171 lines
4.4 KiB
Java
171 lines
4.4 KiB
Java
package login;
|
|
|
|
import java.io.Serializable;
|
|
import java.security.MessageDigest;
|
|
import java.security.NoSuchAlgorithmException;
|
|
import java.security.SecureRandom;
|
|
import java.util.concurrent.TimeUnit;
|
|
|
|
import javax.annotation.PostConstruct;
|
|
|
|
import org.springframework.beans.factory.annotation.Autowired;
|
|
import org.springframework.http.HttpStatus;
|
|
import org.springframework.http.ResponseEntity;
|
|
import org.springframework.web.bind.annotation.CrossOrigin;
|
|
import org.springframework.web.bind.annotation.RequestBody;
|
|
import org.springframework.web.bind.annotation.RequestMapping;
|
|
import org.springframework.web.bind.annotation.RequestMethod;
|
|
import org.springframework.web.bind.annotation.ResponseBody;
|
|
import org.springframework.web.bind.annotation.RestController;
|
|
|
|
import com.fasterxml.jackson.core.JsonProcessingException;
|
|
import com.fasterxml.jackson.databind.ObjectMapper;
|
|
|
|
import dao.entities.security.UserAuthDao;
|
|
import dao.entities.security.UserInfoDao;
|
|
import entities.security.UserAuth;
|
|
import entities.security.UserInfo;
|
|
import security.TokenSessionManager;
|
|
|
|
|
|
@RestController
|
|
@CrossOrigin
|
|
public class Login {
|
|
|
|
|
|
@Autowired private UserInfoDao userInfoDao;
|
|
@Autowired private UserAuthDao userAuthDao;
|
|
|
|
@Autowired private TokenSessionManager tokenSessionManager;
|
|
|
|
|
|
|
|
@RequestMapping(method = RequestMethod.POST, value = { "/nativeLogin" }, consumes = "application/json", produces = "application/json")
|
|
public @ResponseBody ResponseEntity<String> nativeLogin(@RequestBody Credentials credentials) {
|
|
|
|
String token = null;
|
|
|
|
if(credentials == null || credentials.getPassword() == null || credentials.getUsername() ==null ||
|
|
credentials.getPassword().isEmpty() || credentials.getUsername().isEmpty()) {
|
|
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Username and/or password cannot be empty.");
|
|
}
|
|
|
|
UserAuth userAuth = userAuthDao.getUserAuthBy(credentials.getUsername());
|
|
|
|
if(userAuth == null) userAuth = new UserAuth();
|
|
|
|
String userHash = userAuth.getPassword();
|
|
|
|
String providedHash = "";
|
|
try {
|
|
providedHash = tokenSessionManager.hashPassword(credentials.getPassword());
|
|
}
|
|
catch(NoSuchAlgorithmException ex) {
|
|
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("Internal error. Cannot authenticate.");
|
|
}
|
|
|
|
if(userHash == null || "".equals(userHash) || !userHash.equals(providedHash)) {
|
|
return ResponseEntity.status(HttpStatus.NOT_ACCEPTABLE).body("Wrong username or password");
|
|
}
|
|
else if(userHash.equals(providedHash)) {
|
|
// create a token
|
|
token = tokenSessionManager.generateRandomAlphanumeric(512);
|
|
// add it to the cache
|
|
tokenSessionManager.set(token, credentials.getUsername());
|
|
}
|
|
|
|
//get also the additional info of the user (if he has)
|
|
UserInfo userInfo = userInfoDao.getByAuthenticationId((userAuth.getId() == null) ? "" : userAuth.getId().toString());
|
|
if(userInfo == null) userInfo = new UserInfo();
|
|
|
|
Response response = new Response();
|
|
response.setToken(token);
|
|
response.setEmail(userInfo.getEmail());
|
|
response.setName(userInfo.getName());
|
|
response.setUsername(credentials.getUsername());
|
|
|
|
return new ResponseEntity<String>(response.toJson(), HttpStatus.OK);
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
class Credentials implements Serializable{
|
|
|
|
private static final long serialVersionUID = 3519634756673886633L;
|
|
|
|
private String username;
|
|
private String password;
|
|
|
|
public String getUsername() {
|
|
return username;
|
|
}
|
|
public void setUsername(String username) {
|
|
this.username = username;
|
|
}
|
|
public String getPassword() {
|
|
return password;
|
|
}
|
|
public void setPassword(String password) {
|
|
this.password = password;
|
|
}
|
|
|
|
}
|
|
|
|
class Response implements Serializable {
|
|
|
|
private static final long serialVersionUID = -3855159530298902864L;
|
|
|
|
private String token;
|
|
private String username;
|
|
private String email;
|
|
private String name;
|
|
|
|
|
|
public String getToken() {
|
|
return token;
|
|
}
|
|
|
|
public void setToken(String token) {
|
|
this.token = token;
|
|
}
|
|
|
|
public String getUsername() {
|
|
return username;
|
|
}
|
|
|
|
public void setUsername(String username) {
|
|
this.username = username;
|
|
}
|
|
|
|
public String getEmail() {
|
|
return email;
|
|
}
|
|
|
|
public void setEmail(String email) {
|
|
this.email = email;
|
|
}
|
|
|
|
public String getName() {
|
|
return name;
|
|
}
|
|
|
|
public void setName(String name) {
|
|
this.name = name;
|
|
}
|
|
|
|
|
|
public String toJson() {
|
|
ObjectMapper objMapper = new ObjectMapper();
|
|
try {
|
|
return objMapper.writeValueAsString(this);
|
|
}
|
|
catch(JsonProcessingException ex) {
|
|
return "{}";
|
|
}
|
|
}
|
|
|
|
}
|
|
|