Package org.mokai.web.admin.jogger.controllers

Source Code of org.mokai.web.admin.jogger.controllers.Sessions

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
package org.mokai.web.admin.jogger.controllers;

import org.jasypt.util.password.StrongPasswordEncryptor;
import org.jogger.http.Cookie;
import org.jogger.http.Request;
import org.jogger.http.Response;
import org.json.JSONException;
import org.json.JSONObject;
import org.mokai.web.admin.AdminPasswordStore;

/**
* Sessions controller.
*
* @author German Escobar
*/
public class Sessions {

  private AdminPasswordStore adminPasswordStore;

  public void newForm(Request request, Response response) {
    boolean authenticated = (Boolean) response.getAttributes().get("authenticated");
    if (authenticated) {
      response.redirect("/");
      return;
    }

    response.render("login.ftl");
  }

  public void create(Request request, Response response) throws JSONException {
    JSONObject input = null;
    try {
      input = new JSONObject(request.getBody().asString());
    } catch (JSONException e) {
      response.badRequest().print("{ \"message\": \"" + e.getMessage() + "\"}");
      return;
    }

    String username = getField(input, "username");
    String password = getField(input, "password");

    if ( !"admin".equals(username) || !isPasswordValid(password) ) {
      response.unauthorized();
    }

    Cookie cookie = new Cookie("access_token", "SO8ERHEHFSKJFHI7S3G3WODY7WFG64");
    cookie.setMaxAge( 3600 * 24 * 14 );
    cookie.setHttpOnly(true);
    response.setCookie( cookie );
  }

  private boolean isPasswordValid(String password) {
    String encryptedPassword = adminPasswordStore.getPassword();

    if (encryptedPassword != null) {
      StrongPasswordEncryptor encryptor = new StrongPasswordEncryptor();
      return encryptor.checkPassword(password, encryptedPassword);
    } else {
      if ("admin".equals(password)) {
        return true;
      }
    }

    return false;
  }

  private String getField(JSONObject input, String field) throws JSONException {
    if ( !input.has(field) ) {
      return null;
    }

    return input.getString(field);
  }

  public void delete(Request request, Response response) {
    Cookie cookie = request.getCookie("access_token");

    if (cookie != null) {
      response.removeCookie(cookie);
    }
  }

  public void setAdminPasswordStore(AdminPasswordStore adminPasswordStore) {
    this.adminPasswordStore = adminPasswordStore;
  }

}
TOP

Related Classes of org.mokai.web.admin.jogger.controllers.Sessions

  • org.jasypt.util.password.StrongPasswordEncryptor
  • org.jogger.http.Cookie
  • org.json.JSONObject
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.