package com.juick.server.security; import com.juick.User; import com.juick.server.security.entities.JuickUser; import com.juick.service.UserService; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.security.authentication.AuthenticationProvider; import org.springframework.security.authentication.LockedException; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.AuthenticationException; import org.springframework.util.Assert; import javax.inject.Inject; /** * Created by vitalyster on 25.11.2016. */ public class JuickAuthenticationProvider implements AuthenticationProvider { private final Logger logger = LoggerFactory.getLogger(getClass()); private final UserService userService; @Inject public JuickAuthenticationProvider(UserService userService) { Assert.notNull(userService); this.userService = userService; } @Override public Authentication authenticate(Authentication authentication) throws AuthenticationException { String name = authentication.getName(); String password = authentication.getCredentials().toString(); User user = userService.getFullyUserByName(name); if (user != null) { if (user.isBanned()) throw new LockedException("Username \"" + name + "\" is banned"); return new UsernamePasswordAuthenticationToken(name, password, JuickUser.USER_AUTHORITY); } return null; } @Override public boolean supports(Class authentication) { return authentication.equals(UsernamePasswordAuthenticationToken.class); } }