Java tutorial
/******************************************************************************* * Copyright (c) 2011 epyx SA. * * This program is free software: you can redistribute it and/or modify it under * the terms of the GNU Affero General Public License as published by the Free * Software Foundation, either version 3 of the License, or (at your option) any * later version. * * This program is distributed in the hope that it will be useful, but WITHOUT * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more * details. * * You should have received a copy of the GNU Affero General Public License along * with this program. If not, see <http://www.gnu.org/licenses/>. *******************************************************************************/ package ch.windmobile.server.social.mongodb; import java.security.NoSuchAlgorithmException; import ch.windmobile.server.social.mongodb.util.AuthenticationServiceUtil; import ch.windmobile.server.socialmodel.AuthenticationService; import com.mongodb.BasicDBObject; import com.mongodb.DB; import com.mongodb.DBCollection; import com.mongodb.DBObject; public class AuthenticationServiceImpl extends BaseMongoDBService implements AuthenticationService { public AuthenticationServiceImpl(DB database) { super(database); } @Override public String authenticate(final String email, final Object password) throws AuthenticationServiceException { if (password == null) { throw new IllegalArgumentException("Password cannot be null"); } DBCollection col = db.getCollection(MongoDBConstants.COLLECTION_USERS); // Search user by email DBObject user = col.findOne(new BasicDBObject(MongoDBConstants.USER_PROP_EMAIL, email)); if (user != null) { String b64 = (String) user.get(MongoDBConstants.USER_PROP_SHA1); try { boolean ok = AuthenticationServiceUtil.validateSHA1(email, password.toString(), b64); if (ok) { return (String) user.get(MongoDBConstants.USER_PROP_ROLE); } else { throw new AuthenticationService.AuthenticationServiceException("Invalid password"); } } catch (NoSuchAlgorithmException e) { throw new AuthenticationService.AuthenticationServiceException( "Unexcepted error : " + e.getMessage()); } } throw new AuthenticationService.AuthenticationServiceException("User not found"); } }