Added user login endpoint.

2015-03-07 14:18:05 -06:00
parent 66cd8f579a
commit e13bf171b1
3 changed files with 39 additions and 4 deletions
--- a/src/main/groovy/com/jdbernard/nlsongs/model/UserCredentials.groovy
+++ b/src/main/groovy/com/jdbernard/nlsongs/model/UserCredentials.groovy
@@ -0,0 +1,6 @@
+package com.jdbernard.nlsongs.model
+
+public class UserCredentials {
+    String username
+    String password
+}
--- a/src/main/groovy/com/jdbernard/nlsongs/rest/UsersResource.java
+++ b/src/main/groovy/com/jdbernard/nlsongs/rest/UsersResource.java
@@ -19,8 +19,11 @@ import javax.ws.rs.core.SecurityContext;

 import com.jdbernard.nlsongs.servlet.NLSongsContext;
 import com.jdbernard.nlsongs.model.User;
+import com.jdbernard.nlsongs.model.UserCredentials;
 import com.jdbernard.nlsongs.model.Token;

+import static javax.ws.rs.core.Response.Status.*;
+
@Path("v1/users") @AllowCors @PermitAll
@Produces({MediaType.APPLICATION_JSON})
@Consumes({MediaType.APPLICATION_JSON})
@@ -47,7 +50,7 @@ public class UsersResource {
            return Response.ok(
                NLSongsContext.songsDB.findUser(username)).build(); }

-        else return Response.status(Response.Status.FORBIDDEN).build(); }
+        else return Response.status(FORBIDDEN).build(); }


    @PUT @Path("/{username}")
@@ -62,7 +65,7 @@ public class UsersResource {

            return Response.ok(user).build(); }

-        else return Response.status(Response.Status.FORBIDDEN).build(); }
+        else return Response.status(FORBIDDEN).build(); }

    @DELETE @Path("/{username}")
    public Response deleteUser(@PathParam("username") String username) {
@@ -73,11 +76,36 @@ public class UsersResource {
            secCtx.isUserInRole("admin")) {

            User user = NLSongsContext.songsDB.findUser(username);
-            
+
            if (user != null) NLSongsContext.songsDB.delete(user);

            return Response.ok(user).build(); }

-        else return Response.status(Response.Status.FORBIDDEN).build(); }
+        else return Response.status(FORBIDDEN).build(); }

+    @POST @Path("/login")
+    public Response postLogin(UserCredentials cred) {
+        User user = NLSongsContext.songsDB.findUser(cred.getUsername());
+        if (!user.checkPwd(cred.getPassword())) {
+            return Response.status(UNAUTHORIZED).build(); }
+        else {
+            // Look for a token already belonging to this user.
+            Token token = NLSongsContext.songsDB.findTokenForUser(user);
+
+            // If there is no token, create a new one.
+            if (token == null) token = new Token(user);
+
+            // If the token has expired, delete it and create a new one.
+            else if (token.getExpires().compareTo(new Date()) < 0) {
+                NLSongsContext.songsDB.delete(token);
+                token = new Token(user); }
+
+            // If the token exists and is still good refresh it and keep using
+            // it.
+            else token.refresh();
+
+            // Save our updated token and return it.
+            NLSongsContext.songsDB.save(token);
+
+            return Response.ok(token).build(); } }
 }