Changeset 284:8f09442c1968
- Timestamp:
- 09/04/11 17:59:23 (5 months ago)
- Branch:
- default
- Convert:
- svn:7c3792e6-d75b-4784-96a6-b298f655ee64/trunk@2718
- Location:
- kraken-dom/src/main/java/org/krakenapps/dom
- Files:
-
- 1 added
- 2 edited
-
api/impl/AdminApiImpl.java (modified) (5 diffs)
-
exception/AdminLockedException.java (added)
-
msgbus/LoginPlugin.java (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
kraken-dom/src/main/java/org/krakenapps/dom/api/impl/AdminApiImpl.java
r282 r284 28 28 import org.krakenapps.dom.api.AdminApi; 29 29 import org.krakenapps.dom.api.UserExtensionProvider; 30 import org.krakenapps.dom.exception.AdminLockedException; 30 31 import org.krakenapps.dom.exception.CannotRemoveRequestingAdminException; 31 32 import org.krakenapps.dom.exception.InvalidPasswordException; … … 38 39 import org.krakenapps.jpa.handler.JpaConfig; 39 40 import org.krakenapps.jpa.handler.Transactional; 41 import org.slf4j.Logger; 42 import org.slf4j.LoggerFactory; 40 43 41 44 @Component(name = "dom-admin-api") … … 43 46 @JpaConfig(factory = "dom") 44 47 public class AdminApiImpl extends AbstractApi<Admin> implements AdminApi, UserExtensionProvider { 48 private final Logger logger = LoggerFactory.getLogger(AdminApiImpl.class.getName()); 49 45 50 @Requires 46 51 private ThreadLocalEntityManagerService entityManagerService; … … 51 56 } 52 57 53 @Transactional54 58 @Override 55 59 public Admin login(String nick, String hash, String nonce) throws AdminNotFoundException, InvalidPasswordException { 56 EntityManager em = entityManagerService.getEntityManager(); 60 Admin admin = getAdmin(nick, hash, nonce); 61 62 if (hash.equals(Sha1.hash(admin.getUser().getPassword() + nonce)) == false) { 63 updateLoginFailures(admin); 64 throw new InvalidPasswordException(); 65 } 66 67 return admin; 68 } 69 70 @Transactional 71 private void updateLoginFailures(Admin admin) { 72 EntityManager em = entityManagerService.getEntityManager(); 73 admin = em.find(Admin.class, admin.getId()); 74 admin.setLoginFailures(admin.getLoginFailures() + 1); 75 logger.debug("kraken dom: login [{}] login failures [{}]", admin.getUser().getName(), admin.getLoginFailures()); 76 77 if (admin.isUseLoginLock() && admin.getLoginFailures() >= admin.getLoginLockCount()) 78 admin.setEnabled(false); 79 80 em.merge(admin); 81 } 82 83 @Transactional 84 private Admin getAdmin(String nick, String hash, String nonce) { 57 85 try { 86 EntityManager em = entityManagerService.getEntityManager(); 58 87 Admin admin = (Admin) em.createQuery("SELECT a FROM Admin a LEFT JOIN a.user u WHERE u.loginName = ?") 59 88 .setParameter(1, nick).getSingleResult(); 60 61 if (hash.equals(Sha1.hash(admin.getUser().getPassword() + nonce)) == false) 62 throw new InvalidPasswordException(); 89 if (!admin.isEnabled()) 90 throw new AdminLockedException(); 63 91 64 92 admin.setLastLoginDateTime(new Date()); … … 215 243 admin.setIdleTimeout(targetAdmin.getIdleTimeout()); 216 244 admin.setLoginLockCount(targetAdmin.getLoginLockCount()); 217 218 if (!admin.isEnabled() && targetAdmin.isEnabled()) 245 246 if (!admin.isEnabled() && targetAdmin.isEnabled()) 219 247 admin.setLoginFailures(0); 220 248 221 249 admin.setEnabled(targetAdmin.isEnabled()); 222 250 223 251 em.merge(admin); 224 252 -
kraken-dom/src/main/java/org/krakenapps/dom/msgbus/LoginPlugin.java
r183 r284 53 53 54 54 @AllowGuestAccess 55 @Transactional56 55 @MsgbusMethod 57 56 public void login(Request req, Response resp) throws AdminNotFoundException, InvalidPasswordException {
Note: See TracChangeset
for help on using the changeset viewer.
