1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
|
/*
* Copyright 2013 Jesse Morgan
*/
package com.p4square.grow.frontend;
import org.apache.log4j.Logger;
import org.restlet.Context;
import org.restlet.Request;
import org.restlet.Response;
import org.restlet.data.ChallengeResponse;
import org.restlet.data.ChallengeScheme;
import org.restlet.data.Form;
import org.restlet.data.Reference;
import org.restlet.security.Authenticator;
import org.restlet.security.Verifier;
/**
* LoginFormAuthenticator changes
*
*
* @author Jesse Morgan <jesse@jesterpm.net>
*/
public class LoginFormAuthenticator extends Authenticator {
private static final Logger LOG = Logger.getLogger(LoginFormAuthenticator.class);
private final Verifier mVerifier;
private String mLoginPage = "/login.html";
private String mLoginPostUrl = "/authenticate";
private String mDefaultRedirect = "/index.html";
public LoginFormAuthenticator(Context context, boolean optional, Verifier verifier) {
super(context, false, optional, null);
mVerifier = verifier;
}
public void setLoginFormUrl(String url) {
mLoginPage = url;
}
public void setLoginPostUrl(String url) {
mLoginPostUrl = url;
}
@Override
protected int beforeHandle(Request request, Response response) {
if (request.getClientInfo().isAuthenticated()) {
// TODO: Logout
LOG.debug("Already authenticated. Skipping");
return CONTINUE;
} else {
return super.beforeHandle(request, response);
}
}
@Override
protected boolean authenticate(Request request, Response response) {
String requestPath = request.getResourceRef().getPath();
boolean isLoginAttempt = mLoginPostUrl.equals(requestPath);
Form query = request.getOriginalRef().getQueryAsForm();
String redirect = query.getFirstValue("redirect");
if (redirect == null) {
if (isLoginAttempt) {
redirect = mDefaultRedirect;
} else {
redirect = request.getResourceRef().getRelativePart();
}
}
boolean authenticationFailed = false;
if (isLoginAttempt) {
LOG.debug("Attempting authentication");
// Process login form
final Form form = new Form(request.getEntity());
final String email = form.getFirstValue("email");
final String password = form.getFirstValue("password");
boolean authenticated = false;
if (email != null && !"".equals(email) &&
password != null && !"".equals(password)) {
LOG.debug("Got login request from " + email);
request.setChallengeResponse(
new ChallengeResponse(ChallengeScheme.HTTP_BASIC, email, password.toCharArray()));
// We expect the verifier to setup the User object.
int result = mVerifier.verify(request, response);
if (result == Verifier.RESULT_VALID) {
// TODO: Ensure redirect is a relative url.
response.redirectSeeOther(redirect);
return true;
}
}
authenticationFailed = true;
}
if (!isOptional() || authenticationFailed) {
Reference ref = new Reference(mLoginPage);
ref.addQueryParameter("redirect", redirect);
if (authenticationFailed) {
ref.addQueryParameter("retry", "t");
}
LOG.debug("Redirecting to " + ref.toString());
response.redirectSeeOther(ref.toString());
}
LOG.debug("Failing authentication.");
return false;
}
}
|
