public static void changePasswordCurrentUser(String newPassword) {
ODatabaseRecordTx db = DbHelper.getConnection();
String username = db.getUser().getName();
db = DbHelper.reconnectAsAdmin();
db.getMetadata().getSecurity().getUser(username).setPassword(newPassword).save();
// DbHelper.removeConnectionFromPool();
}
protected void invokeRollbackAgainstListeners() {
// WAKE UP LISTENERS
for (ODatabaseListener listener : ((ODatabaseRaw) database.getUnderlying()).getListeners())
try {
listener.onTxRollback(database.getUnderlying());
} catch (Throwable t) {
OLogManager.instance()
.error(this, "Error on rollback callback against listener: " + listener, t);
}
}
public static void changePassword(String username, String newPassword)
throws SqlInjectionException, UserNotFoundException {
ODatabaseRecordTx db = DbHelper.getConnection();
db = DbHelper.reconnectAsAdmin();
UserDao udao = UserDao.getInstance();
ODocument user = udao.getByUserName(username);
if (user == null) {
if (Logger.isDebugEnabled()) Logger.debug("User " + username + " does not exist");
throw new UserNotFoundException("User " + username + " does not exist");
}
db.getMetadata().getSecurity().getUser(username).setPassword(newPassword).save();
}
/**
* * Returns an edge (link), belonging to the class @LinkDao.MODEL_NAME, by its id (not RID)
*
* @param id
* @return
*/
public static ORID getRidLinkByUUID(String id) {
ODatabaseRecordTx db = DbHelper.getConnection();
OIndex<?> index = db.getMetadata().getIndexManager().getIndex(LinkDao.MODEL_NAME + ".id");
ORID rid = (ORID) index.get(id);
return rid;
}
/**
* * Login the user. parameters: username password appcode: the App Code (API KEY) login_data:
* json serialized string containing info related to the device used by the user. In particular,
* for push notification, must by supplied: deviceId os: (android|ios)
*
* @return
* @throws SqlInjectionException
* @throws IOException
* @throws JsonProcessingException
*/
@With({NoUserCredentialWrapFilter.class})
public static Result login() throws SqlInjectionException, JsonProcessingException, IOException {
String username = "";
String password = "";
String appcode = "";
String loginData = null;
RequestBody body = request().body();
// BaasBoxLogger.debug ("Login called. The body is: {}", body);
if (body == null)
return badRequest(
"missing data: is the body x-www-form-urlencoded or application/json? Detected: "
+ request().getHeader(CONTENT_TYPE));
Map<String, String[]> bodyUrlEncoded = body.asFormUrlEncoded();
if (bodyUrlEncoded != null) {
if (bodyUrlEncoded.get("username") == null)
return badRequest("The 'username' field is missing");
else username = bodyUrlEncoded.get("username")[0];
if (bodyUrlEncoded.get("password") == null)
return badRequest("The 'password' field is missing");
else password = bodyUrlEncoded.get("password")[0];
if (bodyUrlEncoded.get("appcode") == null)
return badRequest("The 'appcode' field is missing");
else appcode = bodyUrlEncoded.get("appcode")[0];
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("Username " + username);
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("Password " + password);
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("Appcode " + appcode);
if (username.equalsIgnoreCase(BBConfiguration.getBaasBoxAdminUsername())
|| username.equalsIgnoreCase(BBConfiguration.getBaasBoxUsername()))
return forbidden(username + " cannot login");
if (bodyUrlEncoded.get("login_data") != null) loginData = bodyUrlEncoded.get("login_data")[0];
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("LoginData" + loginData);
} else {
JsonNode bodyJson = body.asJson();
if (bodyJson == null)
return badRequest(
"missing data : is the body x-www-form-urlencoded or application/json? Detected: "
+ request().getHeader(CONTENT_TYPE));
if (bodyJson.get("username") == null) return badRequest("The 'username' field is missing");
else username = bodyJson.get("username").asText();
if (bodyJson.get("password") == null) return badRequest("The 'password' field is missing");
else password = bodyJson.get("password").asText();
if (bodyJson.get("appcode") == null) return badRequest("The 'appcode' field is missing");
else appcode = bodyJson.get("appcode").asText();
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("Username " + username);
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("Password " + password);
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("Appcode " + appcode);
if (username.equalsIgnoreCase(BBConfiguration.getBaasBoxAdminUsername())
|| username.equalsIgnoreCase(BBConfiguration.getBaasBoxUsername()))
return forbidden(username + " cannot login");
if (bodyJson.get("login_data") != null) loginData = bodyJson.get("login_data").asText();
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("LoginData" + loginData);
}
/* other useful parameter to receive and to store...*/
// validate user credentials
ODatabaseRecordTx db = null;
String user = null;
try {
db = DbHelper.open(appcode, username, password);
user = prepareResponseToJson(UserService.getCurrentUser());
if (loginData != null) {
JsonNode loginInfo = null;
try {
loginInfo = Json.parse(loginData);
} catch (Exception e) {
if (BaasBoxLogger.isDebugEnabled()) BaasBoxLogger.debug("Error parsong login_data field");
if (BaasBoxLogger.isDebugEnabled())
BaasBoxLogger.debug(ExceptionUtils.getFullStackTrace(e));
return badRequest("login_data field is not a valid json string");
}
Iterator<Entry<String, JsonNode>> it = loginInfo.fields();
HashMap<String, Object> data = new HashMap<String, Object>();
while (it.hasNext()) {
Entry<String, JsonNode> element = it.next();
String key = element.getKey();
Object value = element.getValue().asText();
data.put(key, value);
}
UserService.registerDevice(data);
}
} catch (OSecurityAccessException e) {
if (BaasBoxLogger.isDebugEnabled())
BaasBoxLogger.debug("UserLogin: "******"user " + username + " unauthorized");
} catch (InvalidAppCodeException e) {
if (BaasBoxLogger.isDebugEnabled())
BaasBoxLogger.debug("UserLogin: "******"user " + username + " unauthorized");
} finally {
if (db != null && !db.isClosed()) db.close();
}
ImmutableMap<SessionKeys, ? extends Object> sessionObject =
SessionTokenProvider.getSessionTokenProvider().setSession(appcode, username, password);
response()
.setHeader(SessionKeys.TOKEN.toString(), (String) sessionObject.get(SessionKeys.TOKEN));
ObjectMapper mapper = new ObjectMapper();
user =
user.substring(0, user.lastIndexOf("}"))
+ ",\""
+ SessionKeys.TOKEN.toString()
+ "\":\""
+ (String) sessionObject.get(SessionKeys.TOKEN)
+ "\"}";
JsonNode jn = mapper.readTree(user);
return ok(jn);
}
