import javax.naming.InitialContext;
import javax.naming.NamingException;
import org.mxchange.addressbook.beans.BaseAddressbookController;
-import org.mxchange.addressbook.beans.login.user.AddressbookUserLoginWebSessionController;
+import org.mxchange.addressbook.beans.user.login.AddressbookUserLoginWebSessionController;
import org.mxchange.addressbook.model.addressbook.AddressbookSessionBeanRemote;
import org.mxchange.jaddressbook.events.addressbook.AddressbookLoadedEvent;
import org.mxchange.jaddressbook.events.addressbook.ObservableAddressbookLoadedEvent;
import javax.naming.NamingException;
import org.mxchange.addressbook.beans.BaseAddressbookController;
import org.mxchange.addressbook.beans.addressbook.AddressbookWebSessionController;
-import org.mxchange.addressbook.beans.login.user.AddressbookUserLoginWebSessionController;
+import org.mxchange.addressbook.beans.user.login.AddressbookUserLoginWebSessionController;
import org.mxchange.addressbook.model.shared.AddressbookShareSessionBeanRemote;
import org.mxchange.jaddressbook.model.addressbook.Addressbook;
import org.mxchange.jaddressbookshare.events.sharing.ObservableAddressbookSharingEvent;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import org.mxchange.addressbook.beans.BaseAddressbookController;
-import org.mxchange.addressbook.beans.login.user.AddressbookUserLoginWebSessionController;
+import org.mxchange.addressbook.beans.user.login.AddressbookUserLoginWebSessionController;
import org.mxchange.jcontactsbusiness.BusinessContact;
import org.mxchange.jcontactsbusiness.BusinessContactSessionBeanRemote;
import javax.naming.InitialContext;
import javax.naming.NamingException;
import org.mxchange.addressbook.beans.BaseAddressbookController;
-import org.mxchange.addressbook.beans.login.user.AddressbookUserLoginWebSessionController;
+import org.mxchange.addressbook.beans.user.login.AddressbookUserLoginWebSessionController;
import org.mxchange.addressbook.beans.user.AddressbookUserWebSessionController;
import org.mxchange.jcontacts.contact.Contact;
import org.mxchange.jcontacts.contact.ContactSessionBeanRemote;
+++ /dev/null
-/*
- * Copyright (C) 2016, 2017 Roland Häder
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-package org.mxchange.addressbook.beans.login.user;
-
-import java.text.MessageFormat;
-import java.util.Collections;
-import java.util.List;
-import java.util.Objects;
-import javax.annotation.PostConstruct;
-import javax.enterprise.context.SessionScoped;
-import javax.enterprise.event.Event;
-import javax.enterprise.event.Observes;
-import javax.enterprise.inject.Any;
-import javax.faces.context.FacesContext;
-import javax.faces.view.facelets.FaceletException;
-import javax.inject.Inject;
-import javax.inject.Named;
-import javax.naming.Context;
-import javax.naming.InitialContext;
-import javax.naming.NamingException;
-import org.mxchange.addressbook.beans.BaseAddressbookController;
-import org.mxchange.addressbook.beans.user.AddressbookUserWebSessionController;
-import org.mxchange.jusercore.container.login.LoginContainer;
-import org.mxchange.jusercore.container.login.UserLoginContainer;
-import org.mxchange.jusercore.events.login.ObservableUserLoggedInEvent;
-import org.mxchange.jusercore.events.login.UserLoggedInEvent;
-import org.mxchange.jusercore.events.logout.ObservableUserLogoutEvent;
-import org.mxchange.jusercore.events.logout.UserLogoutEvent;
-import org.mxchange.jusercore.events.user.password_change.ObservableUpdatedUserPasswordEvent;
-import org.mxchange.jusercore.exceptions.UserNotFoundException;
-import org.mxchange.jusercore.exceptions.UserPasswordMismatchException;
-import org.mxchange.jusercore.exceptions.UserStatusLockedException;
-import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
-import org.mxchange.jusercore.model.login.user.UserLoginSessionBeanRemote;
-import org.mxchange.jusercore.model.user.User;
-import org.mxchange.jusercore.model.user.UserUtils;
-import org.mxchange.jusercore.model.user.password_history.PasswordHistory;
-import org.mxchange.jusercore.model.user.password_history.UserPasswordHistorySessionBeanRemote;
-import org.mxchange.jusercore.model.user.profilemodes.ProfileMode;
-import org.mxchange.jusercore.model.user.status.UserAccountStatus;
-
-/**
- * A web bean for user registration
- * <p>
- * @author Roland Häder<roland@mxchange.org>
- */
-@Named ("userLoginController")
-@SessionScoped
-public class AddressbookUserLoginWebSessionBean extends BaseAddressbookController implements AddressbookUserLoginWebSessionController {
-
- /**
- * Path name for guest base template
- */
- private static final String GUEST_BASE_TEMPLATE_NAME = "guest/guest"; //NOI18N
-
- /**
- * Path name for logged-in user base template
- */
- private static final String USER_BASE_TEMPLATE_NAME = "login/user/user"; //NOI18N
-
- /**
- * Serial number
- */
- private static final long serialVersionUID = 47_828_986_719_691_592L;
-
- /**
- * Template type for pages that might be displayed in guest area and login
- * area.
