ch.windmobile.server.social.mongodb.AuthenticationServiceImpl.java Source code

Java tutorial

Introduction

Here is the source code for ch.windmobile.server.social.mongodb.AuthenticationServiceImpl.java

Source

/*******************************************************************************
 * Copyright (c) 2011 epyx SA.
 *
 * This program is free software: you can redistribute it and/or modify it under
 * the terms of the GNU Affero General Public License as published by the Free
 * Software Foundation, either version 3 of the License, or (at your option) any
 * later version.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
 * FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
 * details.
 *
 * You should have received a copy of the GNU Affero General Public License along
 * with this program.  If not, see <http://www.gnu.org/licenses/>.
 *******************************************************************************/
package ch.windmobile.server.social.mongodb;

import java.security.NoSuchAlgorithmException;

import ch.windmobile.server.social.mongodb.util.AuthenticationServiceUtil;
import ch.windmobile.server.socialmodel.AuthenticationService;

import com.mongodb.BasicDBObject;
import com.mongodb.DB;
import com.mongodb.DBCollection;
import com.mongodb.DBObject;

public class AuthenticationServiceImpl extends BaseMongoDBService implements AuthenticationService {

    public AuthenticationServiceImpl(DB database) {
        super(database);
    }

    @Override
    public String authenticate(final String email, final Object password) throws AuthenticationServiceException {
        if (password == null) {
            throw new IllegalArgumentException("Password cannot be null");
        }
        DBCollection col = db.getCollection(MongoDBConstants.COLLECTION_USERS);
        // Search user by email
        DBObject user = col.findOne(new BasicDBObject(MongoDBConstants.USER_PROP_EMAIL, email));
        if (user != null) {
            String b64 = (String) user.get(MongoDBConstants.USER_PROP_SHA1);
            try {
                boolean ok = AuthenticationServiceUtil.validateSHA1(email, password.toString(), b64);
                if (ok) {
                    return (String) user.get(MongoDBConstants.USER_PROP_ROLE);
                } else {
                    throw new AuthenticationService.AuthenticationServiceException("Invalid password");
                }
            } catch (NoSuchAlgorithmException e) {
                throw new AuthenticationService.AuthenticationServiceException(
                        "Unexcepted error : " + e.getMessage());
            }
        }
        throw new AuthenticationService.AuthenticationServiceException("User not found");
    }
}