Merge branch 'main' of https://github.com/RIT-SWEN-261-02/team-project-2245-swen-261-02-2b-jellysolutions

author: benal01 <bja4245@rit.edu> 2025-04-01 09:34:36 -0400
committer: benal01 <bja4245@rit.edu> 2025-04-01 09:34:36 -0400
commit: 7ed26c5ee7171a502f6f8527fc55de2bb77eab3b (patch)
tree: 2046e58c146097aac21c9e352771420c31df6589 /ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
parent: ef46ddd082bb91d0262363536d46fe3eb4da47be (diff)
parent: d8330f1ac85b26d08ca4df5ce3875078d7b4f47f (diff)
download: JellySolutions-7ed26c5ee7171a502f6f8527fc55de2bb77eab3b.tar.gz
JellySolutions-7ed26c5ee7171a502f6f8527fc55de2bb77eab3b.tar.bz2
JellySolutions-7ed26c5ee7171a502f6f8527fc55de2bb77eab3b.zip
1 files changed, 46 insertions, 12 deletions
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
index 87a16a6..cdce80d 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
@@ -1,11 +1,12 @@
 package com.ufund.api.ufundapi.service;
 
+import java.io.IOException;
+
+import org.springframework.stereotype.Component;
+
 import com.ufund.api.ufundapi.model.User;
 import com.ufund.api.ufundapi.model.UserAuth;
 import com.ufund.api.ufundapi.persistence.UserAuthDAO;
-import org.springframework.stereotype.Component;
-
-import java.io.IOException;
 
 @Component
 public class AuthService {
@@ -24,18 +25,51 @@ public class AuthService {
      * @param targetUsername The targetUsername of the user trying to be accessed.
      * @param key The api key obtained by the client from logging in.
      * @throws IllegalAccessException Thrown if access was denied to the user.
+     * @throws IOException Thrown on a file writing issue
+     */
+    public void keyHasAccessToUser(String targetUsername, String key) throws IllegalAccessException, IOException {
+        var userAuth = userAuthDAO.getUserAuth(key);
+        if (userAuth == null) {
+            throw new IllegalAccessException("Invalid authentication key");
+        }
+
+       var username = userAuth.getUsername();
+       var userType = userService.getUser(username).getType();
+       if (!username.equals(targetUsername) && userType != User.UserType.MANAGER) {
+           throw new IllegalAccessException("Provided key does not grant access to perform the requested operation");
+       }
+    }
+
+    /**
+     * Check if the provided key is valid
+     * @param key The api key obtained by the client from logging in.
+     * @throws IllegalAccessException Thrown if access was denied to the user.
+     * @throws IOException Thrown on a file writing issue
+     */
+    public void keyIsValid(String key) throws IOException, IllegalAccessException {
+        var userAuth = userAuthDAO.getUserAuth(key);
+        if (userAuth == null) {
+            throw new IllegalAccessException("Invalid authentication key");
+        }
+    }
+
+    /**
+     * Check if the provided key has access to edit the cupboard
+     * @param key The api key obtained by the client from logging in.
+     * @throws IllegalAccessException Thrown if access was denied to the user.
+     * @throws IOException Thrown on a file writing issue
      */
-    public void authenticate(String targetUsername, String key) throws IllegalAccessException, IOException {
+    public void keyHasAccessToCupboard(String key) throws IOException, IllegalAccessException {
         var userAuth = userAuthDAO.getUserAuth(key);
         if (userAuth == null) {
-            throw new IllegalAccessException("Unauthenticated");
+            throw new IllegalAccessException("Invalid authentication key");
+        }
+
+        var username = userAuth.getUsername();
+        var userType = userService.getUser(username).getType();
+        if (userType != User.UserType.MANAGER) {
+            throw new IllegalAccessException("Provided key does not grant access to perform the requested operation");
         }
-//
-//        var username = userAuth.getUsername();
-//        var userType = userService.getUser(username).getType();
-//        if (!username.equals(targetUsername) && userType != User.UserType.MANAGER) {
-//            throw new IllegalAccessException("Unauthorized");
-//        }
     }
 
     /**
@@ -50,7 +84,7 @@ public class AuthService {
     public String login(String username, String password) throws IllegalAccessException, IOException {
         var usr = userService.getUser(username);
         if (usr == null || !usr.verifyPassword(password)) {
-            throw new IllegalAccessException("Unauthorized");
+            throw new IllegalAccessException("Incorrect username or password");
         }
         var userAuth = UserAuth.generate(username);
         userAuthDAO.addUserAuth(userAuth);
author	benal01 <bja4245@rit.edu>	2025-04-01 09:34:36 -0400
committer	benal01 <bja4245@rit.edu>	2025-04-01 09:34:36 -0400
commit	7ed26c5ee7171a502f6f8527fc55de2bb77eab3b (patch)
tree	2046e58c146097aac21c9e352771420c31df6589 /ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
parent	ef46ddd082bb91d0262363536d46fe3eb4da47be (diff)
parent	d8330f1ac85b26d08ca4df5ce3875078d7b4f47f (diff)
download	JellySolutions-7ed26c5ee7171a502f6f8527fc55de2bb77eab3b.tar.gz JellySolutions-7ed26c5ee7171a502f6f8527fc55de2bb77eab3b.tar.bz2 JellySolutions-7ed26c5ee7171a502f6f8527fc55de2bb77eab3b.zip