/** * Authenticate the user and returns a new client {@link Context} instance. * * @return client context * @throws LoginException login exception */ public Context authenticate() throws LoginException { final byte[] address = token(req.getRemoteAddr()); try { if (user == null || user.isEmpty() || pass == null || pass.isEmpty()) throw new LoginException(NOPASSWD); final Context ctx = new Context(context(), null); ctx.user = ctx.users.get(user); if (ctx.user == null || !ctx.user.password.equals(md5(pass))) throw new LoginException(); context.blocker.remove(address); return ctx; } catch (final LoginException ex) { // delay users with wrong passwords for (int d = context.blocker.delay(address); d > 0; d--) Performance.sleep(100); throw ex; } }
/** * Returns a string with the remote user address. * * @return user address */ private String address() { return req.getRemoteAddr() + ':' + req.getRemotePort(); }