLocked = true;
return new User(
domainUser.getLogin(),
domainUser.getPassword(),
enabled,
accountNonExpired,
credentialsNonExpired,
accountNonLocked,
getAuthorities(domainUser.getRoles())
);
}
This works.
I have two questions:
- Am I doing this in the correct way?
- At the moment if a user who is logging in has a disabled account, just gets a "incorrect username/password" error, can I do anything so that I can make a callback which informs the user that their account is disabled?
Thanks.
