Added user login endpoint.

This commit is contained in:
Jonathan Bernard 2015-03-07 14:18:05 -06:00
parent 66cd8f579a
commit e13bf171b1
3 changed files with 39 additions and 4 deletions

View File

@ -0,0 +1,6 @@
package com.jdbernard.nlsongs.model
public class UserCredentials {
String username
String password
}

View File

@ -19,8 +19,11 @@ import javax.ws.rs.core.SecurityContext;
import com.jdbernard.nlsongs.servlet.NLSongsContext; import com.jdbernard.nlsongs.servlet.NLSongsContext;
import com.jdbernard.nlsongs.model.User; import com.jdbernard.nlsongs.model.User;
import com.jdbernard.nlsongs.model.UserCredentials;
import com.jdbernard.nlsongs.model.Token; import com.jdbernard.nlsongs.model.Token;
import static javax.ws.rs.core.Response.Status.*;
@Path("v1/users") @AllowCors @PermitAll @Path("v1/users") @AllowCors @PermitAll
@Produces({MediaType.APPLICATION_JSON}) @Produces({MediaType.APPLICATION_JSON})
@Consumes({MediaType.APPLICATION_JSON}) @Consumes({MediaType.APPLICATION_JSON})
@ -47,7 +50,7 @@ public class UsersResource {
return Response.ok( return Response.ok(
NLSongsContext.songsDB.findUser(username)).build(); } NLSongsContext.songsDB.findUser(username)).build(); }
else return Response.status(Response.Status.FORBIDDEN).build(); } else return Response.status(FORBIDDEN).build(); }
@PUT @Path("/{username}") @PUT @Path("/{username}")
@ -62,7 +65,7 @@ public class UsersResource {
return Response.ok(user).build(); } return Response.ok(user).build(); }
else return Response.status(Response.Status.FORBIDDEN).build(); } else return Response.status(FORBIDDEN).build(); }
@DELETE @Path("/{username}") @DELETE @Path("/{username}")
public Response deleteUser(@PathParam("username") String username) { public Response deleteUser(@PathParam("username") String username) {
@ -73,11 +76,36 @@ public class UsersResource {
secCtx.isUserInRole("admin")) { secCtx.isUserInRole("admin")) {
User user = NLSongsContext.songsDB.findUser(username); User user = NLSongsContext.songsDB.findUser(username);
if (user != null) NLSongsContext.songsDB.delete(user); if (user != null) NLSongsContext.songsDB.delete(user);
return Response.ok(user).build(); } return Response.ok(user).build(); }
else return Response.status(Response.Status.FORBIDDEN).build(); } else return Response.status(FORBIDDEN).build(); }
@POST @Path("/login")
public Response postLogin(UserCredentials cred) {
User user = NLSongsContext.songsDB.findUser(cred.getUsername());
if (!user.checkPwd(cred.getPassword())) {
return Response.status(UNAUTHORIZED).build(); }
else {
// Look for a token already belonging to this user.
Token token = NLSongsContext.songsDB.findTokenForUser(user);
// If there is no token, create a new one.
if (token == null) token = new Token(user);
// If the token has expired, delete it and create a new one.
else if (token.getExpires().compareTo(new Date()) < 0) {
NLSongsContext.songsDB.delete(token);
token = new Token(user); }
// If the token exists and is still good refresh it and keep using
// it.
else token.refresh();
// Save our updated token and return it.
NLSongsContext.songsDB.save(token);
return Response.ok(token).build(); } }
} }

View File

@ -1,6 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?> <?xml version="1.0" encoding="UTF-8"?>
<!-- This web.xml file is not required when using Servlet 3.0 container, <!-- This web.xml file is not required when using Servlet 3.0 container,
see implementation details http://jersey.java.net/nonav/documentation/latest/jax-rs.html --> see implementation details http://jersey.java.net/nonav/documentation/latest/jax-rs.html -->
<!-- PRODUCTION -->
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5"> <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
<context-param> <context-param>
<param-name>context.config.file</param-name> <param-name>context.config.file</param-name>