- */
- private String baseTemplatePathName;
-
- /**
- * Logged-in user instance
- */
- private User loggedInUser;
-
- /**
- * User controller
- */
- @Inject
- private AddressbookUserWebSessionController userController;
-
- /**
- * Current password
- */
- private String userCurrentPassword;
-
- /**
- * Flag whether the user has logged-in, set only from inside
- */
- private boolean userLoggedIn;
-
- /**
- * Remote register session-scoped bean
- */
- private UserLoginSessionBeanRemote userLoginBean;
-
- /**
- * Event fired when user has logged in
- */
- @Inject
- @Any
- private Event<ObservableUserLoggedInEvent> userLoginEvent;
-
- /**
- * Event fired when user has logged out
- */
- @Inject
- @Any
- private Event<ObservableUserLogoutEvent> userLogoutEvent;
-
- /**
- * User's password history
- */
- private List<PasswordHistory> userPasswordHistory;
-
- /**
- * EJB for user's password history
- */
- private UserPasswordHistorySessionBeanRemote userPasswordHistoryBean;
-
- /**
- * Default constructor
- */
- public AddressbookUserLoginWebSessionBean () {
- // Call super constructor
- super();
-
- // Defaul template is guest
- this.baseTemplatePathName = GUEST_BASE_TEMPLATE_NAME;
- }
-
- /**
- * Method being call after user's password has been updated (and history
- * entry has been created).
- * <p>
- * @param event Event being observed
- */
- public void afterUserUpdatedPasswordEvent (@Observes final ObservableUpdatedUserPasswordEvent event) {
- // Check parameter
- if (null == event) {
- // Throw NPE
- throw new NullPointerException("event is null"); //NOI18N
- } else if (event.getPasswordHistory() == null) {
- // Throw NPE again
- throw new NullPointerException("event.passwordHistory is null"); //NOI18N
- } else if (event.getPasswordHistory().getUserPasswordHistoryId() == null) {
- // ... and again
- throw new NullPointerException("event.passwordHistory.userPasswordHistoryId is null"); //NOI18N
- } else if (event.getPasswordHistory().getUserPasswordHistoryId() < 1) {
- // Invalid value
- throw new IllegalArgumentException(MessageFormat.format("event.passwordHistory.userPasswordHistoryId={0} is in valid", event.getPasswordHistory().getUserPasswordHistoryId())); //NOI18N
- }
-
- // All fine, so update list
- this.updatePasswordHistory(event.getPasswordHistory());
- }
-
- @Override
- public String doAdminLogout () {
- // Is a user logged-in?
- if (this.isUserLoggedIn()) {
- // Call other logout
- return this.doUserLogout();
- }
-
- // Invalidate session
- FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
-
- // Set template type to guest
- this.setBaseTemplatePathName(GUEST_BASE_TEMPLATE_NAME); //NOI18N
-
- // Redirect to index
- return "index?faces-redirect=true"; //NOI18N
- }
-
- @Override
- public String doUserLogin () {
- // Get user instance
- User user = this.userController.createUserLogin();
-
- // Create login container
- LoginContainer container = new UserLoginContainer(user, this.userController.getUserPassword());
-
- try {
- // Call bean
- User confirmedUser = this.userLoginBean.validateUserAccountStatus(container);
-
- // All fine here so set it here
- this.setLoggedInUser(confirmedUser);
-
- // Retrieve user's password list
- this.userPasswordHistory = this.userPasswordHistoryBean.getUserPasswordHistory(confirmedUser);
-
- // Set template to "login"
- this.setBaseTemplatePathName(USER_BASE_TEMPLATE_NAME); //NOI18N
-
- // Fire event away. Keep this last before return statement.
- this.userLoginEvent.fire(new UserLoggedInEvent(confirmedUser));
-
- // Clear this bean
- this.clear();
-
- // All fine
- return "login_user"; //NOI18N
- } catch (final UserNotFoundException ex) {
- // Show JSF message
- this.showFacesMessage("form_user_login:userName", "ERROR_USER_NOT_FOUND"); //NOI18N
- return ""; //NOI18N
- } catch (final UserStatusLockedException ex) {
- this.showFacesMessage("form_user_login:userName", "ERROR_USER_STATUS_LOCKED"); //NOI18N
- return ""; //NOI18N
- } catch (final UserStatusUnconfirmedException ex) {
- this.showFacesMessage("form_user_login:userName", "ERROR_USER_STATUS_UNCONFIRMED"); //NOI18N
- return ""; //NOI18N
- } catch (final UserPasswordMismatchException ex) {
- // Show JSF message
- this.showFacesMessage("form_user_login:userPassword", "ERROR_USER_PASSWORD_MISMATCH"); //NOI18N
- return ""; //NOI18N
- }
- }
-
- @Override
- public String doUserLogout () {
- // Is loggedInUser set?
