2 * Copyright (C) 2016, 2017 Roland Häder
4 * This program is free software: you can redistribute it and/or modify
5 * it under the terms of the GNU Affero General Public License as
6 * published by the Free Software Foundation, either version 3 of the
7 * License, or (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU Affero General Public License for more details.
14 * You should have received a copy of the GNU Affero General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 package org.mxchange.jusercore.model.user.login;
19 import java.text.MessageFormat;
21 import javax.ejb.Stateless;
22 import org.mxchange.jjobs.database.BaseJobsDatabaseBean;
23 import org.mxchange.jusercore.container.login.LoginContainer;
24 import org.mxchange.jusercore.exceptions.UserNotFoundException;
25 import org.mxchange.jusercore.exceptions.UserPasswordMismatchException;
26 import org.mxchange.jusercore.exceptions.UserStatusLockedException;
27 import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
28 import org.mxchange.jusercore.model.login.user.UserLoginSessionBeanRemote;
29 import org.mxchange.jusercore.model.user.User;
30 import org.mxchange.jusercore.model.user.UserSessionBeanRemote;
31 import org.mxchange.jusercore.model.user.UserUtils;
32 import org.mxchange.jusercore.model.user.register.UserRegistrationSessionBeanRemote;
33 import org.mxchange.jusercore.model.user.status.UserAccountStatus;
36 * A session EJB for user logins
38 * @author Roland Häder<roland@mxchange.org>
40 @Stateless (name = "userLogin", description = "A bean handling the user login for Financials project")
41 public class JobsUserLoginSessionBean extends BaseJobsDatabaseBean implements UserLoginSessionBeanRemote {
46 private static final long serialVersionUID = 21_785_978_127_581_965L;
52 private UserRegistrationSessionBeanRemote registerBean;
58 private UserSessionBeanRemote userBean;
63 public JobsUserLoginSessionBean () {
64 // Call super constructor
69 public User validateUserAccountStatus (final LoginContainer container) throws UserNotFoundException, UserStatusLockedException, UserStatusUnconfirmedException, UserPasswordMismatchException {
71 this.getLoggerBeanLocal().logTrace(MessageFormat.format("{0}.loginUser: container={1} - CALLED!", this.getClass().getSimpleName(), container)); //NOI18N
74 assert (this.userBean instanceof UserSessionBeanRemote) : "this.userBean is not set"; //NOI18N
75 assert (this.registerBean instanceof UserRegistrationSessionBeanRemote) : "this.registerBean is not set"; //NOI18N
77 // user should not be null
78 if (null == container) {
80 throw new NullPointerException("container is null"); //NOI18N
81 } else if (container.getUser() == null) {
83 throw new NullPointerException("container.user is null"); //NOI18N
84 } else if (container.getUserPassword() == null) {
86 throw new NullPointerException("container.userPassword is null"); //NOI18N
87 } else if (container.getUserPassword().isEmpty()) {
88 // Empty password is not allowed, hardcoded.
89 throw new IllegalArgumentException("container.userPassword is empty"); //NOI18N
92 // Is the account there?
93 if (!this.registerBean.isUserNameRegistered(container.getUser())) {
95 throw new UserNotFoundException(container.getUser());
98 // Get user instance from persistance
99 User updatedUser = this.userBean.fillUserData(container.getUser());
102 this.getLoggerBeanLocal().logDebug(MessageFormat.format("loginUser: updatedUser={0}", updatedUser)); //NOI18N
104 // Is the user account unconfirmed?
105 if (updatedUser.getUserAccountStatus().equals(UserAccountStatus.UNCONFIRMED)) {
107 throw new UserStatusUnconfirmedException(container.getUser());
108 } else if (updatedUser.getUserAccountStatus().equals(UserAccountStatus.LOCKED)) {
110 throw new UserStatusLockedException(container.getUser());
111 } else if (!this.isPasswordMatching(container, updatedUser)) {
112 // Not matcing passwords
113 throw new UserPasswordMismatchException(container.getUser());
117 this.getLoggerBeanLocal().logTrace(MessageFormat.format("{0}.loginUser: updatedUser={1} - EXIT!", this.getClass().getSimpleName(), updatedUser)); //NOI18N
124 * Checks if password matches of both instances. Both user instances must
125 * not match, the first one is the one from the calling bean/controller, the
126 * second is the from database.
128 * @param container Container instance holding the user instance and
129 * clear-text password
130 * @param updatedUser Updated user instance found for given user name
132 * @return Whether the password matches
134 private boolean isPasswordMatching (final LoginContainer container, final User updatedUser) {
135 // First math both instances
136 if (null == container) {
138 throw new NullPointerException("container is null"); //NOI18N
139 } else if (null == updatedUser) {
141 throw new NullPointerException("updatedUser is null"); //NOI18N
142 } else if (container.getUser().equals(updatedUser)) {
143 // Both same instance!
144 throw new IllegalArgumentException(MessageFormat.format("container.user matches updatedUser: {0}", container.getUser())); //NOI18N
147 // Is it the same same password?
148 return UserUtils.ifPasswordMatches(container, updatedUser);