Java tutorial
/* * Copyright 2014 nateriver. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package be.bittich.quote.controller.impl; import be.bittich.quote.controller.AuthController; import static be.bittich.quote.core.DynaUtil.extractAuthTokenFromRequest; import be.bittich.quote.model.User; import be.bittich.quote.service.TokenService; import be.bittich.quote.service.UserService; import be.bittich.quote.vo.SecurityToken; import be.bittich.quote.vo.UserVO; import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; import javax.ws.rs.core.Context; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.UserDetails; import org.springframework.web.bind.annotation.RequestBody; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.web.bind.annotation.RestController; /** * * @author nateriver */ @RestController("authController") @RequestMapping(value = "/auth") public class AuthControllerImpl implements AuthController { @Autowired private UserService userService; @Autowired private TokenService tokenService; @Autowired private AuthenticationManager authenticationManager; @Override @RequestMapping(value = "/login", method = RequestMethod.POST) @ResponseStatus(HttpStatus.OK) public SecurityToken authenticate(@Context HttpServletRequest request, @RequestBody @Valid UserVO userVO) { UsernamePasswordAuthenticationToken authenticationToken = new UsernamePasswordAuthenticationToken( userVO.getUsername(), userVO.getPassword()); Authentication authentication = authenticationManager.authenticate(authenticationToken); SecurityContextHolder.getContext().setAuthentication(authentication); UserDetails userDetails = this.userService.loadUserByUsername(userVO.getUsername()); SecurityToken createToken = tokenService.createToken(userDetails, request.getRemoteAddr()); return createToken; } @Override @RequestMapping(value = "/current", method = RequestMethod.GET) @ResponseStatus(HttpStatus.OK) public User getCurrentUser(@Context HttpServletRequest request) { String authToken = extractAuthTokenFromRequest(request); String username = tokenService.getUsernameFromToken(authToken); User user = userService.findOneByUsername(username); return user; } }