use of io.gravitee.am.common.exception.authentication.AccountDisabledException in project gravitee-access-management by gravitee-io.
the class SSOSessionHandler method checkAccountStatus.
private void checkAccountStatus(RoutingContext context, io.gravitee.am.model.User user, Handler<AsyncResult<Void>> handler) {
// if user is disabled, sign out the user
if (!user.isEnabled()) {
handler.handle(Future.failedFuture(new AccountDisabledException(user.getId())));
return;
}
// if user has reset its password, check the last login date to make sure that the current session is not compromised
CookieSession session = (CookieSession) context.session().getDelegate();
if (user.getLastPasswordReset() != null && // we need to compare both dates without the milliseconds
user.getLastPasswordReset().getTime() - session.lastLogin().getTime() > 1000) {
handler.handle(Future.failedFuture(new AccountIllegalStateException(user.getId())));
return;
}
// if user has been sign out in a REST manner way, check the last login date to make sure that the current session is not compromised
if (user.getLastLogoutAt() != null && // we need to compare both dates without the milliseconds
user.getLastLogoutAt().getTime() - session.lastLogin().getTime() > 1000) {
handler.handle(Future.failedFuture(new AccountIllegalStateException(user.getId())));
return;
}
// continue
handler.handle(Future.succeededFuture());
}
Aggregations