Changeset 305:994d47a9e1e3

Timestamp:

09/06/11 13:29:36 (5 months ago)

Author:

delmitz

Branch:

default

Convert:

svn:7c3792e6-d75b-4784-96a6-b298f655ee64/trunk@2739

Message:

• added auto disable admin login lock (1hour).
• modified password hash bug when user created.

Location:

kraken-dom/src/main/java/org/krakenapps/dom

Files:

• api/impl/AdminApiImpl.java (modified) (3 diffs)
• api/impl/UserApiImpl.java (modified) (1 diff)
• model/Admin.java (modified) (3 diffs)

kraken-dom/src/main/java/org/krakenapps/dom/api/impl/AdminApiImpl.java

@@ -16 +16 @@
 package org.krakenapps.dom.api.impl;
 
+import java.util.Calendar;
 import java.util.Date;
 import java.util.List;
@@ -83 +84 @@
                 if (success) {
                         admin.setLoginFailures(0);
+                        admin.setEnabled(true);
                 } else {
+                        admin.setLastLoginFailedDateTime(new Date());
                         admin.setLoginFailures(admin.getLoginFailures() + 1);
                         if (admin.isUseLoginLock() && admin.getLoginFailures() >= admin.getLoginLockCount())
@@ -98 +101 @@
                         Admin admin = (Admin) em.createQuery("SELECT a FROM Admin a LEFT JOIN a.user u WHERE u.loginName = ?")
                                         .setParameter(1, nick).getSingleResult();
-                        if (!admin.isEnabled())
-                                throw new AdminLockedException();
+                        if (!admin.isEnabled()) {
+                                Date failed = admin.getLastLoginFailedDateTime();
+                                Calendar c = Calendar.getInstance();
+                                c.add(Calendar.HOUR_OF_DAY, -1);
+                                if (failed != null && failed.after(c.getTime()))
+                                        throw new AdminLockedException();
+                                else
+                                        updateLoginFailures(admin, true);
+                        }
 
                         admin.setLastLoginDateTime(new Date());

kraken-dom/src/main/java/org/krakenapps/dom/api/impl/UserApiImpl.java

@@ -180 +180 @@
         private void createUserInternal(User user) {
                 EntityManager em = entityManagerService.getEntityManager();
+                user.setPassword(hashPassword(user.getSalt(), user.getPassword()));
                 user.setCreateDateTime(new Date());
                 user.setUpdateDateTime(new Date());

kraken-dom/src/main/java/org/krakenapps/dom/model/Admin.java

@@ -67 +67 @@
         private int loginFailures;
 
+        @Column(name = "last_login_failed_at")
+        private Date lastLoginFailedDateTime;
+
         @Column(name = "use_idle_timeout", nullable = false)
         private boolean useIdleTimeout;
@@ -149 +152 @@
         public void setLoginFailures(int loginFailures) {
                 this.loginFailures = loginFailures;
+        }
+
+        public Date getLastLoginFailedDateTime() {
+                return lastLoginFailedDateTime;
+        }
+
+        public void setLastLoginFailedDateTime(Date lastLoginFailedDateTime) {
+                this.lastLoginFailedDateTime = lastLoginFailedDateTime;
         }
 
@@ -247 +258 @@
                 m.put("login_lock_count", loginLockCount);
                 m.put("login_failures", loginFailures);
+                m.put("last_login_failed_at", lastLoginFailedDateTime);
                 m.put("use_idle_timeout", useIdleTimeout);
                 m.put("idle_timeout", idleTimeout);