public User register(String name, String password, String email, Collection<Role> roles) {
Preconditions.checkNotNull(name);
Preconditions.checkNotNull(password);
if (userDAO.findByName(name) != null) {
return null;
}
User user = new User();
byte[] salt = encryptionService.generateSalt();
user.setName(name);
user.setEmail(email);
user.setSalt(salt);
user.setPassword(encryptionService.getEncryptedPassword(password, salt));
for (Role role : roles) {
user.getRoles().add(new UserRole(user, role));
}
userDAO.save(user);
return user;
}
public User login(String name, String password) {
if (name == null || password == null) {
return null;
}
User user = userDAO.findByName(name);
if (user != null && !user.isDisabled()) {
boolean authenticated =
encryptionService.authenticate(password, user.getPassword(), user.getSalt());
if (authenticated) {
user.setLastLogin(Calendar.getInstance().getTime());
userDAO.update(user);
return user;
}
}
return null;
}
public String generateApiKey(User user) {
byte[] key =
encryptionService.getEncryptedPassword(UUID.randomUUID().toString(), user.getSalt());
return DigestUtils.sha1Hex(key);
}
