[Notice] Announcing the End of Demo Server [Read me]
Sangcheol Hwang
2012-09-14
remember me
@e459c785589641d1568f8b3c8186fafb63ca8f5f
--- app/controllers/Application.java
+++ app/controllers/Application.java
... | ... | @@ -13,7 +13,9 @@ |
| 13 | 13 |
|
| 14 | 14 |
public class Application extends Controller {
|
| 15 | 15 |
|
| 16 |
- public static Result index() {
|
|
| 16 |
+ public static Result index() {
|
|
| 17 |
+ UserApp.isRememberMe(); |
|
| 18 |
+ |
|
| 17 | 19 |
if (session().containsKey("userId")) {
|
| 18 | 20 |
String userId = session().get("userId");
|
| 19 | 21 |
if(StringUtils.isNumber(userId)) {
|
... | ... | @@ -24,6 +26,7 @@ |
| 24 | 26 |
return ok(index.render(projects)); |
| 25 | 27 |
} |
| 26 | 28 |
} |
| 29 |
+ |
|
| 27 | 30 |
return ok(index.render(null)); |
| 28 | 31 |
} |
| 29 | 32 |
}(No newline at end of file) |
--- app/controllers/UserApp.java
+++ app/controllers/UserApp.java
... | ... | @@ -2,11 +2,20 @@ |
| 2 | 2 |
|
| 3 | 3 |
import models.User; |
| 4 | 4 |
|
| 5 |
+import org.apache.shiro.SecurityUtils; |
|
| 6 |
+import org.apache.shiro.authc.AuthenticationException; |
|
| 7 |
+import org.apache.shiro.authc.IncorrectCredentialsException; |
|
| 8 |
+import org.apache.shiro.authc.LockedAccountException; |
|
| 9 |
+import org.apache.shiro.authc.UnknownAccountException; |
|
| 5 | 10 |
import org.apache.shiro.authc.UsernamePasswordToken; |
| 11 |
+import org.apache.shiro.config.IniSecurityManagerFactory; |
|
| 6 | 12 |
import org.apache.shiro.crypto.RandomNumberGenerator; |
| 7 | 13 |
import org.apache.shiro.crypto.SecureRandomNumberGenerator; |
| 8 | 14 |
import org.apache.shiro.crypto.hash.Sha256Hash; |
| 15 |
+import org.apache.shiro.mgt.SecurityManager; |
|
| 16 |
+import org.apache.shiro.subject.Subject; |
|
| 9 | 17 |
import org.apache.shiro.util.ByteSource; |
| 18 |
+import org.apache.shiro.util.Factory; |
|
| 10 | 19 |
|
| 11 | 20 |
import play.Logger; |
| 12 | 21 |
import play.data.Form; |
... | ... | @@ -21,29 +30,18 @@ |
| 21 | 30 |
|
| 22 | 31 |
public static final String SESSION_USERID = "userId"; |
| 23 | 32 |
public static final String SESSION_USERNAME = "userName"; |
| 24 |
- public static final String SUBJECT = "nforge.subject"; |
|
| 33 |
+ public static final String TOKEN = "nforge.token"; |
|
| 34 |
+ public static final int MAX_AGE = 30*24*60*60; |
|
| 25 | 35 |
|
| 26 | 36 |
public static User anonymous = new User(); |
| 27 | 37 |
|
| 28 | 38 |
public static Result login() {
|
| 29 |
- // Remember Me |
|
| 30 |
- Cookie cookie = request().cookies().get(SUBJECT); |
|
| 31 |
- if (cookie != null) {
|
|
| 32 |
- String value = cookie.value(); |
|
| 33 |
- Logger.debug(value); |
|
| 34 |
- String[] subject = value.split(":");
|
|
| 35 |
- |
|
| 36 |
- User user = User.findByLoginId(subject[0]); |
|
| 37 |
- setUserInfoInSession(user); |
|
| 38 |
- return redirect(routes.Application.index()); |
|
| 39 |
- } |
|
| 40 |
- |
|
| 41 | 39 |
return ok(login.render("title.login", form(User.class)));
|
| 42 | 40 |
} |
| 43 | 41 |
|
| 44 | 42 |
public static Result logout() {
|
| 45 | 43 |
session().clear(); |
| 46 |
- response().discardCookies(SUBJECT); |
|
| 44 |
+ response().discardCookies(TOKEN); |
|
| 47 | 45 |
|
| 48 | 46 |
flash(Constants.SUCCESS, "user.logout.success"); |
| 49 | 47 |
return redirect(routes.Application.index()); |