- if (this.getLoggedInUser() == null) {
- // Throw NPE
- throw new NullPointerException("this.loggedInUser is null"); //NOI18N
- } else if (this.getLoggedInUser().getUserId() == null) {
- // Throw again
- throw new NullPointerException("this.loggedInUser.userId is null"); //NOI18N
- } else if (this.getLoggedInUser().getUserId() < 1) {
- // Invalid user id
- throw new IllegalStateException(MessageFormat.format("this.loggedInUser.userId={0} is not valid.", this.getLoggedInUser().getUserId())); //NOI18N
- }
-
- // Fire event
- this.userLogoutEvent.fire(new UserLogoutEvent(this.getLoggedInUser()));
-
- // Invalidate session
- FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
-
- // Unset any user instances
- this.setLoggedInUser(null);
- this.setBaseTemplatePathName(GUEST_BASE_TEMPLATE_NAME); //NOI18N
-
- // Redirect to index
- return "index"; //NOI18N
- }
-
- @Override
- public String getBaseTemplatePathName () {
- return this.baseTemplatePathName;
- }
-
- @Override
- public void setBaseTemplatePathName (final String baseTemplatePathName) {
- this.baseTemplatePathName = baseTemplatePathName;
- }
-
- @Override
- public User getLoggedInUser () {
- return this.loggedInUser;
- }
-
- @Override
- public void setLoggedInUser (final User loggedInUser) {
- this.loggedInUser = loggedInUser;
- }
-
- @Override
- public String getUserCurrentPassword () {
- return this.userCurrentPassword;
- }
-
- @Override
- public void setUserCurrentPassword (final String userCurrentPassword) {
- this.userCurrentPassword = userCurrentPassword;
- }
-
- @Override
- public List<PasswordHistory> getUserPasswordHistory () {
- return Collections.unmodifiableList(this.userPasswordHistory);
- }
-
- @Override
- public boolean ifCurrentPasswordMatches () {
- // The current password must be set and not empty
- if (this.getUserCurrentPassword() == null) {
- // Is not set
- throw new NullPointerException("this.userCurrentPassword is null"); //NOI18N
- } else if (this.getUserCurrentPassword().isEmpty()) {
- // Is set empty
- throw new IllegalStateException("this.userCurrentPassword is empty."); //NOI18N
- }
-
- // Create "container"
- LoginContainer container = new UserLoginContainer(this.getLoggedInUser(), this.getUserCurrentPassword());
-
- // Now check if it matches
- return UserUtils.ifPasswordMatches(container, this.getLoggedInUser());
- }
-
- @Override
- public boolean ifUserMustChangePassword () {
- return ((this.isUserLoggedIn()) && (Objects.equals(this.getLoggedInUser().getUserMustChangePassword(), Boolean.TRUE)));
- }
-
- /**
- * Post-construction method
- */
- @PostConstruct
- public void init () {
- try {
- // Get initial context
- Context context = new InitialContext();
-
- // Try to lookup
- this.userLoginBean = (UserLoginSessionBeanRemote) context.lookup("java:global/addressbook-ejb/userLogin!org.mxchange.jusercore.model.login.user.UserLoginSessionBeanRemote"); //NOI18N
-
- // Also find this
- this.userPasswordHistoryBean = (UserPasswordHistorySessionBeanRemote) context.lookup("java:global/addressbook-ejb/userPasswordHistory!org.mxchange.jusercore.model.user.password_history.UserPasswordHistorySessionBeanRemote"); //NOI18N
-
- // Defaul template is guest
- this.baseTemplatePathName = GUEST_BASE_TEMPLATE_NAME;
- } catch (final NamingException ex) {
- // Continue to throw
- throw new FaceletException(ex);
- }
- }
-
- @Override
- public boolean isInvisible () {
- // Check on login
- if (!this.isUserLoggedIn()) {
- // Not logged in!
- throw new IllegalStateException("isInvisible() has been invoked for a guest."); //NOI18N
- }
-
- // Check logged-in first, then invisibility
- return Objects.equals(this.getLoggedInUser().getUserProfileMode(), ProfileMode.INVISIBLE);
- }
-
- @Override
- public boolean isPasswordInHistory (final String userPassword) {
- // Default is not found
- boolean isPasswordInHistory = false;
-
- // Init variables
- int count = 1;
- int maxEntries = this.getIntegerContextParameter("max_user_password_history"); //NOI18N
-
- // Check all passwords
- for (final PasswordHistory entry : this.getUserPasswordHistory()) {
- // Is password the same?
- if (UserUtils.ifPasswordMatches(userPassword, entry.getUserPasswordHistoryUser())) {
- // Yes, found it
- isPasswordInHistory = true;
- break;
- } else if (count == maxEntries) {
- // Maximum reached
- break;
- }
-
- // Count up
- count++;
- }
-
- // Return status
- return isPasswordInHistory;
- }
-
- @Override
- public boolean isUserLoggedIn () {
- // Compare instance
- this.userLoggedIn = ((this.getLoggedInUser() instanceof User) && (Objects.equals(this.getLoggedInUser().getUserAccountStatus(), UserAccountStatus.CONFIRMED)));
-
- // Return it
- return this.userLoggedIn;
- }
-
- /**
- * Clears this bean
- */
- private void clear () {
- // Clear all fields
- this.setUserCurrentPassword(null);
- }
-
- /**
- * Updates password history by adding given entry to it as long as it is not
- * there.
