diff options
| author | sowgro <tpoke.ferrari@gmail.com> | 2025-03-17 23:16:29 -0400 |
|---|---|---|
| committer | sowgro <tpoke.ferrari@gmail.com> | 2025-03-17 23:16:29 -0400 |
| commit | 68515441acd77d3356e8ec8b58700411661fec13 (patch) | |
| tree | f3e08e4eecb5c06c8149d56ca08253a3c2d92607 /ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java | |
| parent | 7a5c5073e9e410b3ccc3ab7902a0d6f558277c7d (diff) | |
| parent | 275a6062007380389b7a8f1b8958e8033b4f0925 (diff) | |
| download | JellySolutions-68515441acd77d3356e8ec8b58700411661fec13.tar.gz JellySolutions-68515441acd77d3356e8ec8b58700411661fec13.tar.bz2 JellySolutions-68515441acd77d3356e8ec8b58700411661fec13.zip | |
Merge remote-tracking branch 'refs/remotes/origin/main' into funding_basket
# Conflicts:
# ufund-ui/src/app/components/funding-basket/funding-basket.component.ts
Diffstat (limited to 'ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java')
| -rw-r--r-- | ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java | 70 |
1 files changed, 70 insertions, 0 deletions
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java new file mode 100644 index 0000000..87a16a6 --- /dev/null +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java @@ -0,0 +1,70 @@ +package com.ufund.api.ufundapi.service; + +import com.ufund.api.ufundapi.model.User; +import com.ufund.api.ufundapi.model.UserAuth; +import com.ufund.api.ufundapi.persistence.UserAuthDAO; +import org.springframework.stereotype.Component; + +import java.io.IOException; + +@Component +public class AuthService { + + private final UserAuthDAO userAuthDAO; + private final UserService userService; + + public AuthService(UserAuthDAO userAuthDAO, UserService userService) { + this.userAuthDAO = userAuthDAO; + this.userService = userService; + } + + /** + * Check if the provided key has access to the provided user. + * + * @param targetUsername The targetUsername of the user trying to be accessed. + * @param key The api key obtained by the client from logging in. + * @throws IllegalAccessException Thrown if access was denied to the user. + */ + public void authenticate(String targetUsername, String key) throws IllegalAccessException, IOException { + var userAuth = userAuthDAO.getUserAuth(key); + if (userAuth == null) { + throw new IllegalAccessException("Unauthenticated"); + } +// +// var username = userAuth.getUsername(); +// var userType = userService.getUser(username).getType(); +// if (!username.equals(targetUsername) && userType != User.UserType.MANAGER) { +// throw new IllegalAccessException("Unauthorized"); +// } + } + + /** + * Attempt to log in with the provided credentials + * + * @param username The username of the user + * @param password The password of the user + * @return An API key if the authentication was successful. + * @throws IllegalAccessException Thrown if the username or password was incorrect + * @throws IOException If there was an issue saving the authentication + */ + public String login(String username, String password) throws IllegalAccessException, IOException { + var usr = userService.getUser(username); + if (usr == null || !usr.verifyPassword(password)) { + throw new IllegalAccessException("Unauthorized"); + } + var userAuth = UserAuth.generate(username); + userAuthDAO.addUserAuth(userAuth); + return userAuth.getKey(); + } + + /** + * Logs out the current user + * + * @param key The API key to of the client + * @throws IOException Thrown if there was an error saving the authentication + */ + public void logout(String key) throws IOException { + userAuthDAO.removeUserAuth(key); + } + +} |