com.mothsoft.alexis.dao.UserDaoImpl.java Source code

Java tutorial

Introduction

Here is the source code for com.mothsoft.alexis.dao.UserDaoImpl.java

Source

/*   Copyright 2012 Tim Garrett, Mothsoft LLC
 *
 *  Licensed under the Apache License, Version 2.0 (the "License");
 *  you may not use this file except in compliance with the License.
 *  You may obtain a copy of the License at
 *
 *      http://www.apache.org/licenses/LICENSE-2.0
 *
 *  Unless required by applicable law or agreed to in writing, software
 *  distributed under the License is distributed on an "AS IS" BASIS,
 *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *  See the License for the specific language governing permissions and
 *  limitations under the License.
 */
package com.mothsoft.alexis.dao;

import java.util.Date;
import java.util.List;
import java.util.UUID;

import javax.persistence.EntityManager;
import javax.persistence.PersistenceContext;
import javax.persistence.Query;

import org.apache.log4j.Logger;
import org.springframework.stereotype.Repository;

import com.mothsoft.alexis.domain.DateConstants;
import com.mothsoft.alexis.domain.User;
import com.mothsoft.alexis.domain.UserApiToken;

@Repository
public class UserDaoImpl implements UserDao {

    private static final Logger logger = Logger.getLogger(UserDaoImpl.class);

    @PersistenceContext
    private EntityManager em;

    public void setEm(EntityManager em) {
        this.em = em;
    }

    public void add(final User user) {
        this.em.persist(user);
    }

    public User get(final Long id) {
        return this.em.find(User.class, id);
    }

    public User findUserByUsername(String username) {
        @SuppressWarnings("unchecked")
        final List<User> users = this.em.createQuery("from User u where u.username = :username")
                .setParameter("username", username).getResultList();
        if (users == null || users.size() != 1) {
            return null;
        }
        return users.get(0);
    }

    public void update(User user) {
        this.em.merge(user);
    }

    @Override
    public UserApiToken createApiToken(User user) {
        purgeStaleTokens(user, DateConstants.ONE_HOUR_IN_MILLISECONDS);
        final UserApiToken token = new UserApiToken(user, UUID.randomUUID().toString());
        user.getApiTokens().add(token);
        this.em.persist(token);
        return token;
    }

    private void purgeStaleTokens(User user, Long millisAgeAllowed) {
        final Date oldestPermissible = new Date(System.currentTimeMillis() - millisAgeAllowed);
        final Query query = this.em.createQuery(
                "DELETE FROM UserApiToken token WHERE token.user.id = :userId AND token.lastUsed < :oldestDate");
        query.setParameter("userId", user.getId());
        query.setParameter("oldestDate", oldestPermissible);
        int purged = query.executeUpdate();

        logger.debug("Purged " + purged + " stale API tokens for user: " + user.getUsername());
    }

    @Override
    public boolean authenticate(String username, String token) {
        final Query query = this.em.createQuery(
                "SELECT token FROM UserApiToken token JOIN token.user user WHERE user.username = :username AND token.token = :token");
        query.setParameter("username", username);
        query.setParameter("token", token);

        final List<UserApiToken> tokens = query.getResultList();
        final boolean valid = tokens.size() == 1;

        if (valid) {
            tokens.get(0).used();
        }

        return valid;
    }

    @Override
    public void invalidateApiToken(UserApiToken token) {
        token.getUser().getApiTokens().remove(token);
        this.em.remove(token);
    }

}