Examples with User io.bastillion.manage.model.User used on opensource projects

Example 1 with User

use of io.bastillion.manage.model.User in project KeyBox by skavanagh.

the class LoginKtrl method loginSubmit.

@Kontrol(path = "/loginSubmit", method = MethodType.POST)
public String loginSubmit() throws ServletException {
    String retVal = "redirect:/admin/menu.html";
    String authToken = null;
    try {
        authToken = AuthDB.login(auth);
        // get client IP
        String clientIP = AuthUtil.getClientIPAddress(getRequest());
        if (authToken != null) {
            User user = AuthDB.getUserByAuthToken(authToken);
            if (user != null) {
                String sharedSecret = null;
                if (otpEnabled) {
                    sharedSecret = AuthDB.getSharedSecret(user.getId());
                    if (StringUtils.isNotEmpty(sharedSecret) && (auth.getOtpToken() == null || !OTPUtil.verifyToken(sharedSecret, auth.getOtpToken()))) {
                        loginAuditLogger.info(auth.getUsername() + " (" + clientIP + ") - " + AUTH_ERROR);
                        addError(AUTH_ERROR);
                        return "/login.html";
                    }
                }
                // check to see if admin has any assigned profiles
                if (!User.MANAGER.equals(user.getUserType()) && (user.getProfileList() == null || user.getProfileList().size() <= 0)) {
                    loginAuditLogger.info(auth.getUsername() + " (" + clientIP + ") - " + AUTH_ERROR_NO_PROFILE);
                    addError(AUTH_ERROR_NO_PROFILE);
                    return "/login.html";
                }
                // check to see if account has expired
                if (user.isExpired()) {
                    loginAuditLogger.info(auth.getUsername() + " (" + clientIP + ") - " + AUTH_ERROR_EXPIRED_ACCOUNT);
                    addError(AUTH_ERROR_EXPIRED_ACCOUNT);
                    return "/login.html";
                }
                AuthUtil.setAuthToken(getRequest().getSession(), authToken);
                AuthUtil.setUserId(getRequest().getSession(), user.getId());
                AuthUtil.setAuthType(getRequest().getSession(), user.getAuthType());
                AuthUtil.setTimeout(getRequest().getSession());
                AuthUtil.setUsername(getRequest().getSession(), user.getUsername());
                AuthDB.updateLastLogin(user);
                // for first time login redirect to set OTP
                if (otpEnabled && StringUtils.isEmpty(sharedSecret)) {
                    retVal = "redirect:/admin/viewOTP.ktrl";
                } else if ("changeme".equals(auth.getPassword()) && Auth.AUTH_BASIC.equals(user.getAuthType())) {
                    retVal = "redirect:/admin/userSettings.ktrl";
                }
                loginAuditLogger.info(auth.getUsername() + " (" + clientIP + ") - Authentication Success");
            }
        } else {
            loginAuditLogger.info(auth.getUsername() + " (" + clientIP + ") - " + AUTH_ERROR);
            addError(AUTH_ERROR);
            retVal = "/login.html";
        }
    } catch (SQLException | GeneralSecurityException ex) {
        log.error(ex.toString(), ex);
        throw new ServletException(ex.toString(), ex);
    }
    return retVal;
}

Example 2 with User

use of io.bastillion.manage.model.User in project KeyBox by skavanagh.

the class UserDB method getUserSet.

