public static void authenticate(
@Required String username, String password, String hash, boolean remember) throws Throwable {
Boolean allowed = false;
allowed = Security.authenticate(username, password);
String redirectUrl = flash.get("url");
if (validation.hasErrors() || !allowed) {
flash.put("url", redirectUrl);
flash.error("secure.error");
params.flash();
Secure.login();
}
session.put("username", username);
if (remember) {
response.setCookie("rememberme", Crypto.sign(username) + "-" + username, "30d");
}
if (redirectUrl == null) redirectUrl = "/";
if (hash != null) redirectUrl += hash;
redirect(redirectUrl);
}
static Session restore() {
try {
Session session = new Session();
Http.Cookie cookie = Http.Request.current().cookies.get(COOKIE_PREFIX + "_SESSION");
final int duration = Time.parseDuration(COOKIE_EXPIRE);
final long expiration = (duration * 1000l);
if (cookie != null
&& Play.started
&& cookie.value != null
&& !cookie.value.trim().equals("")) {
String value = cookie.value;
int firstDashIndex = value.indexOf("-");
if (firstDashIndex > -1) {
String sign = value.substring(0, firstDashIndex);
String data = value.substring(firstDashIndex + 1);
if (CookieDataCodec.safeEquals(sign, Crypto.sign(data, Play.secretKey.getBytes()))) {
CookieDataCodec.decode(session.data, data);
}
}
if (COOKIE_EXPIRE != null) {
// Verify that the session contains a timestamp, and that it's not expired
if (!session.contains(TS_KEY)) {
session = new Session();
} else {
if ((Long.parseLong(session.get(TS_KEY))) < System.currentTimeMillis()) {
// Session expired
session = new Session();
}
}
session.put(TS_KEY, System.currentTimeMillis() + expiration);
} else {
// Just restored. Nothing changed. No cookie-expire.
session.changed = false;
}
} else {
// no previous cookie to restore; but we may have to set the timestamp in the new cookie
if (COOKIE_EXPIRE != null) {
session.put(TS_KEY, (System.currentTimeMillis() + expiration));
}
}
return session;
} catch (Exception e) {
throw new UnexpectedException(
"Corrupted HTTP session from " + Http.Request.current().remoteAddress, e);
}
}
void save() {
if (Http.Response.current() == null) {
// Some request like WebSocket don't have any response
return;
}
if (!changed && SESSION_SEND_ONLY_IF_CHANGED && COOKIE_EXPIRE == null) {
// Nothing changed and no cookie-expire, consequently send nothing back.
return;
}
if (isEmpty()) {
// The session is empty: delete the cookie
if (Http.Request.current().cookies.containsKey(COOKIE_PREFIX + "_SESSION")
|| !SESSION_SEND_ONLY_IF_CHANGED) {
Http.Response.current()
.setCookie(
COOKIE_PREFIX + "_SESSION", "", null, "/", 0, COOKIE_SECURE, SESSION_HTTPONLY);
}
return;
}
try {
String sessionData = CookieDataCodec.encode(data);
String sign = Crypto.sign(sessionData, Play.secretKey.getBytes());
if (COOKIE_EXPIRE == null) {
Http.Response.current()
.setCookie(
COOKIE_PREFIX + "_SESSION",
sign + "-" + sessionData,
null,
"/",
null,
COOKIE_SECURE,
SESSION_HTTPONLY);
} else {
Http.Response.current()
.setCookie(
COOKIE_PREFIX + "_SESSION",
sign + "-" + sessionData,
null,
"/",
Time.parseDuration(COOKIE_EXPIRE),
COOKIE_SECURE,
SESSION_HTTPONLY);
}
} catch (Exception e) {
throw new UnexpectedException("Session serializationProblem", e);
}
}
public String getAuthenticityToken() {
if (!data.containsKey(AT_KEY)) {
data.put(AT_KEY, Crypto.sign(UUID.randomUUID().toString()));
}
return data.get(AT_KEY);
}
public static void inviteNewMember(
@Required String nom,
@Required String prenom,
@Required String mail,
@Required String langue) {
try {
String login = normalize(prenom) + '.' + normalize(nom);
String url = "";
String signature = "";
String community = "Hypertopic";
//
String mailGodfather = "";
String firstNameGodfather = "";
String lastNameGodfather = "";
int flag = -1;
if (session.get("username").equals("admin")) {
firstNameGodfather = "l'administrateur";
mailGodfather = "Hypertopic Team <*****@*****.**>";
} else {
HashMap<String, String> infos = Ldap.getConnectedUserInfos(session.get("username"));
mailGodfather = infos.get("mail");
firstNameGodfather = infos.get("firstName");
lastNameGodfather = infos.get("lastName");
firstNameGodfather =
firstNameGodfather.substring(0, 1).toUpperCase()
+ firstNameGodfather.substring(1).toLowerCase();
lastNameGodfather =
lastNameGodfather.substring(0, 1).toUpperCase()
+ lastNameGodfather.substring(1).toLowerCase();
}
flag = Invitation.verifyMaliciousPassword(login, mail);
if (flag == Invitation.ADDRESSES_MATCHE || flag == Invitation.USER_NOTEXIST) {
System.out.println("invitenewmember");
try {
url = "http://" + request.domain;
if (request.port != 80) url += ":" + request.port;
url +=
"/inscription?firstname="
+ URLEncoder.encode(prenom, "UTF-8")
+ "&lastname="
+ URLEncoder.encode(nom, "UTF-8")
+ "&email="
+ URLEncoder.encode(mail, "UTF-8");
signature = Crypto.sign(prenom + nom + mail);
url += "&signature=" + signature;
System.out.println("url in inviteNewMember: " + url);
} catch (UnsupportedEncodingException uee) {
System.err.println(uee);
}
if (validation.hasErrors()) {
render("Invitation/index.html");
} else {
if (renderArgs.get("domainName") != null) {
community = renderArgs.get("domainName").toString();
}
System.out.println("I can arrive heeeeeeeeeeeeeeeeeeeeeeeeer");
if (langue.equals("fr")) {
Mails.inviteFr(
"Hypertopic Team <*****@*****.**>",
mail,
prenom,
nom,
url,
community,
firstNameGodfather,
lastNameGodfather,
mailGodfather);
} else {
Mails.inviteEn(
"Hypertopic Team <*****@*****.**>",
mail,
prenom,
nom,
url,
community,
firstNameGodfather,
lastNameGodfather,
mailGodfather);
}
flash.success(Messages.get("invitation_success"));
System.out.println("community: " + community);
session.remove("nom");
session.remove("prenom");
session.remove("mail");
Invitation.invitation();
}
} else {
if (langue.equals("fr")) {
flash.error(Messages.get("invitation_mailadresse_no_match"));
} else {
flash.error(Messages.get("invitation_mailadresse_no_match"));
}
Invitation.invitation();
}
} catch (Exception e) {
System.out.println("An exception occurred in Invitation.inviteNewMember");
e.printStackTrace();
render("Invitation/index.html");
}
}