From c61ba1deb4cf58bc44e1dfb272052dd64150eb49 Mon Sep 17 00:00:00 2001 From: Alexander Alexeev Date: Sat, 26 Nov 2016 13:19:17 +0700 Subject: working spring security config --- .../security/JuickAuthenticationProvider.java | 23 ++++++++++----- .../juick/server/security/entities/JuickUser.java | 2 +- .../main/java/com/juick/service/UserService.java | 4 +++ .../java/com/juick/service/UserServiceImpl.java | 33 ++++++++++++++++++++++ 4 files changed, 54 insertions(+), 8 deletions(-) (limited to 'juick-server/src/main/java') diff --git a/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationProvider.java b/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationProvider.java index 8d0bfddb..87908950 100644 --- a/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationProvider.java +++ b/juick-server/src/main/java/com/juick/server/security/JuickAuthenticationProvider.java @@ -1,16 +1,18 @@ package com.juick.server.security; +import com.juick.User; import com.juick.server.security.entities.JuickUser; import com.juick.service.UserService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.authentication.AuthenticationProvider; +import org.springframework.security.authentication.LockedException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; +import org.springframework.util.Assert; import javax.inject.Inject; -import java.util.Collections; /** * Created by vitalyster on 25.11.2016. @@ -18,20 +20,27 @@ import java.util.Collections; public class JuickAuthenticationProvider implements AuthenticationProvider { private final Logger logger = LoggerFactory.getLogger(getClass()); + private final UserService userService; + @Inject - private UserService userService; + public JuickAuthenticationProvider(UserService userService) { + Assert.notNull(userService); + this.userService = userService; + } @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { String name = authentication.getName(); String password = authentication.getCredentials().toString(); - boolean isAuthenticated = userService.checkPassword(name, password) > 0; - - logger.info("user {} authenticated: {}", name, isAuthenticated); + User user = userService.getFullyUserByName(name); + if (user != null) { + if (user.isBanned()) + throw new LockedException("Username \"" + name + "\" is banned"); - return isAuthenticated ? - new UsernamePasswordAuthenticationToken(name, password, JuickUser.USER_AUTHORITY) : null; + return new UsernamePasswordAuthenticationToken(name, password, JuickUser.USER_AUTHORITY); + } + return null; } @Override diff --git a/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java b/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java index fd06b65b..3e413bf6 100644 --- a/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java +++ b/juick-server/src/main/java/com/juick/server/security/entities/JuickUser.java @@ -43,7 +43,7 @@ public class JuickUser implements UserDetails { @Override public boolean isAccountNonLocked() { - return false; + return true; } @Override diff --git a/juick-server/src/main/java/com/juick/service/UserService.java b/juick-server/src/main/java/com/juick/service/UserService.java index cfd5092a..4d7d09c9 100644 --- a/juick-server/src/main/java/com/juick/service/UserService.java +++ b/juick-server/src/main/java/com/juick/service/UserService.java @@ -28,6 +28,10 @@ public interface UserService { User getUserByName(String username); + User getFullyUserByName(String username); + + List getFullyUsersByNames(Collection usernames); + User getUserByJID(String jid); List getUsersByName(Collection unames); diff --git a/juick-server/src/main/java/com/juick/service/UserServiceImpl.java b/juick-server/src/main/java/com/juick/service/UserServiceImpl.java index 2bdc4d41..d1e4eff5 100644 --- a/juick-server/src/main/java/com/juick/service/UserServiceImpl.java +++ b/juick-server/src/main/java/com/juick/service/UserServiceImpl.java @@ -129,6 +129,39 @@ public class UserServiceImpl extends BaseJdbcService implements UserService { return result; } + @Override + // No need marks with @Transactional annotation + public User getFullyUserByName(final String username) { + if (StringUtils.isNotBlank(username)) { + List list = getFullyUsersByNames(Collections.singletonList(username)); + if (!list.isEmpty()) + return list.get(0); + } + return null; + } + + @Transactional(readOnly = true) + @Override + public List getFullyUsersByNames(final Collection usernames) { + if (CollectionUtils.isEmpty(usernames)) + return Collections.emptyList(); + + return getNamedParameterJdbcTemplate().query( + "SELECT id, nick, passw, lang, banned FROM users WHERE nick in (:names)", + new MapSqlParameterSource("names", usernames), + (rs, rowNum) -> { + User user = new User(); + + user.setUid(rs.getInt(1)); + user.setName(rs.getString(2)); + user.setCredentials(rs.getString(3)); + user.setLang(rs.getString(4)); + user.setBanned(rs.getBoolean(5)); + + return user; + }); + } + @Transactional(readOnly = true) @Override public User getUserByJID(final String jid) { -- cgit v1.2.3