... | ... | @@ -52,17 +50,40 @@ |
| 52 | 50 |
public static Result authenticate() {
|
| 53 | 51 |
User sourceUser = form(User.class).bindFromRequest().get(); |
| 54 | 52 |
|
| 55 |
- UsernamePasswordToken token = new UsernamePasswordToken(sourceUser.loginId, |
|
| 56 |
- sourceUser.password); |
|
| 57 |
- token.setRememberMe(sourceUser.rememberMe); |
|
| 58 |
- // Subject currentUser = SecurityUtils.getSubject(); |
|
| 53 |
+ Factory<SecurityManager> factory = new IniSecurityManagerFactory("classpath:shiro.ini");
|
|
| 54 |
+ SecurityManager securityManager = factory.getInstance(); |
|
| 55 |
+ SecurityUtils.setSecurityManager(securityManager); |
|
| 59 | 56 |
|
| 60 |
- User authenticate = authenticate(sourceUser); |
|
| 57 |
+ Subject currentUser = SecurityUtils.getSubject(); |
|
| 58 |
+ if(!currentUser.isAuthenticated()) {
|
|
| 59 |
+ UsernamePasswordToken token = new UsernamePasswordToken(sourceUser.loginId, |
|
| 60 |
+ sourceUser.password); |
|
| 61 |
+ token.setRememberMe(sourceUser.rememberMe); |
|
| 62 |
+ |
|
| 63 |
+ Object principal = token.getPrincipal(); |
|
| 64 |
+ |
|
| 65 |
+ try {
|
|
| 66 |
+ currentUser.login(token); |
|
| 67 |
+ } catch (UnknownAccountException uae) {
|
|
| 68 |
+ Logger.info("There is no user with username of " + token.getPrincipal());
|
|
| 69 |
+ } catch (IncorrectCredentialsException ice) {
|
|
| 70 |
+ Logger.info("Password for account " + token.getPrincipal() + " was incorrect!");
|
|
| 71 |
+ } catch (LockedAccountException lae) {
|
|
| 72 |
+ Logger.info("The account for username " + token.getPrincipal() + " is locked. " +
|
|
| 73 |
+ "Please contact your administrator to unlock it."); |
|
| 74 |
+ } |
|
| 75 |
+ // ... catch more exceptions here (maybe custom ones specific to your application? |
|
| 76 |
+ catch (AuthenticationException ae) {
|
|
| 77 |
+ //unexpected condition? error? |
|
| 78 |
+ } |
|
| 79 |
+ } |
|
| 80 |
+ |
|
| 81 |
+ User authenticate = authenticateWithPlainPassword(sourceUser.loginId, sourceUser.password); |
|
| 61 | 82 |
|
| 62 | 83 |
if(authenticate!=null) {
|
| 63 | 84 |
setUserInfoInSession(authenticate); |
| 64 | 85 |
if (sourceUser.rememberMe) {
|
| 65 |
- rememberMe(authenticate); |
|
| 86 |
+ setupRememberMe(authenticate); |
|
| 66 | 87 |
} |
| 67 | 88 |
return redirect(routes.Application.index()); |
| 68 | 89 |
} |
... | ... | @@ -71,15 +92,24 @@ |
| 71 | 92 |
return redirect(routes.UserApp.login()); |
| 72 | 93 |
} |
| 73 | 94 |
|
| 74 |
- public static User authenticate(User user) {
|
|
| 75 |
- User targetUser = User.findByLoginId(user.loginId); |
|
| 76 |
- if (targetUser != null) {
|
|
| 77 |
- if (targetUser.password.equals(hashedPassword(user.password, |
|
| 78 |
- targetUser.passwordSalt))) {
|
|
| 79 |
- return targetUser; |
|
| 95 |
+ public static User authenticateWithHashedPassword(String loginId, String password) {
|
|
| 96 |
+ User user = User.findByLoginId(loginId); |
|
| 97 |
+ if (user != null) {
|
|
| 98 |
+ if (user.password.equals(password)) {
|
|
| 99 |
+ return user; |
|
| 80 | 100 |
} |
| 81 | 101 |
} |
| 82 |
- |
|
| 102 |
+ return null; |
|
| 103 |
+ } |
|
| 104 |
+ |
|
| 105 |
+ public static User authenticateWithPlainPassword(String loginId, String password) {
|
|
| 106 |
+ User user = User.findByLoginId(loginId); |
|
| 107 |
+ if (user != null) {
|
|
| 108 |
