/**
* Tries to authenticate with given credentials
*
* @return User object if authentication is successful or null if not
*/
public User authenticate(String login, String password) {
User user = userDAO.findByLogin(login);
if (user == null) {
return null;
}
if (!passwordService.checkPassword(password, user.getPasswordSalt(), user.getPasswordHash())) {
user.setLoginAttempts(user.getLoginAttempts() + 1);
if (user.getLoginAttempts()
>= configurationService.getInt(
Constants.MAX_LOGIN_ATTEMPTS, Constants.MAX_LOGIN_ATTEMPTS_DEFAULT)) {
user.setStatus(UserStatus.LOCKED_OUT);
}
return null;
} else {
if (user.getLoginAttempts() != 0) {
user.setLoginAttempts(0);
}
if (user.getLastLogin() == null
|| System.currentTimeMillis() - user.getLastLogin().getTime()
> configurationService.getLong(
Constants.LAST_LOGIN_TIMEOUT, Constants.LAST_LOGIN_TIMEOUT_DEFAULT)) {
user.setLastLogin(timestampService.getTimestamp());
}
return user;
}
}
@TransactionAttribute(TransactionAttributeType.NOT_SUPPORTED)
public User createUser(@NotNull User user, String password) {
if (user.getId() != null) {
throw new HiveException(Messages.ID_NOT_ALLOWED, BAD_REQUEST.getStatusCode());
}
user.setLogin(StringUtils.trim(user.getLogin()));
User existing = userDAO.findByLogin(user.getLogin());
if (existing != null) {
throw new HiveException(Messages.DUPLICATE_LOGIN, FORBIDDEN.getStatusCode());
}
if (StringUtils.isEmpty(password)) {
throw new HiveException(Messages.PASSWORD_REQUIRED, BAD_REQUEST.getStatusCode());
}
String salt = passwordService.generateSalt();
String hash = passwordService.hashPassword(password, salt);
user.setPasswordSalt(salt);
user.setPasswordHash(hash);
user.setLoginAttempts(Constants.INITIAL_LOGIN_ATTEMPTS);
hiveValidator.validate(user);
return userDAO.create(user);
}
@TransactionAttribute(TransactionAttributeType.NOT_SUPPORTED)
public User updateUser(@NotNull Long id, UserUpdate userToUpdate) {
User existing = userDAO.findById(id);
if (existing == null) {
throw new HiveException(
String.format(Messages.USER_NOT_FOUND, id), NOT_FOUND.getStatusCode());
}
if (userToUpdate == null) {
return existing;
}
if (userToUpdate.getLogin() != null) {
String newLogin = StringUtils.trim(userToUpdate.getLogin().getValue());
User withSuchLogin = userDAO.findByLogin(newLogin);
if (withSuchLogin != null && !withSuchLogin.getId().equals(id)) {
throw new HiveException(Messages.DUPLICATE_LOGIN, FORBIDDEN.getStatusCode());
}
existing.setLogin(newLogin);
}
if (userToUpdate.getPassword() != null) {
if (StringUtils.isEmpty(userToUpdate.getPassword().getValue())) {
throw new HiveException(Messages.PASSWORD_REQUIRED, BAD_REQUEST.getStatusCode());
}
String salt = passwordService.generateSalt();
String hash = passwordService.hashPassword(userToUpdate.getPassword().getValue(), salt);
existing.setPasswordSalt(salt);
existing.setPasswordHash(hash);
}
if (userToUpdate.getRole() != null) {
existing.setRole(userToUpdate.getRoleEnum());
}
if (userToUpdate.getStatus() != null) {
existing.setStatus(userToUpdate.getStatusEnum());
}
hiveValidator.validate(existing);
return userDAO.update(existing);
}
