AuthServiceImpl.java

/*******************************************************************************
 * Copyright 2011 Alex 'Ript' Malyshev <alexript@gmail.com>
 * 
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 * 
 *   http://www.apache.org/licenses/LICENSE-2.0
 * 
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 ******************************************************************************/

package net.autosauler.ballance.server;

import java.net.MalformedURLException;
import java.net.URL;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import net.autosauler.ballance.client.AuthService;
import net.autosauler.ballance.client.SessionId;
import net.autosauler.ballance.server.model.User;
import net.autosauler.ballance.shared.UserRole;

import com.allen_sauer.gwt.log.client.Log;
import com.google.gwt.user.server.rpc.RemoteServiceServlet;

/**
 * The Class AuthServiceImpl.
 */
public class AuthServiceImpl extends RemoteServiceServlet implements
		AuthService {

	/** The Constant serialVersionUID. */
	private static final long serialVersionUID = 5272457632267707581L;

	/*
	 * (non-Javadoc)
	 * 
	 * @see net.autosauler.ballance.client.AuthService#chkAuth(java.lang.String,
	 * java.lang.String)
	 */
	@Override
	public SessionId chkAuth(String login, String password) {
		login = login.trim();
		password = password.trim();
		HttpServletRequest request = getThreadLocalRequest();
		String urlAddress = request.getRequestURL().toString();
		String hostname = "127.0.0.1";
		try {
			URL url = new URL(urlAddress);
			hostname = url.getHost().trim();

		} catch (MalformedURLException e) {
			Log.error(e.getMessage());
		}

		boolean valid = false;

		String username = "Anonymous";
		UserRole userrole = new UserRole();
		Long uid = -1L;

		User user = User.find(login, hostname);
		if (user != null) {
			valid = user.isValidUser(password) && user.isActive()
					&& !user.isTrash();
			if (valid) {
				username = user.getUsername();
				userrole.setRole(user.getUserroleAsInt());
				uid = user.getUid();

				HttpSession httpSession = getThreadLocalRequest().getSession();
				httpSession.setMaxInactiveInterval(1000 * 60 * 60);
				SessionId sessionid = new SessionId();
				sessionid.setSessionId(httpSession.getId());
				sessionid.setUsername(username);
				httpSession.setAttribute("username", username);
				sessionid.setUserrole(userrole);
				httpSession.setAttribute("userrole", userrole.getRole());
				sessionid.setUid(uid);
				httpSession.setAttribute("uid", uid);
				httpSession.setAttribute("login", login);
				httpSession.setAttribute("domain", hostname);
				return sessionid;

			}
		}
		return null;
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see net.autosauler.ballance.client.AuthService#logoff()
	 */
	@Override
	public void logoff() {
		HttpSession httpSession = getThreadLocalRequest().getSession(false);
		httpSession.removeAttribute("login");
		httpSession.removeAttribute("domain");
		httpSession.removeAttribute("uid");
		httpSession.removeAttribute("username");
		httpSession.removeAttribute("userrole");
	}

	/*
	 * (non-Javadoc)
	 * 
	 * @see
	 * net.autosauler.ballance.client.AuthService#session(net.autosauler.ballance
	 * .client.SessionId)
	 */
	@Override
	public SessionId session(SessionId sessionId) {
		HttpSession httpSession = getThreadLocalRequest().getSession(false);
		if (httpSession != null) {
			try {
				sessionId.setSessionId(httpSession.getId());
				String username = (String) httpSession.getAttribute("username");
				// System.err.println("stored username: " + username);
				if (username == null) {
					username = "Anonymous";
				}
				sessionId.setUsername(username);
				UserRole userrole = HttpUtilities.getUserRole(httpSession);
				sessionId.setUserrole(userrole);
				Long uid = (Long) httpSession.getAttribute("uid");
				if (uid == null) {
					uid = -1L;
				}
				sessionId.setUid(uid);
			} catch (IllegalStateException e) {
				System.err.println(e.getMessage());
				// sessionId.setUsername(e.getMessage());
				sessionId.setSessionId("");
			}
			return sessionId;
		}// end if(result == null)
		return null;
	}

}