001/** 002 * Copyright (C) 2014 Universidade de Aveiro, DETI/IEETA, Bioinformatics Group - http://bioinformatics.ua.pt/ 003 * 004 * This file is part of Dicoogle/dicoogle. 005 * 006 * Dicoogle/dicoogle is free software: you can redistribute it and/or modify 007 * it under the terms of the GNU General Public License as published by 008 * the Free Software Foundation, either version 3 of the License, or 009 * (at your option) any later version. 010 * 011 * Dicoogle/dicoogle is distributed in the hope that it will be useful, 012 * but WITHOUT ANY WARRANTY; without even the implied warranty of 013 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 014 * GNU General Public License for more details. 015 * 016 * You should have received a copy of the GNU General Public License 017 * along with Dicoogle. If not, see <http://www.gnu.org/licenses/>. 018 */ 019package pt.ua.dicoogle.server.web.auth; 020 021import pt.ua.dicoogle.server.users.*; 022 023import java.util.HashMap; 024import java.util.Map; 025import java.util.UUID; 026 027/** 028 * Provides login routines for users. 029 * 030 * @author António Novo <antonio.novo@ua.pt> 031 */ 032public class Authentication 033{ 034 private static Authentication instance = null; 035 private final UsersStruct users; 036 037 private final Map<String, String> usersToken = new HashMap<>(); 038 private final Map<String, String> tokenUsers = new HashMap<>(); 039 040 private Authentication() 041 { 042 RolesXML rolesXML = new RolesXML(); 043 RolesStruct rolesStruct = rolesXML.getXML(); 044 // init the user list, if it wasn't done yet 045 UsersXML usersXML = new UsersXML(); 046 usersXML.getXML(); 047 048 // gets the instance of the user list 049 users = UsersStruct.getInstance(); 050 } 051 052 /** 053 * Returns the current instance of the authentication singleton. 054 * 055 * @return the current instance of the authentication singleton. 056 */ 057 public static synchronized Authentication getInstance() 058 { 059 if (instance == null) 060 instance = new Authentication(); 061 062 return instance; 063 } 064 065 066 public User getUsername(String token) 067 { 068 String user = tokenUsers.get(token); 069 if (user==null) 070 return null; 071 return UsersStruct.getInstance().getUser(user); 072 073 } 074 075 public void logout(String token){ 076 String user = tokenUsers.get(token); 077 String ntoken = usersToken.get(user); 078 tokenUsers.remove(ntoken); 079 usersToken.remove(user); 080 081 } 082 083 /** 084 * Attempts to login on the platform. 085 * 086 * @param username the user name of the user to login. 087 * @param password the clear text password of the user. 088 * @return a Login object if successful login, null otherwise. 089 */ 090 public LoggedIn login(String username, String password) 091 { 092 // must have both username and password 093 if ((username == null) || (password == null)) 094 return null; 095 096 // check if the user exists in the user list 097 User user = users.getUser(username); 098 if (user == null) 099 return null; 100 101 // calculate the supplied passwords hash and see if it matches the users 102 String passwordHash = HashService.getSHA1Hash(password); 103 if (! user.verifyPassword(passwordHash)) 104 return null; 105 LoggedIn in = new LoggedIn(username, user.isAdmin()); 106 if (usersToken.containsKey(username)) 107 in.setToken(usersToken.get(username)); 108 109 else { 110 String token =UUID.randomUUID().toString(); 111 usersToken.put(username, token); 112 tokenUsers.put(token, username); 113 in.setToken(usersToken.get(username)); 114 } 115 // return a successfull login object 116 return in; 117 } 118}