Example 1 with LoginBlockResult
use of com.hack23.cia.service.impl.action.application.access.LoginBlockedAccess.LoginBlockResult in project cia by Hack23.
the class LoginService method processService.
@Override
@Secured({ "ROLE_ANONYMOUS", "ROLE_USER", "ROLE_ADMIN" })
public LoginResponse processService(final LoginRequest serviceRequest) {
final LoginResponse inputValidation = inputValidation(serviceRequest);
if (inputValidation != null) {
return inputValidation;
}
final CreateApplicationEventRequest eventRequest = createApplicationEventForService(serviceRequest);
final UserAccount userExist = userDAO.findFirstByProperty(UserAccount_.email, serviceRequest.getEmail());
final LoginBlockResult loginBlockResult = loginBlockedAccess.isBlocked(serviceRequest.getSessionId(), serviceRequest.getEmail());
LoginResponse response;
if (!loginBlockResult.isBlocked() && userExist != null && userExist.getUserLockStatus() == UserLockStatus.UNLOCKED && verifyOtp(serviceRequest, userExist) && passwordEncoder.matches(userExist.getUserId() + ".uuid" + serviceRequest.getUserpassword(), userExist.getUserpassword())) {
final Collection<SimpleGrantedAuthority> authorities = new ArrayList<>();
if (UserRole.ADMIN == userExist.getUserRole()) {
authorities.add(new SimpleGrantedAuthority("ROLE_ADMIN"));
} else if (UserRole.USER == userExist.getUserRole()) {
authorities.add(new SimpleGrantedAuthority("ROLE_USER"));
}
eventRequest.setUserId(userExist.getUserId());
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(userExist, userExist.getUserpassword(), authorities));
userExist.setNumberOfVisits(userExist.getNumberOfVisits() + 1);
userDAO.persist(userExist);
response = new LoginResponse(ServiceResult.SUCCESS);
} else {
response = new LoginResponse(ServiceResult.FAILURE);
response.setErrorMessage(LoginResponse.ErrorMessage.USERNAME_OR_PASSWORD_DO_NOT_MATCH.toString());
if (loginBlockResult.isBlocked()) {
eventRequest.setErrorMessage(loginBlockResult.getMessages().toString());
} else {
eventRequest.setErrorMessage(LoginResponse.ErrorMessage.USERNAME_OR_PASSWORD_DO_NOT_MATCH.toString());
}
}
eventRequest.setApplicationMessage(response.getResult().toString());
createApplicationEventService.processService(eventRequest);
LOGGER.info("Event: {}", eventRequest);
return response;
}
Also used :
SimpleGrantedAuthority(org.springframework.security.core.authority.SimpleGrantedAuthority)
LoginResponse(com.hack23.cia.service.api.action.application.LoginResponse)
ArrayList(java.util.ArrayList)
CreateApplicationEventRequest(com.hack23.cia.service.api.action.application.CreateApplicationEventRequest)
UsernamePasswordAuthenticationToken(org.springframework.security.authentication.UsernamePasswordAuthenticationToken)
UserAccount(com.hack23.cia.model.internal.application.user.impl.UserAccount)
LoginBlockResult(com.hack23.cia.service.impl.action.application.access.LoginBlockedAccess.LoginBlockResult)
Secured(org.springframework.security.access.annotation.Secured)
Aggregations
UserAccount (com.hack23.cia.model.internal.application.user.impl.UserAccount)1
CreateApplicationEventRequest (com.hack23.cia.service.api.action.application.CreateApplicationEventRequest)1
LoginResponse (com.hack23.cia.service.api.action.application.LoginResponse)1
LoginBlockResult (com.hack23.cia.service.impl.action.application.access.LoginBlockedAccess.LoginBlockResult)1
ArrayList (java.util.ArrayList)1
Secured (org.springframework.security.access.annotation.Secured)1
UsernamePasswordAuthenticationToken (org.springframework.security.authentication.UsernamePasswordAuthenticationToken)1
SimpleGrantedAuthority (org.springframework.security.core.authority.SimpleGrantedAuthority)1
