Added user login endpoint.
This commit is contained in:
parent
66cd8f579a
commit
e13bf171b1
@ -0,0 +1,6 @@
|
|||||||
|
package com.jdbernard.nlsongs.model
|
||||||
|
|
||||||
|
public class UserCredentials {
|
||||||
|
String username
|
||||||
|
String password
|
||||||
|
}
|
@ -19,8 +19,11 @@ import javax.ws.rs.core.SecurityContext;
|
|||||||
|
|
||||||
import com.jdbernard.nlsongs.servlet.NLSongsContext;
|
import com.jdbernard.nlsongs.servlet.NLSongsContext;
|
||||||
import com.jdbernard.nlsongs.model.User;
|
import com.jdbernard.nlsongs.model.User;
|
||||||
|
import com.jdbernard.nlsongs.model.UserCredentials;
|
||||||
import com.jdbernard.nlsongs.model.Token;
|
import com.jdbernard.nlsongs.model.Token;
|
||||||
|
|
||||||
|
import static javax.ws.rs.core.Response.Status.*;
|
||||||
|
|
||||||
@Path("v1/users") @AllowCors @PermitAll
|
@Path("v1/users") @AllowCors @PermitAll
|
||||||
@Produces({MediaType.APPLICATION_JSON})
|
@Produces({MediaType.APPLICATION_JSON})
|
||||||
@Consumes({MediaType.APPLICATION_JSON})
|
@Consumes({MediaType.APPLICATION_JSON})
|
||||||
@ -47,7 +50,7 @@ public class UsersResource {
|
|||||||
return Response.ok(
|
return Response.ok(
|
||||||
NLSongsContext.songsDB.findUser(username)).build(); }
|
NLSongsContext.songsDB.findUser(username)).build(); }
|
||||||
|
|
||||||
else return Response.status(Response.Status.FORBIDDEN).build(); }
|
else return Response.status(FORBIDDEN).build(); }
|
||||||
|
|
||||||
|
|
||||||
@PUT @Path("/{username}")
|
@PUT @Path("/{username}")
|
||||||
@ -62,7 +65,7 @@ public class UsersResource {
|
|||||||
|
|
||||||
return Response.ok(user).build(); }
|
return Response.ok(user).build(); }
|
||||||
|
|
||||||
else return Response.status(Response.Status.FORBIDDEN).build(); }
|
else return Response.status(FORBIDDEN).build(); }
|
||||||
|
|
||||||
@DELETE @Path("/{username}")
|
@DELETE @Path("/{username}")
|
||||||
public Response deleteUser(@PathParam("username") String username) {
|
public Response deleteUser(@PathParam("username") String username) {
|
||||||
@ -73,11 +76,36 @@ public class UsersResource {
|
|||||||
secCtx.isUserInRole("admin")) {
|
secCtx.isUserInRole("admin")) {
|
||||||
|
|
||||||
User user = NLSongsContext.songsDB.findUser(username);
|
User user = NLSongsContext.songsDB.findUser(username);
|
||||||
|
|
||||||
if (user != null) NLSongsContext.songsDB.delete(user);
|
if (user != null) NLSongsContext.songsDB.delete(user);
|
||||||
|
|
||||||
return Response.ok(user).build(); }
|
return Response.ok(user).build(); }
|
||||||
|
|
||||||
else return Response.status(Response.Status.FORBIDDEN).build(); }
|
else return Response.status(FORBIDDEN).build(); }
|
||||||
|
|
||||||
|
@POST @Path("/login")
|
||||||
|
public Response postLogin(UserCredentials cred) {
|
||||||
|
User user = NLSongsContext.songsDB.findUser(cred.getUsername());
|
||||||
|
if (!user.checkPwd(cred.getPassword())) {
|
||||||
|
return Response.status(UNAUTHORIZED).build(); }
|
||||||
|
else {
|
||||||
|
// Look for a token already belonging to this user.
|
||||||
|
Token token = NLSongsContext.songsDB.findTokenForUser(user);
|
||||||
|
|
||||||
|
// If there is no token, create a new one.
|
||||||
|
if (token == null) token = new Token(user);
|
||||||
|
|
||||||
|
// If the token has expired, delete it and create a new one.
|
||||||
|
else if (token.getExpires().compareTo(new Date()) < 0) {
|
||||||
|
NLSongsContext.songsDB.delete(token);
|
||||||
|
token = new Token(user); }
|
||||||
|
|
||||||
|
// If the token exists and is still good refresh it and keep using
|
||||||
|
// it.
|
||||||
|
else token.refresh();
|
||||||
|
|
||||||
|
// Save our updated token and return it.
|
||||||
|
NLSongsContext.songsDB.save(token);
|
||||||
|
|
||||||
|
return Response.ok(token).build(); } }
|
||||||
}
|
}
|
||||||
|
@ -1,6 +1,7 @@
|
|||||||
<?xml version="1.0" encoding="UTF-8"?>
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
<!-- This web.xml file is not required when using Servlet 3.0 container,
|
<!-- This web.xml file is not required when using Servlet 3.0 container,
|
||||||
see implementation details http://jersey.java.net/nonav/documentation/latest/jax-rs.html -->
|
see implementation details http://jersey.java.net/nonav/documentation/latest/jax-rs.html -->
|
||||||
|
<!-- PRODUCTION -->
|
||||||
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
|
<web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" version="2.5">
|
||||||
<context-param>
|
<context-param>
|
||||||
<param-name>context.config.file</param-name>
|
<param-name>context.config.file</param-name>
|
||||||
|
Loading…
Reference in New Issue
Block a user