diff options
| author | Jesse Morgan <jesse@jesterpm.net> | 2013-08-27 08:28:16 -0700 |
|---|---|---|
| committer | Jesse Morgan <jesse@jesterpm.net> | 2013-08-27 08:28:16 -0700 |
| commit | 1cdb43bb3e432040aed18c05e129f0131ee7d20a (patch) | |
| tree | a4c5ad41d183b3874c990de0c5416d1810a1dc85 /src/com/p4square/grow/frontend/LoginAuthenticator.java | |
| parent | 9b33aaf27cd8f73402ee9967c6b0fd76a90f8ebe (diff) | |
Introducing F1 Authentication and Adding Site Content.
This change introduced the f1oauth and jesterpm oauth packages for
interacting with Fellowship One's developer API. I have also reworked
the login authentication to verify credentials through F1 and added
session management to track logged in users.
The Authenticator chain works as follows: on every page load we check
for a session cookie, if the cookie exists, the Request is marked as
authenticated and the OAuthUser object is restored in ClientInfo. If
this request is going to an account page, we require authentication. The
LoginFormAuthenticator checks if the user is already authenticated (via
cookie) and if not redirects the user to the login page. When the login
form is submitted, LoginFormAuthenticator catches the POST request and
authenticates the user through F1.
I'm also adding a new account page, but it is currently a work in
progress.
This commit also adds Allen's content to the site.
Diffstat (limited to 'src/com/p4square/grow/frontend/LoginAuthenticator.java')
| -rw-r--r-- | src/com/p4square/grow/frontend/LoginAuthenticator.java | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/src/com/p4square/grow/frontend/LoginAuthenticator.java b/src/com/p4square/grow/frontend/LoginAuthenticator.java deleted file mode 100644 index 64f5827..0000000 --- a/src/com/p4square/grow/frontend/LoginAuthenticator.java +++ /dev/null @@ -1,52 +0,0 @@ -/* - * Copyright 2013 Jesse Morgan - */ - -package com.p4square.grow.frontend; - -import org.apache.log4j.Logger; - -import org.restlet.Context; -import org.restlet.Request; -import org.restlet.Response; -import org.restlet.security.Authenticator; -import org.restlet.security.User; - -/** - * LoginAuthenticator decrypts a cookie containing the user's session info - * and makes that information available as the ClientInfo's User object. - * - * If this Authenticator is not optional, the user will be redirected to a - * login page. - * - * @author Jesse Morgan <jesse@jesterpm.net> - */ -public class LoginAuthenticator extends Authenticator { - private static Logger cLog = Logger.getLogger(LoginAuthenticator.class); - - public static final String COOKIE_NAME = "growsession"; - - private final String mLoginPage; - - public LoginAuthenticator(Context context, boolean optional, String loginPage) { - super(context, optional); - - mLoginPage = loginPage; - } - - protected boolean authenticate(Request request, Response response) { - // Check for authentication cookie - final String cookie = request.getCookies().getFirstValue(COOKIE_NAME); - if (cookie != null) { - cLog.debug("Got cookie: " + cookie); - // TODO Decrypt user info - User user = new User(cookie); - request.getClientInfo().setUser(user); - return true; - } - - // Challenge the user if not authenticated - response.redirectSeeOther(mLoginPage); - return false; - } -} |