/**
* This handles the login form submission for the Web IDE.
*
* @return The result of rendering the page.
*/
@AddCSRFToken
@RequireCSRFCheck
@Transactional
public CompletionStage<Result> login() {
Form<LoginForm> userForm = myFormFactory.form(LoginForm.class).bindFromRequest();
// Perform the basic validation checks.
if (userForm.hasErrors()) {
// Render the page with the login form with the errors fields
String token = CSRF.getToken(request()).map(t -> t.value()).orElse("no token");
return CompletableFuture.supplyAsync(
() -> badRequest(index.render(userForm, token)), myHttpExecutionContext.current());
} else {
LoginForm form = userForm.get();
// Check for a registered user with the same email.
// Note that "connect" expects a JPA entity manager,
// which is not present if we don't wrap the call using
// "withTransaction()".
User user = myJpaApi.withTransaction(() -> User.connect(form.getEmail(), form.getPassword()));
if (user != null) {
// Check to see if this account has been authenticated or not.
boolean hasAuthenticated =
myJpaApi.withTransaction(() -> User.hasAuthenticated(form.getEmail()));
if (hasAuthenticated) {
// Update the login date
final User updatedUser = myJpaApi.withTransaction(() -> User.lastLogin(form.getEmail()));
// Add a new user event
myJpaApi.withTransaction(() -> UserEvent.addRegularEvent("login", "", updatedUser));
// Stores the email as session value
session("connected", form.getEmail());
// Obtain the http context from the configuration file
String context = myConfiguration.getString("play.http.context");
if (context == null) {
context = "";
}
// Redirect back to the home page
final String finalContext = context;
return CompletableFuture.supplyAsync(
() -> redirect(finalContext + "/"), myHttpExecutionContext.current());
} else {
// Render the not authenticated page
return CompletableFuture.supplyAsync(
() -> ok(notAuthenticated.render(form.getEmail())), myHttpExecutionContext.current());
}
} else {
// The email and/or password does not match, so we add a new validation error.
userForm.reject(new ValidationError("loginError", "Could not login."));
// Render the page with the login form with the errors fields
String token = CSRF.getToken(request()).map(t -> t.value()).orElse("no token");
return CompletableFuture.supplyAsync(
() -> badRequest(index.render(userForm, token)), myHttpExecutionContext.current());
}
}
}
public CompletionStage<Result> internalCall(
final Context ctx, final String clients, final String authorizers, final boolean multiProfile)
throws Throwable {
assertNotNull("securityLogic", securityLogic);
assertNotNull("config", config);
final PlayWebContext playWebContext = new PlayWebContext(ctx, sessionStore);
final HttpActionAdapter actionAdapter = config.getHttpActionAdapter();
return CompletableFuture.supplyAsync(
() -> {
return securityLogic.perform(
playWebContext,
config,
(webCtx, parameters) -> {
// when called from Scala
if (delegate == null) {
return null;
} else {
return delegate.call(ctx).toCompletableFuture().get();
}
},
actionAdapter,
clients,
authorizers,
null,
multiProfile);
},
ec.current());
}