- * <p>
- * @param passwordHistory Password history entry
- */
- private void updatePasswordHistory (final PasswordHistory passwordHistory) {
- if (null == passwordHistory) {
- // Throw NPE
- throw new NullPointerException("passwordHistory is null"); //NOI18N
- } else if (passwordHistory.getUserPasswordHistoryId() == null) {
- // Throw NPE again
- throw new NullPointerException("passwordHistory.userPasswordHistoryId is null"); //NOI18N
- } else if (passwordHistory.getUserPasswordHistoryId() < 1) {
- // Invalid id
- throw new IllegalArgumentException(MessageFormat.format("passwordHistory.userPasswordHistoryId={0} is not valid.", passwordHistory.getUserPasswordHistoryId())); //NOI18N
- }
-
- // Is it there?
- if (this.userPasswordHistory.contains(passwordHistory)) {
- // Excact copy found
- return;
- }
-
- // Check all entries
- for (final PasswordHistory entry : this.userPasswordHistory) {
- // Is same id number?
- if (Objects.equals(entry.getUserPasswordHistoryId(), passwordHistory.getUserPasswordHistoryId())) {
- // Found it
- return;
- }
- }
-
- // Not found, so add it
- this.userPasswordHistory.add(passwordHistory);
- }
-
-}
+++ /dev/null
-/*
- * Copyright (C) 2016, 2017 Roland Häder
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-package org.mxchange.addressbook.beans.login.user;
-
-import java.io.Serializable;
-import java.util.List;
-import javax.ejb.Local;
-import org.mxchange.jusercore.model.user.User;
-import org.mxchange.jusercore.model.user.password_history.PasswordHistory;
-
-/**
- * An interface for registration web controllers
- * <p>
- * @author Roland Häder<roland@mxchange.org>
- */
-@Local
-public interface AddressbookUserLoginWebSessionController extends Serializable {
-
- /**
- * Checks whether given clear-text password is in user's password history.
- * <p>
- * @param userPassword Clear-text password
- * <p>
- * @return Whether clear-text password is in user's password history
- */
- boolean isPasswordInHistory (final String userPassword);
-
- /**
- * Getter for base template type
- * <p>
- * @return Template type
- */
- String getBaseTemplatePathName ();
-
- /**
- * Setter for base template type
- * <p>
- * @param baseTemplatePathName Template type
- */
- void setBaseTemplatePathName (final String baseTemplatePathName);
-
- /**
- * Logout for administrator area. If a logged-in user instance exists, it is
- * being logged-out, too.
- * <p>
- * @return Outcome (should be redirected)
- */
- String doAdminLogout ();
-
- /**
- * Logins the user, if the account is found, confirmed and unlocked.
- * <p>
- * @return Redirect target
- */
- String doUserLogin ();
-
- /**
- * Logout for current user by invalidating the current session.
- * <p>
- * @return Outcome (should be redirected)
- */
- String doUserLogout ();
-
- /**
- * Getter for logged-in user instance
- * <p>
- * @return Logged-in user instance
- */
- User getLoggedInUser ();
-
- /**
- * Setter for logged-in user instance
- * <p>
- * @param loggedInUser Logged-in user instance
- */
- void setLoggedInUser (final User loggedInUser);
-
- /**
- * Checks whether the user is logged-in
- * <p>
- * @return Whether the user is logged-in
- */
- boolean isUserLoggedIn ();
-
- /**
- * Checks whether the user needs to change password
- * <p>
- * @return Whether the user needs to change password
- */
- boolean ifUserMustChangePassword ();
-
- /**
- * Whether the currently logged-in user is invisible
- * <p>
- * @return Whether the currently logged-in user is invisible
- */
- boolean isInvisible ();
-
- /**
- * Setter for current password (clear text)
- * <p>
- * @param userCurrentPassword Current password
- */
- void setUserCurrentPassword (final String userCurrentPassword);
-
- /**
- * Getter for current password (clear text)
- * <p>
- * @return Current password
- */
- String getUserCurrentPassword ();
-
- /**
- * Checks whether the (previously entered) current password matches with
- * from the user instance.
