package blog.security;
import java.io.*;
import javax.enterprise.context.*;
import javax.inject.*;
import javax.servlet.http.*;
import blog.user.*;
@Named @RequestScoped
public class Authenticator implements Serializable
{
private static final long serialVersionUID = 1L;
@Inject private UserService userService;
@Inject private HttpSession session;
@Inject private Identity identity;
private String username;
private String password;
public String getUsername() { return username; }
public void setUsername(String username) { this.username = username; }
public String getPassword() { return password; }
public void setPassword(String password) { this.password = password; }
public boolean login()
{
User user = userService.findByUsername(username);
if (user != null && user.verifyPassword(password)) {
identity.setLoggedIn(true);
identity.setUser(user);
return true;
}
return false;
}
public void logout()
{
session.invalidate();
}
}