/**
 * returns users based on sort order defined
 *
 * @param sortedSet object that defines sort order
 * @return sorted user list
 */
public static SortedSet getUserSet(SortedSet sortedSet) throws SQLException, GeneralSecurityException {
    ArrayList<User> userList = new ArrayList<>();
    String orderBy = "";
    if (sortedSet.getOrderByField() != null && !sortedSet.getOrderByField().trim().equals("")) {
        orderBy = "order by " + sortedSet.getOrderByField() + " " + sortedSet.getOrderByDirection();
    }
    String sql = "select * from  users " + orderBy;
    Connection con = DBUtils.getConn();
    PreparedStatement stmt = con.prepareStatement(sql);
    ResultSet rs = stmt.executeQuery();
    while (rs.next()) {
        User user = new User();
        user.setId(rs.getLong("id"));
        user.setFirstNm(rs.getString(FIRST_NM));
        user.setLastNm(rs.getString(LAST_NM));
        user.setEmail(rs.getString(EMAIL));
        user.setUsername(rs.getString(USERNAME));
        user.setPassword(rs.getString(PASSWORD));
        user.setAuthType(rs.getString(AUTH_TYPE));
        user.setUserType(rs.getString(USER_TYPE));
        user.setLastLoginTm(rs.getTimestamp(LAST_LOGIN_TM));
        user.setExpirationTm(rs.getTimestamp(EXPIRATION_TM));
        user.setExpired(EXPIRATION_DAYS > 0 && user.getExpirationTm() != null && user.getExpirationTm().before(new Date()));
        userList.add(user);
    }
    DBUtils.closeRs(rs);
    DBUtils.closeStmt(stmt);
    DBUtils.closeConn(con);
    sortedSet.setItemList(userList);
    return sortedSet;
}

Example 3 with User

use of io.bastillion.manage.model.User in project KeyBox by skavanagh.

the class UserDB method getAdminUserSet.

/**
 * returns all admin users based on sort order defined
 *
 * @param sortedSet object that defines sort order
 * @return sorted user list
 * @profileId check if user is apart of given profile
 */
public static SortedSet getAdminUserSet(SortedSet sortedSet, Long profileId) throws SQLException, GeneralSecurityException {
    ArrayList<User> userList = new ArrayList<>();
    String orderBy = "";
    if (sortedSet.getOrderByField() != null && !sortedSet.getOrderByField().trim().equals("")) {
        orderBy = "order by " + sortedSet.getOrderByField() + " " + sortedSet.getOrderByDirection();
    }
    String sql = "select u.*, m.profile_id from users u left join user_map  m on m.user_id = u.id and m.profile_id = ? where u.user_type like '" + User.ADMINISTRATOR + "'" + orderBy;
    Connection con = DBUtils.getConn();
    PreparedStatement stmt = con.prepareStatement(sql);
    stmt.setLong(1, profileId);
    ResultSet rs = stmt.executeQuery();
    while (rs.next()) {
        User user = new User();
        user.setId(rs.getLong("id"));
        user.setFirstNm(rs.getString(FIRST_NM));
        user.setLastNm(rs.getString(LAST_NM));
        user.setEmail(rs.getString(EMAIL));
        user.setUsername(rs.getString(USERNAME));
        user.setPassword(rs.getString(PASSWORD));
        user.setAuthType(rs.getString(AUTH_TYPE));
        user.setUserType(rs.getString(USER_TYPE));
        user.setLastLoginTm(rs.getTimestamp(LAST_LOGIN_TM));
        user.setExpirationTm(rs.getTimestamp(EXPIRATION_TM));
        user.setExpired(EXPIRATION_DAYS > 0 && user.getExpirationTm() != null && user.getExpirationTm().before(new Date()));
        user.setChecked(profileId.equals(rs.getLong(PROFILE_ID)));
        userList.add(user);
    }
    DBUtils.closeRs(rs);
    DBUtils.closeStmt(stmt);
    DBUtils.closeConn(con);
    sortedSet.setItemList(userList);
    return sortedSet;
}

Example 4 with User

use of io.bastillion.manage.model.User in project KeyBox by skavanagh.

the class UserDB method getUser.

/**
 * returns user base on id
 *
 * @param userId user id
 * @return user object
 */
public static User getUser(Long userId) throws SQLException, GeneralSecurityException {
    Connection con = DBUtils.getConn();
    User user = getUser(con, userId);
    DBUtils.closeConn(con);
    return user;
}

Example 5 with User

use of io.bastillion.manage.model.User in project KeyBox by skavanagh.

the class AuthDB method getUserByAuthToken.

/**
 * returns user based on auth token
 *
 * @param authToken auth token
 * @return user
 */
public static User getUserByAuthToken(String authToken) throws SQLException, GeneralSecurityException {
    Connection con = DBUtils.getConn();
    User user = getUserByAuthToken(con, authToken);
    DBUtils.closeConn(con);
    return user;
}