NIHVIVO-1207 Simplify the Authenticator interface.
This commit is contained in:
jeb228
parent
0dc6abfe61
commit
4f3f5bec58
5 changed files with 50 additions and 55 deletions
|
|
@ -62,23 +62,26 @@ public abstract class Authenticator {
|
|||
public abstract User getUserByUsername(String username);
|
||||
|
||||
/**
|
||||
* Return a list of URIs of the people that this user is allowed to edit.
|
||||
* Get a list of URIs of the people that this user is allowed to edit.
|
||||
*/
|
||||
public abstract List<String> asWhomMayThisUserEdit(User user);
|
||||
|
||||
/**
|
||||
* Record a new password for the user.
|
||||
*/
|
||||
public abstract void recordNewPassword(User user,
|
||||
public abstract void recordNewPassword(String username,
|
||||
String newClearTextPassword);
|
||||
|
||||
/**
|
||||
* Record that the user has logged in.
|
||||
* <pre>
|
||||
* Record that the user has logged in, with all of the housekeeping that
|
||||
* goes with it:
|
||||
* - updating the user record
|
||||
* - setting login status and timeout limit in the session
|
||||
* - record the user in the session map
|
||||
* - notify other users of the model
|
||||
* </pre>
|
||||
*/
|
||||
public abstract void recordSuccessfulLogin(User user);
|
||||
public abstract void recordUserIsLoggedIn(String username);
|
||||
|
||||
/**
|
||||
* Set the login status in the session.
|
||||
*/
|
||||
public abstract void setLoggedIn(User user);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -66,24 +66,30 @@ public class BasicAuthenticator extends Authenticator {
|
|||
}
|
||||
|
||||
@Override
|
||||
public void recordNewPassword(User user, String newClearTextPassword) {
|
||||
public void recordNewPassword(String username, String newClearTextPassword) {
|
||||
User user = getUserByUsername(username);
|
||||
if (user == null) {
|
||||
log.error("Trying to change password on non-existent user: "
|
||||
+ username);
|
||||
return;
|
||||
}
|
||||
user.setOldPassword(user.getMd5password());
|
||||
user.setMd5password(Authenticate.applyMd5Encoding(newClearTextPassword));
|
||||
getUserDao(request).updateUser(user);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void recordSuccessfulLogin(User user) {
|
||||
user.setLoginCount(user.getLoginCount() + 1);
|
||||
if (user.getFirstTime() == null) { // first login
|
||||
user.setFirstTime(new Date());
|
||||
public void recordUserIsLoggedIn(String username) {
|
||||
User user = getUserByUsername(username);
|
||||
if (user == null) {
|
||||
log.error("Trying to change password on non-existent user: "
|
||||
+ username);
|
||||
return;
|
||||
}
|
||||
getUserDao(request).updateUser(user);
|
||||
}
|
||||
|
||||
@Override
|
||||
public void setLoggedIn(User user) {
|
||||
HttpSession session = request.getSession();
|
||||
|
||||
recordLoginOnUserRecord(user);
|
||||
createLoginFormBean(user, session);
|
||||
createLoginStatusBean(user, session);
|
||||
setSessionTimeoutLimit(session);
|
||||
|
|
@ -91,6 +97,17 @@ public class BasicAuthenticator extends Authenticator {
|
|||
notifyOtherUsers(user, session);
|
||||
}
|
||||
|
||||
/**
|
||||
* Update the user record to record the login.
|
||||
*/
|
||||
private void recordLoginOnUserRecord(User user) {
|
||||
user.setLoginCount(user.getLoginCount() + 1);
|
||||
if (user.getFirstTime() == null) { // first login
|
||||
user.setFirstTime(new Date());
|
||||
}
|
||||
getUserDao(request).updateUser(user);
|
||||
}
|
||||
|
||||
/**
|
||||
* Put the login bean into the session.
|
||||
*
|
||||
|
|
|
|||
|
|
@ -261,6 +261,7 @@ public class Authenticate extends FreemarkerHttpServlet {
|
|||
/**
|
||||
* They are already logged in. There's nothing to do; no transition.
|
||||
*/
|
||||
@SuppressWarnings("unused")
|
||||
private void processInputLoggedIn(HttpServletRequest request) {
|
||||
}
|
||||
|
||||
|
|
@ -298,16 +299,7 @@ public class Authenticate extends FreemarkerHttpServlet {
|
|||
private void transitionToLoggedIn(HttpServletRequest request,
|
||||
String username) {
|
||||
log.debug("Completed login: " + username);
|
||||
|
||||
// Record the login on the user record (start with a fresh copy).
|
||||
// TODO All this should be a single call to Authenticator.
|
||||
User user = getAuthenticator(request).getUserByUsername(username);
|
||||
getAuthenticator(request).recordSuccessfulLogin(user);
|
||||
|
||||
// Record that a new user has logged in to this session.
|
||||
getAuthenticator(request).setLoggedIn(user);
|
||||
|
||||
// Remove the login process info from the session.
|
||||
getAuthenticator(request).recordUserIsLoggedIn(username);
|
||||
LoginProcessBean.removeBean(request);
|
||||
}
|
||||
|
||||
|
|
@ -318,12 +310,9 @@ public class Authenticate extends FreemarkerHttpServlet {
|
|||
private void transitionToLoggedIn(HttpServletRequest request,
|
||||
String username, String newPassword) {
|
||||
log.debug("Completed login: " + username + ", password changed.");
|
||||
|
||||
// TODO these should be a single call to Authenticator.
|
||||
User user = getAuthenticator(request).getUserByUsername(username);
|
||||
getAuthenticator(request).recordNewPassword(user, newPassword);
|
||||
|
||||
transitionToLoggedIn(request, username);
|
||||
getAuthenticator(request).recordNewPassword(username, newPassword);
|
||||
getAuthenticator(request).recordUserIsLoggedIn(username);
|
||||
LoginProcessBean.removeBean(request);
|
||||
}
|
||||
|
||||
/**
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue