src/java/org/mxchange/jusercore/model/login/AddressbookUserLoginSessionBean.java

   1 /*
   2  * Copyright (C) 2016, 2017 Roland Häder
   3  *
   4  * This program is free software: you can redistribute it and/or modify
   5  * it under the terms of the GNU Affero General Public License as
   6  * published by the Free Software Foundation, either version 3 of the
   7  * License, or (at your option) any later version.
   8  *
   9  * This program is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  * GNU Affero General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU Affero General Public License
  15  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16  */
  17 package org.mxchange.jusercore.model.login;
  18
  19 import org.mxchange.jusercore.model.login.user.UserLoginSessionBeanRemote;
  20 import java.text.MessageFormat;
  21 import javax.ejb.EJB;
  22 import javax.ejb.Stateless;
  23 import org.mxchange.jcoreee.database.BaseDatabaseBean;
  24 import org.mxchange.jusercore.container.login.LoginContainer;
  25 import org.mxchange.jusercore.exceptions.UserNotFoundException;
  26 import org.mxchange.jusercore.exceptions.UserPasswordMismatchException;
  27 import org.mxchange.jusercore.exceptions.UserStatusLockedException;
  28 import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
  29 import org.mxchange.jusercore.model.user.register.UserRegistrationSessionBeanRemote;
  30 import org.mxchange.jusercore.model.user.User;
  31 import org.mxchange.jusercore.model.user.UserSessionBeanRemote;
  32 import org.mxchange.jusercore.model.user.UserUtils;
  33 import org.mxchange.jusercore.model.user.status.UserAccountStatus;
  34
  35 /**
  36  * A session EJB for user logins
  37  * <p>
  38  * @author Roland Häder<roland@mxchange.org>
  39  */
  40 @Stateless (name = "login", description = "A bean handling the user login for Addressbook project")
  41 public class AddressbookUserLoginSessionBean extends BaseDatabaseBean implements UserLoginSessionBeanRemote {
  42
  43         /**
  44          * Serial number
  45          */
  46         private static final long serialVersionUID = 21_785_978_127_581_965L;
  47
  48         /**
  49          * Registration EJB
  50          */
  51         @EJB
  52         private UserRegistrationSessionBeanRemote registerBean;
  53
  54         /**
  55          * User EJB
  56          */
  57         @EJB
  58         private UserSessionBeanRemote userBean;
  59
  60         /**
  61          * Default constructor
  62          */
  63         public AddressbookUserLoginSessionBean () {
  64                 // Call super constructor
  65                 super();
  66         }
  67
  68         @Override
  69         public User validateUserAccountStatus (final LoginContainer container) throws UserNotFoundException, UserStatusLockedException, UserStatusUnconfirmedException, UserPasswordMismatchException {
  70                 // Trace message
  71                 this.getLoggerBeanLocal().logTrace(MessageFormat.format("{0}.loginUser: container={1} - CALLED!", this.getClass().getSimpleName(), container)); //NOI18N
  72
  73                 // Check some beans
  74                 assert (this.userBean instanceof UserSessionBeanRemote) : "this.userBean is not set"; //NOI18N
  75                 assert (this.registerBean instanceof UserRegistrationSessionBeanRemote) : "this.registerBean is not set"; //NOI18N
  76
  77                 // user should not be null
  78                 if (null == container) {
  79                         // Abort here
  80                         throw new NullPointerException("container is null"); //NOI18N
  81                 } else if (container.getUser() == null) {
  82                         // NPE again
  83                         throw new NullPointerException("container.user is null"); //NOI18N
  84                 } else if (container.getUserPassword() == null) {
  85                         // And yet again NPE
  86                         throw new NullPointerException("container.userPassword is null"); //NOI18N
  87                 } else if (container.getUserPassword().isEmpty()) {
  88                         // Empty password is not allowed, hardcoded.
  89                         throw new IllegalArgumentException("container.userPassword is empty"); //NOI18N
  90                 }
  91
  92                 // Is the account there?
  93                 if (!this.registerBean.isUserNameRegistered(container.getUser())) {
  94                         // Not registered
  95                         throw new UserNotFoundException(container.getUser());
  96                 }
  97
  98                 // Get user instance from persistance
  99                 User updatedUser = this.userBean.fillUserData(container.getUser());
 100
 101                 // Debug message
 102                 this.getLoggerBeanLocal().logDebug(MessageFormat.format("loginUser: updatedUser={0}", updatedUser)); //NOI18N
 103
 104                 // Is the user account unconfirmed?
 105                 if (updatedUser.getUserAccountStatus().equals(UserAccountStatus.UNCONFIRMED)) {
 106                         // Is unconfirmed
 107                         throw new UserStatusUnconfirmedException(container.getUser());
 108                 } else if (updatedUser.getUserAccountStatus().equals(UserAccountStatus.LOCKED)) {
 109                         // Is locked
 110                         throw new UserStatusLockedException(container.getUser());
 111                 } else if (!this.isPasswordMatching(container, updatedUser)) {
 112                         // Not matcing passwords
 113                         throw new UserPasswordMismatchException(container.getUser());
 114                 }
 115
 116                 // Trace message
 117                 this.getLoggerBeanLocal().logTrace(MessageFormat.format("{0}.loginUser: updatedUser={1} - EXIT!", this.getClass().getSimpleName(), updatedUser)); //NOI18N
 118
 119                 // Return it
 120                 return updatedUser;
 121         }
 122
 123         /**
 124          * Checks if password matches of both instances. Both user instances must
 125          * not match, the first one is the one from the calling bean/controller, the
 126          * second is the from database.
 127          * <p>
 128          * @param container Container instance holding the user instance and
 129          * clear-text password
 130          * @param updatedUser Updated user instance found for given user name
 131          * <p>
 132          * @return Whether the password matches
 133          */
 134         private boolean isPasswordMatching (final LoginContainer container, final User updatedUser) {
 135                 // First math both instances
 136                 if (null == container) {
 137                         // Throw NPE
 138                         throw new NullPointerException("container is null"); //NOI18N
 139                 } else if (null == updatedUser) {
 140                         // Throw NPE
 141                         throw new NullPointerException("updatedUser is null"); //NOI18N
 142                 } else if (container.getUser().equals(updatedUser)) {
 143                         // Both same instance!
 144                         throw new IllegalArgumentException(MessageFormat.format("container.user matches updatedUser: {0}", container.getUser())); //NOI18N
 145                 }
 146
 147                 // Is it the same same password?
 148                 return UserUtils.ifPasswordMatches(container, updatedUser);
 149         }
 150
 151 }