@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response login(String jsonString)
throws JOSEException, NoSuchAlgorithmException, InvalidKeySpecException {
UserFacade fac =
new UserFacade(Persistence.createEntityManagerFactory(DeploymentConfiguration.PU_NAME));
JsonObject json = new JsonParser().parse(jsonString).getAsJsonObject();
String username = json.get("username").getAsString();
String password = json.get("password").getAsString();
UserEn user = fac.getUserByUsername(username);
JsonObject responseJson = new JsonObject();
List<String> roles;
if ((roles = authenticate(username, password)) != null
&& PasswordHash.validatePassword(password, user.getPassword())) {
String token = createToken(username, roles);
responseJson.addProperty("username", username);
responseJson.addProperty("token", token);
return Response.ok(new Gson().toJson(responseJson)).build();
}
throw new NotAuthorizedException("Ilegal username or password", Response.Status.UNAUTHORIZED);
}
private List<String> authenticate(String password, String hash) {
UserFacade facade = new UserFacade();
return facade.authenticateUser(password, hash);
}
public User getUser(java.lang.Integer id) {
return ejbFacade.find(id);
}