StdUserService.java

package restx.security;

import com.google.common.base.Optional;

import static com.google.common.base.Preconditions.checkNotNull;

/**
 * Date: 14/12/13
 * Time: 15:09
 */
public class StdUserService<U extends RestxPrincipal> implements UserService<U> {
    private final UserRepository<U> repository;
    private final CredentialsStrategy checker;
    private final String defaultAdminPasswordHash;

    public StdUserService(UserRepository<U> repository,
                          CredentialsStrategy checker,
                          String defaultAdminPasswordHash) {
        this.repository = checkNotNull(repository);
        this.checker = checkNotNull(checker);
        this.defaultAdminPasswordHash = checkNotNull(defaultAdminPasswordHash);
    }

    @Override
    public Optional<U> findUserByName(String name) {
        Optional<U> user = repository.findUserByName(name);
        if (!user.isPresent()) {
            U defaultAdmin = repository.defaultAdmin();
            if (defaultAdmin.getName().equals(name) && !repository.isAdminDefined()) {
                return Optional.of(defaultAdmin);
            }
        }
        return user;
    }

    @Override
    public Optional<U> findAndCheckCredentials(String name, String passwordHash) {
        Optional<U> user = findUserByName(name);
        if (!user.isPresent()) {
            return Optional.absent();
        }

        Optional<String> credential = repository.findCredentialByUserName(name);
        if (!credential.isPresent()) {
            if (repository.defaultAdmin() == user.get()) {
                if (defaultAdminPasswordHash.equals(passwordHash)) {
                    return user;
                }
            }

            return Optional.absent();
        }

        if (checker.checkCredentials(name, passwordHash, credential.get())) {
            return user;
        } else {
            return Optional.absent();
        }
    }
}