use of org.craftercms.profile.exceptions.BadCredentialsException in project profile by craftercms.
the class AuthenticationServiceImpl method authenticate.
@Override
public Ticket authenticate(String tenantName, String username, String password) throws ProfileException {
checkIfManageTicketsIsAllowed(tenantName);
Profile profile = profileService.getProfileByUsername(tenantName, username, ProfileConstants.NO_ATTRIBUTE);
if (profile == null) {
// Invalid username
throw new BadCredentialsException();
}
if (!profile.isEnabled()) {
throw new DisabledProfileException(profile.getId().toString(), tenantName);
}
if (isProfileInTimeOut(profile)) {
throw new ProfileLockedException();
}
try {
if (!CryptoUtils.matchPassword(profile.getPassword(), password)) {
// Invalid password
countAsFail(profile);
throw new BadCredentialsException();
}
clearAllLoginAttempts(profile);
Ticket ticket = new Ticket();
ticket.setId(UUID.randomUUID().toString());
ticket.setTenant(tenantName);
ticket.setProfileId(profile.getId().toString());
ticket.setLastRequestTime(new Date());
ticketRepository.insert(ticket);
logger.debug(LOG_KEY_AUTHENTICATION_SUCCESSFUL, profile.getId(), ticket);
return ticket;
} catch (MongoDataException e) {
throw new I10nProfileException(ERROR_KEY_CREATE_TICKET_ERROR, profile.getId());
}
}
Aggregations