- * <p>
- * @return If current password matches
- */
- boolean ifCurrentPasswordMatches ();
-
- /**
- * Getter for user's password history
- * <p>
- * @return User's password history
- */
- List<PasswordHistory> getUserPasswordHistory ();
-
-}
import javax.inject.Inject;
import javax.inject.Named;
import org.mxchange.addressbook.beans.BaseAddressbookController;
-import org.mxchange.addressbook.beans.login.user.AddressbookUserLoginWebSessionController;
+import org.mxchange.addressbook.beans.user.login.AddressbookUserLoginWebSessionController;
import org.mxchange.addressbook.beans.user.AddressbookUserWebSessionController;
import org.mxchange.jusercore.exceptions.UserNotFoundException;
import org.mxchange.jusercore.model.user.User;
import org.mxchange.addressbook.beans.contact.AddressbookContactWebSessionController;
import org.mxchange.addressbook.beans.features.AddressbookFeaturesWebApplicationController;
import org.mxchange.addressbook.beans.localization.AddressbookLocalizationSessionController;
-import org.mxchange.addressbook.beans.login.user.AddressbookUserLoginWebSessionController;
+import org.mxchange.addressbook.beans.user.login.AddressbookUserLoginWebSessionController;
import org.mxchange.jcontacts.contact.Contact;
import org.mxchange.jusercore.events.confirmation.ObservableUserConfirmedAccountEvent;
import org.mxchange.jusercore.events.login.ObservableUserLoggedInEvent;
import javax.naming.NamingException;
import org.mxchange.addressbook.beans.BaseAddressbookController;
import org.mxchange.addressbook.beans.features.AddressbookFeaturesWebApplicationController;
-import org.mxchange.addressbook.beans.login.user.AddressbookUserLoginWebSessionController;
+import org.mxchange.addressbook.beans.user.login.AddressbookUserLoginWebSessionController;
import org.mxchange.jcontacts.contact.Contact;
import org.mxchange.jcoreee.utils.FacesUtils;
import org.mxchange.jusercore.exceptions.UserPasswordMismatchException;
--- /dev/null
+/*
+ * Copyright (C) 2016, 2017 Roland Häder
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.mxchange.addressbook.beans.user.login;
+
+import java.text.MessageFormat;
+import java.util.Collections;
+import java.util.List;
+import java.util.Objects;
+import javax.annotation.PostConstruct;
+import javax.enterprise.context.SessionScoped;
+import javax.enterprise.event.Event;
+import javax.enterprise.event.Observes;
+import javax.enterprise.inject.Any;
+import javax.faces.context.FacesContext;
+import javax.faces.view.facelets.FaceletException;
+import javax.inject.Inject;
+import javax.inject.Named;
+import javax.naming.Context;
+import javax.naming.InitialContext;
+import javax.naming.NamingException;
+import org.mxchange.addressbook.beans.BaseAddressbookController;
+import org.mxchange.addressbook.beans.user.AddressbookUserWebSessionController;
+import org.mxchange.jusercore.container.login.LoginContainer;
+import org.mxchange.jusercore.container.login.UserLoginContainer;
+import org.mxchange.jusercore.events.login.ObservableUserLoggedInEvent;
+import org.mxchange.jusercore.events.login.UserLoggedInEvent;
+import org.mxchange.jusercore.events.logout.ObservableUserLogoutEvent;
+import org.mxchange.jusercore.events.logout.UserLogoutEvent;
+import org.mxchange.jusercore.events.user.password_change.ObservableUpdatedUserPasswordEvent;
+import org.mxchange.jusercore.exceptions.UserNotFoundException;
+import org.mxchange.jusercore.exceptions.UserPasswordMismatchException;
+import org.mxchange.jusercore.exceptions.UserStatusLockedException;
+import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
+import org.mxchange.jusercore.model.login.user.UserLoginSessionBeanRemote;
+import org.mxchange.jusercore.model.user.User;
+import org.mxchange.jusercore.model.user.UserUtils;
+import org.mxchange.jusercore.model.user.password_history.PasswordHistory;
+import org.mxchange.jusercore.model.user.password_history.UserPasswordHistorySessionBeanRemote;
+import org.mxchange.jusercore.model.user.profilemodes.ProfileMode;
+import org.mxchange.jusercore.model.user.status.UserAccountStatus;
+
+/**
+ * A web bean for user registration
+ * <p>
+ * @author Roland Häder<roland@mxchange.org>
+ */
+@Named ("userLoginController")
+@SessionScoped
+public class AddressbookUserLoginWebSessionBean extends BaseAddressbookController implements AddressbookUserLoginWebSessionController {
+
+ /**
+ * Path name for guest base template
+ */
+ private static final String GUEST_BASE_TEMPLATE_NAME = "guest/guest"; //NOI18N
+
+ /**
+ * Path name for logged-in user base template
+ */
+ private static final String USER_BASE_TEMPLATE_NAME = "login/user/user"; //NOI18N
+
+ /**
+ * Serial number
+ */
+ private static final long serialVersionUID = 47_828_986_719_691_592L;
+
+ /**
+ * Template type for pages that might be displayed in guest area and login
+ * area.
+ */
+ private String baseTemplatePathName;
+
+ /**
+ * Logged-in user instance
+ */
+ private User loggedInUser;
+
+ /**
+ * User controller
+ */
+ @Inject
+ private AddressbookUserWebSessionController userController;
+
+ /**
+ * Current password
+ */
+ private String userCurrentPassword;
+
+ /**
+ * Flag whether the user has logged-in, set only from inside
+ */
+ private boolean userLoggedIn;
+
+ /**
+ * Remote register session-scoped bean
+ */
+ private UserLoginSessionBeanRemote userLoginBean;
+
+ /**
+ * Event fired when user has logged in
+ */
+ @Inject
+ @Any
+ private Event<ObservableUserLoggedInEvent> userLoginEvent;
+
+ /**
+ * Event fired when user has logged out
+ */
+ @Inject
+ @Any
+ private Event<ObservableUserLogoutEvent> userLogoutEvent;
+
+ /**
+ * User's password history
+ */
+ private List<PasswordHistory> userPasswordHistory;
+
+ /**
+ * EJB for user's password history
+ */
+ private UserPasswordHistorySessionBeanRemote userPasswordHistoryBean;
+
+ /**
+ * Default constructor
+ */
+ public AddressbookUserLoginWebSessionBean () {
+ // Call super constructor
+ super();
+
+ // Defaul template is guest
+ this.baseTemplatePathName = GUEST_BASE_TEMPLATE_NAME;
+ }
+
+ /**
+ * Method being call after user's password has been updated (and history
+ * entry has been created).
