Java tutorial
/* Copyright 2012 Tim Garrett, Mothsoft LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.mothsoft.alexis.dao; import java.util.Date; import java.util.List; import java.util.UUID; import javax.persistence.EntityManager; import javax.persistence.PersistenceContext; import javax.persistence.Query; import org.apache.log4j.Logger; import org.springframework.stereotype.Repository; import com.mothsoft.alexis.domain.DateConstants; import com.mothsoft.alexis.domain.User; import com.mothsoft.alexis.domain.UserApiToken; @Repository public class UserDaoImpl implements UserDao { private static final Logger logger = Logger.getLogger(UserDaoImpl.class); @PersistenceContext private EntityManager em; public void setEm(EntityManager em) { this.em = em; } public void add(final User user) { this.em.persist(user); } public User get(final Long id) { return this.em.find(User.class, id); } public User findUserByUsername(String username) { @SuppressWarnings("unchecked") final List<User> users = this.em.createQuery("from User u where u.username = :username") .setParameter("username", username).getResultList(); if (users == null || users.size() != 1) { return null; } return users.get(0); } public void update(User user) { this.em.merge(user); } @Override public UserApiToken createApiToken(User user) { purgeStaleTokens(user, DateConstants.ONE_HOUR_IN_MILLISECONDS); final UserApiToken token = new UserApiToken(user, UUID.randomUUID().toString()); user.getApiTokens().add(token); this.em.persist(token); return token; } private void purgeStaleTokens(User user, Long millisAgeAllowed) { final Date oldestPermissible = new Date(System.currentTimeMillis() - millisAgeAllowed); final Query query = this.em.createQuery( "DELETE FROM UserApiToken token WHERE token.user.id = :userId AND token.lastUsed < :oldestDate"); query.setParameter("userId", user.getId()); query.setParameter("oldestDate", oldestPermissible); int purged = query.executeUpdate(); logger.debug("Purged " + purged + " stale API tokens for user: " + user.getUsername()); } @Override public boolean authenticate(String username, String token) { final Query query = this.em.createQuery( "SELECT token FROM UserApiToken token JOIN token.user user WHERE user.username = :username AND token.token = :token"); query.setParameter("username", username); query.setParameter("token", token); final List<UserApiToken> tokens = query.getResultList(); final boolean valid = tokens.size() == 1; if (valid) { tokens.get(0).used(); } return valid; } @Override public void invalidateApiToken(UserApiToken token) { token.getUser().getApiTokens().remove(token); this.em.remove(token); } }