Source Code of com.psddev.cms.db.ToolAuthenticationPolicy

package com.psddev.cms.db;

import java.util.Date;
import java.util.Map;

import javax.naming.ldap.LdapContext;

import com.psddev.dari.db.Query;
import com.psddev.dari.util.AuthenticationException;
import com.psddev.dari.util.AuthenticationPolicy;
import com.psddev.dari.util.LdapUtils;
import com.psddev.dari.util.ObjectUtils;
import com.psddev.dari.util.Password;
import com.psddev.dari.util.PasswordException;
import com.psddev.dari.util.PasswordPolicy;
import com.psddev.dari.util.Settings;
import com.psddev.dari.util.UserPasswordPolicy;

public class ToolAuthenticationPolicy implements AuthenticationPolicy {

    @Override
    public ToolUser authenticate(String username, String password) throws AuthenticationException {
        ToolUser user = Query.from(ToolUser.class).where("email = ? or username = ?", username, username).first();
        LdapContext context = LdapUtils.createContext();

        if (context != null &&
                LdapUtils.authenticate(context, username, password)) {
            if (user == null) {
                user = new ToolUser();
                user.setName(username);
                user.setUsername(username);
                user.setExternal(true);
                user.save();
            }

            return user;
        }

        if (user != null) {
            if (user.getPassword().check(password)) {
                long passwordExpirationInDays = Settings.get(long.class, "cms/tool/passwordExpirationInDays");
                if (passwordExpirationInDays > 0L) {
                    long passwordExpiration = passwordExpirationInDays * 24 * 60 * 60 * 1000;
                    Date passwordChangedDate = user.getPasswordChangedDate();
                    if (passwordChangedDate == null || System.currentTimeMillis() - passwordExpiration > passwordChangedDate.getTime()) {
                        user.setChangePasswordOnLogIn(true);
                        user.save();
                    }
                }
                return user;
            }

        } else if (!ObjectUtils.isBlank(username) &&
                (ObjectUtils.firstNonNull(
                        Settings.get(Boolean.class, "cms/tool/autoCreateUser"),
                        Settings.get(boolean.class, "cms/tool/isAutoCreateUser")) ||
                !Query.from(ToolUser.class).hasMoreThan(0))) {
            String name = username;
            int atAt = username.indexOf("@");

            if (atAt >= 0) {
                name = username.substring(0, atAt);
            }

            user = new ToolUser();
            UserPasswordPolicy userPasswordPolicy = UserPasswordPolicy.Static.getInstance(Settings.get(String.class, "cms/tool/userPasswordPolicy"));
            PasswordPolicy passwordPolicy = null;
            Password hashedPassword;
            if (userPasswordPolicy == null) {
                passwordPolicy = PasswordPolicy.Static.getInstance(Settings.get(String.class, "cms/tool/passwordPolicy"));
            }
            try {
                if (userPasswordPolicy != null || (userPasswordPolicy == null && passwordPolicy == null)) {
                    hashedPassword = Password.validateAndCreateCustom(userPasswordPolicy, user, null, null, password);
                } else {
                    hashedPassword = Password.validateAndCreateCustom(passwordPolicy, null, null, password);
                }
            } catch (PasswordException error) {
                throw new AuthenticationException(error);
            }

            user.setName(name);

            if (atAt >= 0) {
                user.setEmail(username);

            } else {
                user.setUsername(username);
            }

            user.setPassword(hashedPassword);
            user.save();

            return user;
        }

        throw new AuthenticationException(
                "Oops! No user with that username and password.");
    }

    @Override
    public void initialize(String settingsKey, Map<String, Object> settings) {
    }
}