+ * <p>
+ * @param event Event being observed
+ */
+ public void afterUserUpdatedPasswordEvent (@Observes final ObservableUpdatedUserPasswordEvent event) {
+ // Check parameter
+ if (null == event) {
+ // Throw NPE
+ throw new NullPointerException("event is null"); //NOI18N
+ } else if (event.getPasswordHistory() == null) {
+ // Throw NPE again
+ throw new NullPointerException("event.passwordHistory is null"); //NOI18N
+ } else if (event.getPasswordHistory().getUserPasswordHistoryId() == null) {
+ // ... and again
+ throw new NullPointerException("event.passwordHistory.userPasswordHistoryId is null"); //NOI18N
+ } else if (event.getPasswordHistory().getUserPasswordHistoryId() < 1) {
+ // Invalid value
+ throw new IllegalArgumentException(MessageFormat.format("event.passwordHistory.userPasswordHistoryId={0} is in valid", event.getPasswordHistory().getUserPasswordHistoryId())); //NOI18N
+ }
+
+ // All fine, so update list
+ this.updatePasswordHistory(event.getPasswordHistory());
+ }
+
+ @Override
+ public String doAdminLogout () {
+ // Is a user logged-in?
+ if (this.isUserLoggedIn()) {
+ // Call other logout
+ return this.doUserLogout();
+ }
+
+ // Invalidate session
+ FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
+
+ // Set template type to guest
+ this.setBaseTemplatePathName(GUEST_BASE_TEMPLATE_NAME); //NOI18N
+
+ // Redirect to index
+ return "index?faces-redirect=true"; //NOI18N
+ }
+
+ @Override
+ public String doUserLogin () {
+ // Get user instance
+ User user = this.userController.createUserLogin();
+
+ // Create login container
+ LoginContainer container = new UserLoginContainer(user, this.userController.getUserPassword());
+
+ try {
+ // Call bean
+ User confirmedUser = this.userLoginBean.validateUserAccountStatus(container);
+
+ // All fine here so set it here
+ this.setLoggedInUser(confirmedUser);
+
+ // Retrieve user's password list
+ this.userPasswordHistory = this.userPasswordHistoryBean.getUserPasswordHistory(confirmedUser);
+
+ // Set template to "login"
+ this.setBaseTemplatePathName(USER_BASE_TEMPLATE_NAME); //NOI18N
+
+ // Fire event away. Keep this last before return statement.
+ this.userLoginEvent.fire(new UserLoggedInEvent(confirmedUser));
+
+ // Clear this bean
+ this.clear();
+
+ // All fine
+ return "login_user"; //NOI18N
+ } catch (final UserNotFoundException ex) {
+ // Show JSF message
+ this.showFacesMessage("form_user_login:userName", "ERROR_USER_NOT_FOUND"); //NOI18N
+ return ""; //NOI18N
+ } catch (final UserStatusLockedException ex) {
+ this.showFacesMessage("form_user_login:userName", "ERROR_USER_STATUS_LOCKED"); //NOI18N
+ return ""; //NOI18N
+ } catch (final UserStatusUnconfirmedException ex) {
+ this.showFacesMessage("form_user_login:userName", "ERROR_USER_STATUS_UNCONFIRMED"); //NOI18N
+ return ""; //NOI18N
+ } catch (final UserPasswordMismatchException ex) {
+ // Show JSF message
+ this.showFacesMessage("form_user_login:userPassword", "ERROR_USER_PASSWORD_MISMATCH"); //NOI18N
+ return ""; //NOI18N
+ }
+ }
+
+ @Override
+ public String doUserLogout () {
+ // Is loggedInUser set?
