in plugin-ui/plugin/grails-app/controllers/grails/plugin/springsecurity/ui/RegisterController.groovy [174:209]
def securityQuestions(){
if (forgotPasswordExtraValidation && forgotPasswordExtraValidation.size() > 0) {
def user = findUserByUsername(params.username)
SecurityQuestionsCommand sc = new SecurityQuestionsCommand()
try {
sc.username = params.username
if (!request.post) {
render(view:"securityQuestions", model: [securityQuestionsCommand:sc,user:user,forgotPasswordExtraValidation:forgotPasswordExtraValidation,forgotPasswordExtraValidationDomainClassName:forgotPasswordExtraValidationDomainClassName,validationUserLookUpProperty:validationUserLookUpProperty])
} else {
withForm {
def rtn = uiRegistrationCodeStrategy.validateForgotPasswordExtraSecurity(params, user,forgotPasswordExtraValidationDomainClassName, forgotPasswordExtraValidation, validationUserLookUpProperty)
if (!rtn[0]) {
sc.validations = rtn[1]
render(view: "securityQuestions", model: [securityQuestionsCommand: sc, user: user, forgotPasswordExtraValidation: forgotPasswordExtraValidation,forgotPasswordExtraValidationDomainClassName:forgotPasswordExtraValidationDomainClassName, validationUserLookUpProperty: validationUserLookUpProperty])
} else {
ForgotPasswordCommand fc = new ForgotPasswordCommand()
fc.username = sc.username
if (requireForgotPassEmailValidation) {
render(view: "forgotPassword", processForgotPasswordEmail(fc, user))
} else {
redirect uri: processForgotPasswordEmail(fc, user)
}
}
}.invalidToken {
flash.message = "Invalid Form Submission"
redirect(controller: "login", action: "auth")
}
}
} catch (Exception e) {
flash.error = e.getMessage()
render(view: "securityQuestions", model: [securityQuestionsCommand: sc,user: user, forgotPasswordExtraValidation: forgotPasswordExtraValidation,forgotPasswordExtraValidationDomainClassName:forgotPasswordExtraValidationDomainClassName, validationUserLookUpProperty: validationUserLookUpProperty])
}
} else {
redirect uri: generateLink('register')
}
}