You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
152 lines
4.2 KiB
152 lines
4.2 KiB
package de.fd.fh.server.access;
|
|
|
|
import de.fd.fh.server.access.events.AccountCreatedEvent;
|
|
import de.fd.fh.server.access.events.AccountDeletedEvent;
|
|
import de.fd.fh.server.user.UserId;
|
|
import de.fd.fh.shared.network.messages.LoginRequest;
|
|
import de.fd.fh.shared.network.messages.RegistrateRequest;
|
|
import lombok.RequiredArgsConstructor;
|
|
import org.bson.types.ObjectId;
|
|
|
|
import java.util.Base64;
|
|
import java.util.Observable;
|
|
|
|
import static spark.Spark.halt;
|
|
|
|
@RequiredArgsConstructor
|
|
public class AccessService extends Observable
|
|
{
|
|
private final AccessRepository accessRepository;
|
|
|
|
public AccessToken before(final String path, final String token) {
|
|
System.out.println("Pfad: " + path);
|
|
if (!(path.equals("/accounts/login")
|
|
|| path.equals("/accounts/registrate")
|
|
))
|
|
{
|
|
final AccessToken accessToken = authenticate(token);
|
|
|
|
if (accessToken == null)
|
|
{
|
|
halt(401);
|
|
}
|
|
return accessToken;
|
|
}
|
|
return null;
|
|
}
|
|
|
|
private AccessToken authenticate(final String bearerToken)
|
|
{
|
|
return accessRepository.findByToken(bearerToken.substring("Bearer ".length())).getToken();
|
|
}
|
|
|
|
public boolean createPlayer(RegistrateRequest message)
|
|
{
|
|
System.out.println("createPlayer: " + message);
|
|
|
|
if (userNameDoesNotExist(message.getUserName()))
|
|
{
|
|
System.out.println("Name does exist.");
|
|
return false;
|
|
}
|
|
|
|
final Access access = new Access(
|
|
new ObjectId().toHexString(),
|
|
message.getUserName(),
|
|
message.getPassword(),
|
|
UserId.random(),
|
|
null,
|
|
Role.USER
|
|
);
|
|
|
|
accessRepository.save(access);
|
|
|
|
setChanged();
|
|
notifyObservers(new AccountCreatedEvent(access.getName(),
|
|
access.getUserId()));
|
|
|
|
System.out.println("DBLogin: " + access);
|
|
|
|
return true;
|
|
}
|
|
|
|
private boolean userNameDoesNotExist(final String name)
|
|
{
|
|
final Access user = accessRepository.findByUserName(name);
|
|
return user != null;
|
|
}
|
|
|
|
public boolean logout(final String header)
|
|
{
|
|
try
|
|
{
|
|
System.out.println("logout " + header);
|
|
|
|
final Access access = accessRepository.findByToken(header.substring("Bearer ".length()));
|
|
|
|
access.removeToken();
|
|
|
|
accessRepository.save(access);
|
|
|
|
return true;
|
|
} catch (Exception e)
|
|
{
|
|
e.printStackTrace();
|
|
|
|
return false;
|
|
}
|
|
}
|
|
|
|
public LoginRequest authorization(final String header)
|
|
{
|
|
System.out.println("authorization");
|
|
final String auth = header.substring("Basic ".length());
|
|
|
|
try
|
|
{
|
|
byte[] message = Base64.getDecoder().decode(auth);
|
|
|
|
String messageStr = new String(message);
|
|
String[] user_password = messageStr.split(":");
|
|
|
|
final Access access = accessRepository.findByUserName(user_password[0]);
|
|
|
|
System.out.println(access.getName());
|
|
if (user_password[1].equals(access.getPassword()))
|
|
{
|
|
access.setToken(AccessToken.of(access));
|
|
accessRepository.save(access);
|
|
|
|
final LoginRequest loginRequest = new LoginRequest();
|
|
loginRequest.setUserId(access.getUserId().getIdentifier());
|
|
loginRequest.setToken(access.getToken().getToken());
|
|
loginRequest.setName(access.getName());
|
|
|
|
return loginRequest;
|
|
}
|
|
|
|
return null;
|
|
} catch (Exception e)
|
|
{
|
|
e.printStackTrace();
|
|
return null;
|
|
}
|
|
}
|
|
|
|
public boolean deleteAccount(final UserId userId, final AccessToken token)
|
|
{
|
|
if (!token.getUserId().getIdentifier()
|
|
.equals(userId.getIdentifier()))
|
|
{
|
|
return false;
|
|
}
|
|
if (accessRepository.deleteLoginByUserId(userId).wasAcknowledged())
|
|
{
|
|
setChanged();
|
|
notifyObservers(new AccountDeletedEvent(userId));
|
|
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
}
|