+ if (this.getLoggedInUser() == null) {
+ // Throw NPE
+ throw new NullPointerException("this.loggedInUser is null"); //NOI18N
+ } else if (this.getLoggedInUser().getUserId() == null) {
+ // Throw again
+ throw new NullPointerException("this.loggedInUser.userId is null"); //NOI18N
+ } else if (this.getLoggedInUser().getUserId() < 1) {
+ // Invalid user id
+ throw new IllegalStateException(MessageFormat.format("this.loggedInUser.userId={0} is not valid.", this.getLoggedInUser().getUserId())); //NOI18N
+ }
+
+ // Fire event
+ this.userLogoutEvent.fire(new UserLogoutEvent(this.getLoggedInUser()));
+
+ // Invalidate session
+ FacesContext.getCurrentInstance().getExternalContext().invalidateSession();
+
+ // Unset any user instances
+ this.setLoggedInUser(null);
+ this.setBaseTemplatePathName(GUEST_BASE_TEMPLATE_NAME); //NOI18N
+
+ // Redirect to index
+ return "index"; //NOI18N
+ }
+
+ @Override
+ public String getBaseTemplatePathName () {
+ return this.baseTemplatePathName;
+ }
+
+ @Override
+ public void setBaseTemplatePathName (final String baseTemplatePathName) {
+ this.baseTemplatePathName = baseTemplatePathName;
+ }
+
+ @Override
+ public User getLoggedInUser () {
+ return this.loggedInUser;
+ }
+
+ @Override
+ public void setLoggedInUser (final User loggedInUser) {
+ this.loggedInUser = loggedInUser;
+ }
+
+ @Override
+ public String getUserCurrentPassword () {
+ return this.userCurrentPassword;
+ }
+
+ @Override
+ public void setUserCurrentPassword (final String userCurrentPassword) {
+ this.userCurrentPassword = userCurrentPassword;
+ }
+
+ @Override
+ public List<PasswordHistory> getUserPasswordHistory () {
+ return Collections.unmodifiableList(this.userPasswordHistory);
+ }
+
+ @Override
+ public boolean ifCurrentPasswordMatches () {
+ // The current password must be set and not empty
+ if (this.getUserCurrentPassword() == null) {
+ // Is not set
+ throw new NullPointerException("this.userCurrentPassword is null"); //NOI18N
+ } else if (this.getUserCurrentPassword().isEmpty()) {
+ // Is set empty
+ throw new IllegalStateException("this.userCurrentPassword is empty."); //NOI18N
+ }
+
+ // Create "container"
+ LoginContainer container = new UserLoginContainer(this.getLoggedInUser(), this.getUserCurrentPassword());
+
+ // Now check if it matches
+ return UserUtils.ifPasswordMatches(container, this.getLoggedInUser());
+ }
+
+ @Override
+ public boolean ifUserMustChangePassword () {
+ return ((this.isUserLoggedIn()) && (Objects.equals(this.getLoggedInUser().getUserMustChangePassword(), Boolean.TRUE)));
+ }
+
+ /**
+ * Post-construction method
+ */
+ @PostConstruct
+ public void init () {
+ try {
+ // Get initial context
+ Context context = new InitialContext();
+
+ // Try to lookup
+ this.userLoginBean = (UserLoginSessionBeanRemote) context.lookup("java:global/addressbook-ejb/userLogin!org.mxchange.jusercore.model.login.user.UserLoginSessionBeanRemote"); //NOI18N
+
+ // Also find this
+ this.userPasswordHistoryBean = (UserPasswordHistorySessionBeanRemote) context.lookup("java:global/addressbook-ejb/userPasswordHistory!org.mxchange.jusercore.model.user.password_history.UserPasswordHistorySessionBeanRemote"); //NOI18N
+
+ // Defaul template is guest
+ this.baseTemplatePathName = GUEST_BASE_TEMPLATE_NAME;
+ } catch (final NamingException ex) {
+ // Continue to throw
+ throw new FaceletException(ex);
+ }
+ }
+
+ @Override
+ public boolean isInvisible () {
+ // Check on login
+ if (!this.isUserLoggedIn()) {
+ // Not logged in!
+ throw new IllegalStateException("isInvisible() has been invoked for a guest."); //NOI18N
+ }
+
+ // Check logged-in first, then invisibility
+ return Objects.equals(this.getLoggedInUser().getUserProfileMode(), ProfileMode.INVISIBLE);
+ }
+
+ @Override
+ public boolean isPasswordInHistory (final String userPassword) {
+ // Default is not found
+ boolean isPasswordInHistory = false;
+
+ // Init variables
+ int count = 1;
+ int maxEntries = this.getIntegerContextParameter("max_user_password_history"); //NOI18N
+
+ // Check all passwords
+ for (final PasswordHistory entry : this.getUserPasswordHistory()) {
+ // Is password the same?
+ if (UserUtils.ifPasswordMatches(userPassword, entry.getUserPasswordHistoryUser())) {
+ // Yes, found it
+ isPasswordInHistory = true;
+ break;
+ } else if (count == maxEntries) {
+ // Maximum reached
+ break;
+ }
+
+ // Count up
+ count++;
+ }
+
+ // Return status
+ return isPasswordInHistory;
+ }
+
+ @Override
+ public boolean isUserLoggedIn () {
+ // Compare instance
+ this.userLoggedIn = ((this.getLoggedInUser() instanceof User) && (Objects.equals(this.getLoggedInUser().getUserAccountStatus(), UserAccountStatus.CONFIRMED)));
+
+ // Return it
+ return this.userLoggedIn;
+ }
+
+ /**
+ * Clears this bean
+ */
+ private void clear () {
+ // Clear all fields
+ this.setUserCurrentPassword(null);
+ }
+
+ /**
+ * Updates password history by adding given entry to it as long as it is not
+ * there.
