Examples with UserMgmtService org.b3log.solo.service.UserMgmtService used on opensource projects

Example 1 with UserMgmtService

use of org.b3log.solo.service.UserMgmtService in project solo by b3log.

the class AuthFilter method doFilter.

/**
     * If the specified request is NOT made by an authenticated user, sends 
     * error 403.
     *
     * @param request the specified request
     * @param response the specified response
     * @param chain filter chain
     * @throws IOException io exception
     * @throws ServletException servlet exception
     */
@Override
public void doFilter(final ServletRequest request, final ServletResponse response, final FilterChain chain) throws IOException, ServletException {
    final HttpServletResponse httpServletResponse = (HttpServletResponse) response;
    final HttpServletRequest httpServletRequest = (HttpServletRequest) request;
    final LatkeBeanManager beanManager = Lifecycle.getBeanManager();
    final UserMgmtService userMgmtService = beanManager.getReference(UserMgmtService.class);
    final UserQueryService userQueryService = beanManager.getReference(UserQueryService.class);
    try {
        userMgmtService.tryLogInWithCookie(httpServletRequest, httpServletResponse);
        final JSONObject currentUser = userQueryService.getCurrentUser(httpServletRequest);
        if (null == currentUser) {
            LOGGER.warn("The request has been forbidden");
            httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
            return;
        }
        final String userRole = currentUser.optString(User.USER_ROLE);
        if (Role.VISITOR_ROLE.equals(userRole)) {
            LOGGER.warn("The request [Visitor] has been forbidden");
            httpServletResponse.sendError(HttpServletResponse.SC_FORBIDDEN);
            return;
        }
        chain.doFilter(request, response);
    } catch (final IOException e) {
        LOGGER.log(Level.ERROR, "Auth filter failed", e);
        httpServletResponse.sendError(HttpServletResponse.SC_NOT_FOUND);
    }
}