steleks-university-project
/
steleks_backend
Archived
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This repository has been archived on 2022-07-05. You can view files and clone it, but cannot push or open issues/pull-requests.
steleks_backend/users/src/main/java/ba/steleks/controller/AuthenticationController.java

66 lines
2.6 KiB
Java
Raw Blame History

package ba.steleks.controller;
import ba.steleks.error.exception.CustomHttpStatusException;
import ba.steleks.model.AuthRequest;
import ba.steleks.model.User;
import ba.steleks.repository.UsersJpaRepository;
import ba.steleks.security.SessionIdentifierGenerator;
import ba.steleks.security.token.TokenStore;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
import java.util.HashMap;
import java.util.Map;
/**
* Created by admin on 13/05/2017.
*/
@RestController
public class AuthenticationController {
private UsersJpaRepository usersJpaRepository;
private PasswordEncoder passwordEncoder;
private TokenStore tokenStore;
@Autowired
public AuthenticationController(UsersJpaRepository usersJpaRepository, PasswordEncoder passwordEncoder, TokenStore tokenStore) {
this.usersJpaRepository = usersJpaRepository;
this.passwordEncoder = passwordEncoder;
this.tokenStore = tokenStore;
}
@RequestMapping(path = "/accesstoken", method = RequestMethod.POST)
public ResponseEntity<?> generateToken(@RequestBody AuthRequest body) {
if(body.getUsername() == null || body.getPassword() == null) {
throw new CustomHttpStatusException(HttpStatus.BAD_REQUEST,
"'username' and 'password' fields are mandatory!");
}
User user = usersJpaRepository.findByUsername(body.getUsername());
if(user == null) {
throw new CustomHttpStatusException(HttpStatus.NOT_FOUND,
"User with username " + body.getUsername() + " not found!");
}
if (passwordEncoder.matches(body.getPassword(), user.getPasswordHash())) {
String token = new SessionIdentifierGenerator().nextSessionId();
tokenStore.saveToken(user.getId(), token);
Map<String, String> response = new HashMap<>();
response.put("token", token);
response.put("userId", String.valueOf(user.getId()));
return ResponseEntity
.ok()
.body(response);
} else {
throw new CustomHttpStatusException(HttpStatus.UNAUTHORIZED,
"Invalid password!");
}
}
}
Reference in New Issue View Git Blame Copy Permalink