package de.fd.fh.server.access; import de.fd.fh.server.access.events.AccountCreatedEvent; import de.fd.fh.server.access.events.AccountDeletedEvent; import de.fd.fh.server.user.UserId; import de.fd.fh.shared.network.messages.LoginRequest; import de.fd.fh.shared.network.messages.RegistrateRequest; import lombok.RequiredArgsConstructor; import org.bson.types.ObjectId; import java.util.Base64; import java.util.Observable; import static spark.Spark.halt; @RequiredArgsConstructor public class AccessService extends Observable { private final AccessRepository accessRepository; public AccessToken before(final String path, final String token) { System.out.println("Pfad: " + path); if (!(path.equals("/accounts/login") || path.equals("/accounts/registrate") )) { final AccessToken accessToken = authenticate(token); if (accessToken == null) { halt(401); } return accessToken; } return null; } private AccessToken authenticate(final String bearerToken) { return accessRepository.findByToken(bearerToken.substring("Bearer ".length())).getToken(); } public boolean createPlayer(RegistrateRequest message) { System.out.println("createPlayer: " + message); if (userNameDoesNotExist(message.getUserName())) { System.out.println("Name does exist."); return false; } final Access access = new Access( new ObjectId().toHexString(), message.getUserName(), message.getPassword(), UserId.random(), null, Role.USER ); accessRepository.save(access); setChanged(); notifyObservers(new AccountCreatedEvent(access.getName(), access.getUserId())); System.out.println("DBLogin: " + access); return true; } private boolean userNameDoesNotExist(final String name) { final Access user = accessRepository.findByUserName(name); return user != null; } public boolean logout(final String header) { try { final Access access = accessRepository.findByToken(header.substring("Bearer ".length())); access.removeToken(); accessRepository.save(access); return true; } catch (final Exception e) { e.printStackTrace(); return false; } } public LoginRequest authorization(final String header) { System.out.println("authorization"); final String auth = header.substring("Basic ".length()); try { byte[] message = Base64.getDecoder().decode(auth); String messageStr = new String(message); String[] user_password = messageStr.split(":"); final Access access = accessRepository.findByUserName(user_password[0]); System.out.println(access.getName()); if (user_password[1].equals(access.getPassword())) { access.setToken(AccessToken.of(access)); accessRepository.save(access); final LoginRequest loginRequest = new LoginRequest(); loginRequest.setUserId(access.getUserId().getIdentifier()); loginRequest.setToken(access.getToken().getToken()); loginRequest.setName(access.getName()); return loginRequest; } return null; } catch (final Exception e) { e.printStackTrace(); return null; } } public boolean deleteAccount(final UserId userId, final AccessToken token) { if (!token.getUserId().getIdentifier() .equals(userId.getIdentifier())) { return false; } if (accessRepository.deleteLoginByUserId(userId).wasAcknowledged()) { setChanged(); notifyObservers(new AccountDeletedEvent(userId)); return true; } return false; } }