+ if (user.password.equals(hashedPassword(password, |
|
| 109 |
+ user.passwordSalt))) {
|
|
| 110 |
+ return user; |
|
| 111 |
+ } |
|
| 112 |
+ } |
|
| 83 | 113 |
return null; |
| 84 | 114 |
} |
| 85 | 115 |
|
... | ... | @@ -88,9 +118,24 @@ |
| 88 | 118 |
return new Sha256Hash(plaintextPassword, |
| 89 | 119 |
ByteSource.Util.bytes(passwordSalt), 1024).toBase64(); |
| 90 | 120 |
} |
| 121 |
+ |
|
| 122 |
+ public static boolean isRememberMe() {
|
|
| 123 |
+ // Remember Me |
|
| 124 |
+ Cookie cookie = request().cookies().get(TOKEN); |
|
| 125 |
+ |
|
| 126 |
+ if (cookie != null) {
|
|
| 127 |
+ String[] subject = cookie.value().split(":");
|
|
| 128 |
+ User user = authenticateWithHashedPassword(subject[0], subject[1]); |
|
| 129 |
+ if(user!=null) {
|
|
| 130 |
+ setUserInfoInSession(user); |
|
| 131 |
+ } |
|
| 132 |
+ return true; |
|
| 133 |
+ } |
|
| 134 |
+ return false; |
|
| 135 |
+ } |
|
| 91 | 136 |
|
| 92 |
- private static void rememberMe(User user) {
|
|
| 93 |
- response().setCookie(SUBJECT, user.loginId + ":" + "123456789"); |
|
| 137 |
+ private static void setupRememberMe(User user) {
|
|
| 138 |
+ response().setCookie(TOKEN, user.loginId + ":" + user.password, MAX_AGE); |
|
| 94 | 139 |
Logger.debug("remember me enabled");
|
| 95 | 140 |
} |
| 96 | 141 |
|
--- app/utils/BasicAuthAction.java
+++ app/utils/BasicAuthAction.java
... | ... | @@ -78,7 +78,7 @@ |
| 78 | 78 |
} |
| 79 | 79 |
|
| 80 | 80 |
if (authUser != null) {
|
| 81 |
- User authenticate = UserApp.authenticate(authUser); |
|
| 81 |
+ User authenticate = UserApp.authenticateWithPlainPassword(authUser.loginId, authUser.password); |
|
| 82 | 82 |
if(authenticate!=null) {
|
| 83 | 83 |
context.session().put(UserApp.SESSION_USERID, String.valueOf(authenticate.id)); |
| 84 | 84 |
context.session().put(UserApp.SESSION_USERNAME, authenticate.name); |
+++ conf/shiro.ini
... | ... | @@ -0,0 +1,25 @@ |
| 1 | +# ============================================================================= | |
| 2 | +# Tutorial INI configuration | |
| 3 | +# | |
| 4 | +# Usernames/passwords are based on the classic Mel Brooks' film "Spaceballs" :) | |
| 5 | +# ============================================================================= | |
| 6 | + | |
| 7 | +# ----------------------------------------------------------------------------- | |
| 8 | +# Users and their (optional) assigned roles | |
| 9 | +# username = password, role1, role2, ..., roleN | |
| 10 | +# ----------------------------------------------------------------------------- | |
| 11 | +[users] | |
| 12 | +root = secret, admin | |
| 13 | +guest = guest, guest | |
| 14 | +presidentskroob = 12345, president | |
| 15 | +darkhelmet = ludicrousspeed, darklord, schwartz | |
| 16 | +lonestarr = vespa, goodguy, schwartz | |
| 17 | + | |
| 18 | +# ----------------------------------------------------------------------------- | |
| 19 | +# Roles with assigned permissions | |
| 20 | +# roleName = perm1, perm2, ..., permN | |
| 21 | +# ----------------------------------------------------------------------------- | |
| 22 | +[roles] | |
| 23 | +admin = * | |
| 24 | +schwartz = lightsaber:* | |
| 25 | +goodguy = winnebago:drive:eagle5 |
Add a comment
Delete comment
Once you delete this comment, you won't be able to recover it. Are you sure you want to delete this comment?