/*
* This file is part of anycook. The new internet cookbook
* Copyright (C) 2014 Jan Graßegger
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see [http://www.gnu.org/licenses/].
*/
package de.anycook.session;
import de.anycook.conf.Configuration;
import de.anycook.db.mysql.DBSaveRecipe;
import de.anycook.db.mysql.DBUser;
import de.anycook.news.life.Lifes;
import de.anycook.social.facebook.FacebookHandler;
import de.anycook.user.User;
import org.apache.commons.lang3.RandomStringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import java.io.IOException;
import java.sql.SQLException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.ws.rs.WebApplicationException;
/**
* Fuegt Daten zur Session hinzu und gibt sie zurueck. In der Session werden Filterparameter und
* Logindaten gespeichert.
*
* @author Jan Grassegger
*/
public class Session {
private static final String adminPwd;
static {
adminPwd = Configuration.getInstance().getAdminPassword();
}
private User login;
private final Logger logger;
/**
* Konstruktor initiert Variablen
*/
private Session() {
logger = LogManager.getLogger(getClass());
login = null;
}
/**
* Ueberprueft, ob bereits eine INstanz von Sessionhandler in der Session gespeichert ist, wenn
* wird eine neue erzeugt.
*
* @param session HttpSession des Users
* @return instanz von Sessionhandler
*/
static public Session init(HttpSession session) {
if (session.getAttribute("shandler") != null) {
return (Session) session.getAttribute("shandler");
}
Session shandler = new Session();
session.setAttribute("shandler", shandler);
return shandler;
}
static public Session init(HttpServletRequest request) {
Session session = init(request.getSession(true));
if (session.login == null) {
try {
session.loginWithCookies(request.getCookies());
} catch (IOException | SQLException e) {
LogManager.getLogger(Session.class).error(e, e);
}
}
return session;
}
// Login
/**
* ueberprueft ob login vorhanden
*
* @return true, wenn login gesetzt, sonst false
*/
public boolean checkLogin() {
if (login == null) {
throw new WebApplicationException(401);
}
return true;
}
public void checkAdminLogin() {
if (login != null && login.isAdmin()) {
return;
}
throw new WebApplicationException(401);
}
public boolean checkLoginWithoutException() {
return login != null;
}
private void loginWithCookies(javax.servlet.http.Cookie[] cookies)
throws IOException, SQLException {
if (cookies == null) {
return;
}
for (javax.servlet.http.Cookie cookie : cookies) {
if (cookie.getName().equals("anycook")) {
String cookieId = cookie.getValue();
try {
login(cookieId);
} catch (DBUser.CookieNotFoundException | DBUser.UserNotFoundException e) {
logger.warn(e, e);
}
}
String fbCookieKey = "fbsr_" + FacebookHandler.APP_ID;
if (cookie.getName().equals(fbCookieKey)) {
String cookieValue = cookie.getValue();
FacebookHandler.FacebookRequest request = FacebookHandler.decode(cookieValue);
Long uid = Long.parseLong(request.user_id);
try {
facebookLogin(uid);
} catch (User.LoginException | DBUser.UserNotFoundException e) {
logger.warn(e, e);
}
}
}
}
/**
* loggt einen user ein, wenn pwd und mail korrekt
*/
public void login(int userId, String password)
throws SQLException, DBUser.UserNotFoundException, IOException, User.LoginException {
if (userId == -1) {
if (password.equals(adminPwd)) {
login = User.initAdmin();
logger.info("logged in as admin");
} else {
logger.warn("admin login failed");
}
} else {
login = User.login(userId, password);
}
logger.info(login.getName() + " logged in");
}
private void login(String cookieId)
throws SQLException, IOException, DBUser.UserNotFoundException,
DBUser.CookieNotFoundException {
login = User.login(cookieId);
}
public void facebookLogin(String signedRequest)
throws IOException, User.LoginException, SQLException, DBUser.UserNotFoundException {
FacebookHandler.FacebookRequest request = FacebookHandler.decode(signedRequest);
facebookLogin(Long.parseLong(request.user_id));
}
private void facebookLogin(Long uid)
throws SQLException, IOException, User.LoginException, DBUser.UserNotFoundException {
login = User.facebookLogin(uid);
}
public String makePermanentCookieId(int userid) throws SQLException {
try (DBUser dbuser = new DBUser()) {
String newId;
do {
newId = RandomStringUtils.randomAlphanumeric(20);
} while (dbuser.checkCookieId(newId));
dbuser.setCookieId(newId, userid);
return newId;
}
}
/**
* loescht logindaten und loggt damit aus
*/
public void logout() {
logger.info(login + " logged out");
login = null;
}
public User getUser() {
checkLogin();
return login;
}
//schmeckt
public boolean makeSchmeckt(String gericht) throws SQLException {
if (login != null && !checkSchmeckt(gericht)) {
DBSaveRecipe savegericht = new DBSaveRecipe();
savegericht.makeTasty(gericht, login.getId());
Lifes.addLife(Lifes.CaseType.TASTES, login.getId(), gericht);
savegericht.close();
return true;
}
return false;
}
public boolean removeSchmeckt(String gericht) throws SQLException {
if (login != null && checkSchmeckt(gericht)) {
DBSaveRecipe savegericht = new DBSaveRecipe();
savegericht.unmakeTasty(gericht, login.getId());
savegericht.close();
return true;
}
return false;
}
public boolean checkSchmeckt(String gericht) throws SQLException {
if (login == null) {
return true;
}
DBSaveRecipe savegericht = new DBSaveRecipe();
boolean check = savegericht.isTasty(gericht, login.getId());
savegericht.close();
return check;
}
public void deleteCookieID(String id) throws SQLException {
DBUser dbuser = new DBUser();
dbuser.deleteCookieId(id);
dbuser.close();
logger.info("deleted persistent cookieid: " + id);
}
public static class UserAuth {
public String username;
public String password;
public boolean stayLoggedIn;
public int appId;
}
}