+ * <p>
+ * @param passwordHistory Password history entry
+ */
+ private void updatePasswordHistory (final PasswordHistory passwordHistory) {
+ if (null == passwordHistory) {
+ // Throw NPE
+ throw new NullPointerException("passwordHistory is null"); //NOI18N
+ } else if (passwordHistory.getUserPasswordHistoryId() == null) {
+ // Throw NPE again
+ throw new NullPointerException("passwordHistory.userPasswordHistoryId is null"); //NOI18N
+ } else if (passwordHistory.getUserPasswordHistoryId() < 1) {
+ // Invalid id
+ throw new IllegalArgumentException(MessageFormat.format("passwordHistory.userPasswordHistoryId={0} is not valid.", passwordHistory.getUserPasswordHistoryId())); //NOI18N
+ }
+
+ // Is it there?
+ if (this.userPasswordHistory.contains(passwordHistory)) {
+ // Excact copy found
+ return;
+ }
+
+ // Check all entries
+ for (final PasswordHistory entry : this.userPasswordHistory) {
+ // Is same id number?
+ if (Objects.equals(entry.getUserPasswordHistoryId(), passwordHistory.getUserPasswordHistoryId())) {
+ // Found it
+ return;
+ }
+ }
+
+ // Not found, so add it
+ this.userPasswordHistory.add(passwordHistory);
+ }
+
+}
--- /dev/null
+/*
+ * Copyright (C) 2016, 2017 Roland Häder
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <http://www.gnu.org/licenses/>.
+ */
+package org.mxchange.addressbook.beans.user.login;
+
+import java.io.Serializable;
+import java.util.List;
+import javax.ejb.Local;
+import org.mxchange.jusercore.model.user.User;
+import org.mxchange.jusercore.model.user.password_history.PasswordHistory;
+
+/**
+ * An interface for registration web controllers
+ * <p>
+ * @author Roland Häder<roland@mxchange.org>
+ */
+@Local
+public interface AddressbookUserLoginWebSessionController extends Serializable {
+
+ /**
+ * Checks whether given clear-text password is in user's password history.
+ * <p>
+ * @param userPassword Clear-text password
+ * <p>
+ * @return Whether clear-text password is in user's password history
+ */
+ boolean isPasswordInHistory (final String userPassword);
+
+ /**
+ * Getter for base template type
+ * <p>
+ * @return Template type
+ */
+ String getBaseTemplatePathName ();
+
+ /**
+ * Setter for base template type
+ * <p>
+ * @param baseTemplatePathName Template type
+ */
+ void setBaseTemplatePathName (final String baseTemplatePathName);
+
+ /**
+ * Logout for administrator area. If a logged-in user instance exists, it is
+ * being logged-out, too.
+ * <p>
+ * @return Outcome (should be redirected)
+ */
+ String doAdminLogout ();
+
+ /**
+ * Logins the user, if the account is found, confirmed and unlocked.
+ * <p>
+ * @return Redirect target
+ */
+ String doUserLogin ();
+
+ /**
+ * Logout for current user by invalidating the current session.
+ * <p>
+ * @return Outcome (should be redirected)
+ */
+ String doUserLogout ();
+
+ /**
+ * Getter for logged-in user instance
+ * <p>
+ * @return Logged-in user instance
+ */
+ User getLoggedInUser ();
+
+ /**
+ * Setter for logged-in user instance
+ * <p>
+ * @param loggedInUser Logged-in user instance
+ */
+ void setLoggedInUser (final User loggedInUser);
+
+ /**
+ * Checks whether the user is logged-in
+ * <p>
+ * @return Whether the user is logged-in
+ */
+ boolean isUserLoggedIn ();
+
+ /**
+ * Checks whether the user needs to change password
+ * <p>
+ * @return Whether the user needs to change password
+ */
+ boolean ifUserMustChangePassword ();
+
+ /**
+ * Whether the currently logged-in user is invisible
+ * <p>
+ * @return Whether the currently logged-in user is invisible
+ */
+ boolean isInvisible ();
+
+ /**
+ * Setter for current password (clear text)
+ * <p>
+ * @param userCurrentPassword Current password
+ */
+ void setUserCurrentPassword (final String userCurrentPassword);
+
+ /**
+ * Getter for current password (clear text)
+ * <p>
+ * @return Current password
+ */
+ String getUserCurrentPassword ();
+
+ /**
+ * Checks whether the (previously entered) current password matches with
+ * from the user instance.
+ * <p>
+ * @return If current password matches
+ */
+ boolean ifCurrentPasswordMatches ();
+
+ /**
+ * Getter for user's password history
+ * <p>
+ * @return User's password history
+ */
+ List<PasswordHistory> getUserPasswordHistory ();
+
+}
import javax.naming.NamingException;
import org.mxchange.addressbook.beans.BaseAddressbookController;
import org.mxchange.addressbook.beans.features.AddressbookFeaturesWebApplicationController;
-import org.mxchange.addressbook.beans.login.user.AddressbookUserLoginWebSessionController;
+import org.mxchange.addressbook.beans.user.login.AddressbookUserLoginWebSessionController;
import org.mxchange.jcoreee.utils.FacesUtils;
import org.mxchange.jusercore.events.user.password_change.ObservableUpdatedUserPasswordEvent;
import org.mxchange.jusercore.events.user.password_change.UpdatedUserPasswordEvent;
projects / addressbook-war.git / commitdiff