Example 1 with RecoveryCode
use of org.molgenis.security.twofactor.model.RecoveryCode in project molgenis by molgenis.
the class RecoveryServiceImpl method generateRecoveryCodes.
private List<RecoveryCode> generateRecoveryCodes(String userId) {
List<RecoveryCode> recoveryCodes = newArrayList();
for (int i = 0; i < RECOVERY_CODE_COUNT; i++) {
RecoveryCode recoveryCode = recoveryCodeFactory.create();
recoveryCode.setUserId(userId);
recoveryCode.setCode(idGenerator.generateId(LONG_SECURE_RANDOM));
recoveryCodes.add(recoveryCode);
}
return recoveryCodes;
}
Also used :
RecoveryCode(org.molgenis.security.twofactor.model.RecoveryCode)
Example 2 with RecoveryCode
use of org.molgenis.security.twofactor.model.RecoveryCode in project molgenis by molgenis.
the class RecoveryServiceImpl method useRecoveryCode.
@Override
@Transactional
public void useRecoveryCode(String recoveryCode) {
String userId = getUser().getId();
RecoveryCode existingCode = runAsSystem(() -> dataService.query(RECOVERY_CODE, RecoveryCode.class).eq(USER_ID, userId).and().eq(CODE, recoveryCode).findOne());
if (existingCode != null) {
runAsSystem(() -> dataService.delete(RECOVERY_CODE, existingCode));
UserSecret secret = runAsSystem(() -> dataService.query(USER_SECRET, UserSecret.class).eq(UserSecretMetaData.USER_ID, userId).findOne());
secret.setFailedLoginAttempts(0);
runAsSystem(() -> dataService.update(USER_SECRET, secret));
} else {
throw new BadCredentialsException("Invalid recovery code or code already used");
}
}
Also used :
RecoveryCode(org.molgenis.security.twofactor.model.RecoveryCode)
UserSecret(org.molgenis.security.twofactor.model.UserSecret)
BadCredentialsException(org.springframework.security.authentication.BadCredentialsException)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 3 with RecoveryCode
use of org.molgenis.security.twofactor.model.RecoveryCode in project molgenis by molgenis.
the class UserAccountControllerTest method testGetRecoveryCodes.
@Test
public void testGetRecoveryCodes() throws Exception {
RecoveryCode code1 = mock(RecoveryCode.class);
when(code1.getCode()).thenReturn("code1");
RecoveryCode code2 = mock(RecoveryCode.class);
when(code2.getCode()).thenReturn("code2");
when(recoveryService.getRecoveryCodes()).thenReturn(Stream.of(code1, code2));
assertEquals(userAccountController.getRecoveryCodes(), ImmutableMap.of("recoveryCodes", ImmutableList.of("code1", "code2")));
}
Also used :
RecoveryCode(org.molgenis.security.twofactor.model.RecoveryCode)
Test(org.testng.annotations.Test)
Example 4 with RecoveryCode
use of org.molgenis.security.twofactor.model.RecoveryCode in project molgenis by molgenis.
the class UserAccountControllerTest method testGenerateRecoveryCodes.
@Test
public void testGenerateRecoveryCodes() throws Exception {
RecoveryCode code1 = mock(RecoveryCode.class);
when(code1.getCode()).thenReturn("code1");
RecoveryCode code2 = mock(RecoveryCode.class);
when(code2.getCode()).thenReturn("code2");
when(recoveryService.generateRecoveryCodes()).thenReturn(Stream.of(code1, code2));
assertEquals(userAccountController.generateRecoveryCodes(), ImmutableMap.of("recoveryCodes", ImmutableList.of("code1", "code2")));
}
Also used :
RecoveryCode(org.molgenis.security.twofactor.model.RecoveryCode)
Test(org.testng.annotations.Test)
Aggregations
RecoveryCode (org.molgenis.security.twofactor.model.RecoveryCode)4
Test (org.testng.annotations.Test)2
UserSecret (org.molgenis.security.twofactor.model.UserSecret)1
BadCredentialsException (org.springframework.security.authentication.BadCredentialsException)1
Transactional (org.springframework.transaction.annotation.Transactional)1
