2 * Copyright (C) 2016 Roland Haeder
4 * This program is free software: you can redistribute it and/or modify
5 * it under the terms of the GNU General Public License as published by
6 * the Free Software Foundation, either version 3 of the License, or
7 * (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
14 * You should have received a copy of the GNU General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 package org.mxchange.jusercore.model.login;
19 import java.text.MessageFormat;
21 import javax.ejb.Stateless;
22 import org.mxchange.jcoreee.database.BaseDatabaseBean;
23 import org.mxchange.jusercore.container.login.LoginContainer;
24 import org.mxchange.jusercore.exceptions.UserNotFoundException;
25 import org.mxchange.jusercore.exceptions.UserPasswordMismatchException;
26 import org.mxchange.jusercore.exceptions.UserStatusLockedException;
27 import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
28 import org.mxchange.jusercore.model.register.UserRegistrationSessionBeanRemote;
29 import org.mxchange.jusercore.model.user.User;
30 import org.mxchange.jusercore.model.user.UserSessionBeanRemote;
31 import org.mxchange.jusercore.model.user.UserUtils;
32 import org.mxchange.jusercore.model.user.status.UserAccountStatus;
35 * A session bean for user logins
37 * @author Roland Haeder<roland@mxchange.org>
39 @Stateless (name = "login", mappedName = "ejb/stateless-jjobs-login", description = "A bean handling the user login")
40 public class JobsUserLoginSessionBean extends BaseDatabaseBean implements UserLoginSessionBeanRemote {
45 private static final long serialVersionUID = 21_785_978_127_581_965L;
51 private UserRegistrationSessionBeanRemote registerBean;
57 private UserSessionBeanRemote userBean;
60 public User validateUserAccountStatus (final LoginContainer container) throws UserNotFoundException, UserStatusLockedException, UserStatusUnconfirmedException, UserPasswordMismatchException {
62 this.getLoggerBeanLocal().logTrace(MessageFormat.format("loginUser: container={0} - CALLED!", container)); //NOI18N
65 assert(this.userBean instanceof UserSessionBeanRemote) : "this.userBean is not set"; //NOI18N
66 assert(this.registerBean instanceof UserRegistrationSessionBeanRemote) : "this.registerBean is not set"; //NOI18N
68 // user should not be null
69 if (null == container) {
71 throw new NullPointerException("container is null"); //NOI18N
72 } else if (container.getUser() == null) {
74 throw new NullPointerException("container.user is null"); //NOI18N
75 } else if (container.getUserPassword() == null) {
77 throw new NullPointerException("container.userPassword is null"); //NOI18N
78 } else if (container.getUserPassword().isEmpty()) {
79 // Empty password is not allowed, hardcoded.
80 throw new IllegalArgumentException("container.userPassword is empty"); //NOI18N
83 // Is the account there?
84 if (!this.registerBean.isUserNameRegistered(container.getUser())) {
86 throw new UserNotFoundException(container.getUser());
89 // Get user instance from persistance
90 User updatedUser = this.userBean.fillUserData(container.getUser());
93 this.getLoggerBeanLocal().logDebug(MessageFormat.format("loginUser: updatedUser={0}", updatedUser)); //NOI18N
95 // Is the user account unconfirmed?
96 if (updatedUser.getUserAccountStatus().equals(UserAccountStatus.UNCONFIRMED)) {
98 throw new UserStatusUnconfirmedException(container.getUser());
99 } else if (updatedUser.getUserAccountStatus().equals(UserAccountStatus.LOCKED)) {
101 throw new UserStatusLockedException(container.getUser());
102 } else if (!this.isPasswordMatching(container, updatedUser)) {
103 // Not matcing passwords
104 throw new UserPasswordMismatchException(container.getUser());
108 this.getLoggerBeanLocal().logTrace(MessageFormat.format("loginUser: updatedUser={0} - EXIT!", updatedUser)); //NOI18N
115 * Checks if password matches of both instances. Both user instances must
116 * not match, the first one is the one from the calling bean/controller, the
117 * second is the from database.
119 * @param container Container instance holding the user instance and
120 * unencrypted password
121 * @param updatedUser User instance found for given user name
123 * @return Whether the password matches
125 private boolean isPasswordMatching (final LoginContainer container, final User updatedUser) {
126 // First math both instances
127 if (null == container) {
129 throw new NullPointerException("container is null"); //NOI18N
130 } else if (null == updatedUser) {
132 throw new NullPointerException("updatedUser is null"); //NOI18N
133 } else if (container.getUser().equals(updatedUser)) {
134 // Both same instance!
135 throw new IllegalArgumentException(MessageFormat.format("container.user matches updatedUser: {0}", container.getUser())); //NOI18N
138 // Is it the same same password?
139 return UserUtils.ifPasswordMatches(container, updatedUser);