MaDgiK-CITE
/
argos
13
0
Fork 0
Code Issues Pull Requests Projects Releases 3 Wiki Activity
argos/dmp-backend/src/main/java/login/Login.java

171 lines
4.4 KiB
Java
Raw Blame History

package login;
import java.io.Serializable;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.concurrent.TimeUnit;
import javax.annotation.PostConstruct;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import dao.entities.security.UserAuthDao;
import dao.entities.security.UserInfoDao;
import entities.security.UserAuth;
import entities.security.UserInfo;
import security.TokenSessionManager;
@RestController
@CrossOrigin
public class Login {
@Autowired private UserInfoDao userInfoDao;
@Autowired private UserAuthDao userAuthDao;
@Autowired private TokenSessionManager tokenSessionManager;
@RequestMapping(method = RequestMethod.POST, value = { "/nativeLogin" }, consumes = "application/json", produces = "application/json")
public @ResponseBody ResponseEntity<String> nativeLogin(@RequestBody Credentials credentials) {
String token = null;
if(credentials == null || credentials.getPassword() == null || credentials.getUsername() ==null ||
credentials.getPassword().isEmpty() || credentials.getUsername().isEmpty()) {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("Username and/or password cannot be empty.");
}
UserAuth userAuth = userAuthDao.getUserAuthBy(credentials.getUsername());
if(userAuth == null) userAuth = new UserAuth();
String userHash = userAuth.getPassword();
String providedHash = "";
try {
providedHash = tokenSessionManager.hashPassword(credentials.getPassword());
}
catch(NoSuchAlgorithmException ex) {
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("Internal error. Cannot authenticate.");
}
if(userHash == null || "".equals(userHash) || !userHash.equals(providedHash)) {
return ResponseEntity.status(HttpStatus.NOT_ACCEPTABLE).body("Wrong username or password");
}
else if(userHash.equals(providedHash)) {
// create a token
token = tokenSessionManager.generateRandomAlphanumeric(512);
// add it to the cache
tokenSessionManager.set(token, credentials.getUsername());
}
//get also the additional info of the user (if he has)
UserInfo userInfo = userInfoDao.getByAuthenticationId((userAuth.getId() == null) ? "" : userAuth.getId().toString());
if(userInfo == null) userInfo = new UserInfo();
Response response = new Response();
response.setToken(token);
response.setEmail(userInfo.getEmail());
response.setName(userInfo.getName());
response.setUsername(credentials.getUsername());
return new ResponseEntity<String>(response.toJson(), HttpStatus.OK);
}
}
class Credentials implements Serializable{
private static final long serialVersionUID = 3519634756673886633L;
private String username;
private String password;
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}
class Response implements Serializable {
private static final long serialVersionUID = -3855159530298902864L;
private String token;
private String username;
private String email;
private String name;
public String getToken() {
return token;
}
public void setToken(String token) {
this.token = token;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String toJson() {
ObjectMapper objMapper = new ObjectMapper();
try {
return objMapper.writeValueAsString(this);
}
catch(JsonProcessingException ex) {
return "{}";
}
}
}
Reference in New Issue View Git Blame Copy Permalink