Adding Login logic and updating navigation.

Adding a LoginAuthenticator to parse session cookies and a
LoginPageResource to handle submissions to the login page.
Also updating the navigation header to show Take Assessment when the
user is authenticated.

3 files changed, 168 insertions, 0 deletions

diff --git a/src/com/p4square/grow/frontend/GrowFrontend.java b/src/com/p4square/grow/frontend/GrowFrontend.java
index 7283ea1..85b223b 100644
--- a/src/com/p4square/grow/frontend/GrowFrontend.java
+++ b/src/com/p4square/grow/frontend/GrowFrontend.java
@@ -24,6 +24,19 @@ import net.jesterpm.fmfacade.FreeMarkerPageResource;
 public class GrowFrontend extends FMFacade {
     private static Logger cLog = Logger.getLogger(GrowFrontend.class);
 
+    @Override
+    protected Router createRouter() {
+        Router router = new Router(getContext());
+
+        final LoginAuthenticator defaultGuard = 
+            new LoginAuthenticator(getContext(), true, "login.html");
+        defaultGuard.setNext(FreeMarkerPageResource.class);
+        router.attachDefault(defaultGuard);
+        router.attach("/login.html", LoginPageResource.class);
+
+        return router;
+    }
+
     /**
      * Stand-alone main for testing.
      */
diff --git a/src/com/p4square/grow/frontend/LoginAuthenticator.java b/src/com/p4square/grow/frontend/LoginAuthenticator.java
new file mode 100644
index 0000000..64f5827
--- /dev/null
+++ b/src/com/p4square/grow/frontend/LoginAuthenticator.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2013 Jesse Morgan
+ */
+
+package com.p4square.grow.frontend;
+
+import org.apache.log4j.Logger;
+
+import org.restlet.Context;
+import org.restlet.Request;
+import org.restlet.Response;
+import org.restlet.security.Authenticator;
+import org.restlet.security.User;
+
+/**
+ * LoginAuthenticator decrypts a cookie containing the user's session info
+ * and makes that information available as the ClientInfo's User object.
+ *
+ * If this Authenticator is not optional, the user will be redirected to a
+ * login page.
+ *
+ * @author Jesse Morgan <jesse@jesterpm.net>
+ */
+public class LoginAuthenticator extends Authenticator {
+    private static Logger cLog = Logger.getLogger(LoginAuthenticator.class);
+
+    public static final String COOKIE_NAME = "growsession";
+
+    private final String mLoginPage;
+
+    public LoginAuthenticator(Context context, boolean optional, String loginPage) {
+        super(context, optional);
+
+        mLoginPage = loginPage;
+    }
+
+    protected boolean authenticate(Request request, Response response) {
+        // Check for authentication cookie
+        final String cookie = request.getCookies().getFirstValue(COOKIE_NAME);
+        if (cookie != null) {
+            cLog.debug("Got cookie: " + cookie);
+            // TODO Decrypt user info
+            User user = new User(cookie);
+            request.getClientInfo().setUser(user);
+            return true;
+        }
+
+        // Challenge the user if not authenticated
+        response.redirectSeeOther(mLoginPage);
+        return false;
+    }
+}
diff --git a/src/com/p4square/grow/frontend/LoginPageResource.java b/src/com/p4square/grow/frontend/LoginPageResource.java
new file mode 100644
index 0000000..ac9f651
--- /dev/null
+++ b/src/com/p4square/grow/frontend/LoginPageResource.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright 2013 Jesse Morgan
+ */
+
+package com.p4square.grow.frontend;
+
+import java.util.Map;
+
+import freemarker.template.Template;
+
+import org.restlet.data.Form;
+import org.restlet.data.MediaType;
+import org.restlet.data.Status;
+import org.restlet.resource.ServerResource;
+import org.restlet.representation.Representation;
+import org.restlet.ext.freemarker.TemplateRepresentation;
+
+import org.apache.log4j.Logger;
+
+import net.jesterpm.fmfacade.FreeMarkerPageResource;
+
+/**
+ * LoginPageResource presents a login page template and processes the response.
+ * Upon successful authentication, the user is redirected to another page and
+ * a cookie is set.
+ *
+ * @author Jesse Morgan <jesse@jesterpm.net>
+ */
+public class LoginPageResource extends FreeMarkerPageResource {
+    private static Logger cLog = Logger.getLogger(LoginPageResource.class);
+
+    private GrowFrontend mGrowFrontend;
+
+    private String mErrorMessage;
+
+    @Override
+    public void doInit() {
+        super.doInit();
+
+        mGrowFrontend = (GrowFrontend) getApplication();
+
+        mErrorMessage = null;
+    }
+
+    /**
+     * Return the login page.
+     */
+    @Override
+    protected Representation get() {
+        Template t = mGrowFrontend.getTemplate("pages/login.html.ftl");
+
+        try {
+            if (t == null) {
+                setStatus(Status.CLIENT_ERROR_NOT_FOUND);
+                return null;
+            }
+
+            Map<String, Object> root = getRootObject();
+
+            root.put("errorMessage", mErrorMessage);
+
+            return new TemplateRepresentation(t, root, MediaType.TEXT_HTML);
+
+        } catch (Exception e) {
+            cLog.fatal("Could not render page: " + e.getMessage(), e);
+            setStatus(Status.SERVER_ERROR_INTERNAL);
+            return null;
+        }
+    }
+
+    /**
+     * Process login and authenticate the user.
+     */
+    @Override
+    protected Representation post(Representation entity) {
+        final Form form = new Form(entity);
+        final String email = form.getFirstValue("email");
+        final String password = form.getFirstValue("password");
+
+        boolean authenticated = false;
+
+        // TODO: Do something real here
+        if (email != null && !"".equals(email)) {
+            cLog.debug("Got login request from " + email);
+
+            // TODO: Encrypt user info
+            getResponse().getCookieSettings().add(LoginAuthenticator.COOKIE_NAME, email);
+
+            authenticated = true;
+        }
+
+        if (authenticated) {
+            // TODO: Better return url.
+            getResponse().redirectSeeOther("/index.html");
+            return null;
+
+        } else {
+            // Send them back to the login page...
+            mErrorMessage = "Incorrect Email or Password.";
+            return get();
+        }
+    }
+}