aboutsummaryrefslogtreecommitdiff
path: root/juick-server/src/main/java/com/juick
diff options
context:
space:
mode:
authorGravatar Vitaly Takmazov2016-11-25 13:20:15 +0300
committerGravatar Vitaly Takmazov2016-11-25 13:20:15 +0300
commit55b09a6a3bc4a21201189d855e140308f05016fb (patch)
tree543c880aaf15bf396eca6255bd816fb7d5dc9f12 /juick-server/src/main/java/com/juick
parentefe9b6d78c9aac2b92afe2d55d2f33e4b5e6d179 (diff)
juick-api: security WIP
Diffstat (limited to 'juick-server/src/main/java/com/juick')
-rw-r--r--juick-server/src/main/java/com/juick/server/security/JuickAuthenticationEntryPoint.java20
-rw-r--r--juick-server/src/main/java/com/juick/server/security/JuickAuthenticationProvider.java35
-rw-r--r--juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java62
3 files changed, 117 insertions, 0 deletions
diff --git a/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationEntryPoint.java b/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationEntryPoint.java
new file mode 100644
index 000000000..4c73196d0
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationEntryPoint.java
@@ -0,0 +1,20 @@
+package com.juick.server.security;
+
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.AuthenticationEntryPoint;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+
+/**
+ * Created by vitalyster on 25.11.2016.
+ */
+public class JuickAuthenticationEntryPoint implements AuthenticationEntryPoint {
+ @Override
+ public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException authException)
+ throws IOException, ServletException {
+ response.setStatus(HttpServletResponse.SC_FORBIDDEN);
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationProvider.java b/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationProvider.java
new file mode 100644
index 000000000..bf0ed4d75
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationProvider.java
@@ -0,0 +1,35 @@
+package com.juick.server.security;
+
+import com.juick.service.UserService;
+import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+
+import javax.inject.Inject;
+import java.util.Collections;
+
+/**
+ * Created by vitalyster on 25.11.2016.
+ */
+public class JuickAuthenticationProvider implements AuthenticationProvider {
+ @Inject
+ UserService userService;
+ @Override
+ public Authentication authenticate(Authentication authentication) throws AuthenticationException {
+ String name = authentication.getName();
+ String password = authentication.getCredentials().toString();
+ if (userService.checkPassword(name, password) > 0) {
+ return new UsernamePasswordAuthenticationToken(name, password, Collections.singletonList(
+ new SimpleGrantedAuthority("ROLE_USER")
+ ));
+ }
+ return null;
+ }
+
+ @Override
+ public boolean supports(Class<?> authentication) {
+ return authentication.equals(UsernamePasswordAuthenticationToken.class);
+ }
+}
diff --git a/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java b/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java
new file mode 100644
index 000000000..6cc002aed
--- /dev/null
+++ b/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java
@@ -0,0 +1,62 @@
+package com.juick.server.security.entities;
+
+import com.juick.User;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
+import org.springframework.security.core.userdetails.UserDetails;
+
+import java.util.Collection;
+import java.util.Collections;
+
+/**
+ * Created by aalexeev on 11/21/16.
+ */
+public class JuickUser implements UserDetails {
+ private static final GrantedAuthority ROLE_USER = new SimpleGrantedAuthority("ROLE_USER");
+
+ private final com.juick.User user;
+
+
+ public JuickUser(com.juick.User user) {
+ this.user = user;
+ }
+
+ @Override
+ public Collection<? extends GrantedAuthority> getAuthorities() {
+ return Collections.singletonList(ROLE_USER);
+ }
+
+ @Override
+ public String getPassword() {
+ return null;
+ }
+
+ @Override
+ public String getUsername() {
+ return user.getName();
+ }
+
+ @Override
+ public boolean isAccountNonExpired() {
+ return true;
+ }
+
+ @Override
+ public boolean isAccountNonLocked() {
+ return false;
+ }
+
+ @Override
+ public boolean isCredentialsNonExpired() {
+ return true;
+ }
+
+ @Override
+ public boolean isEnabled() {
+ return !user.isBanned();
+ }
+
+ public User getUser() {
+ return user;
+ }
+}