if (password == null || password.isEmpty() ) {
throw new WebApplicationException(Response.Status.UNAUTHORIZED);
}
// Authenticate the user before returning any information
AuthenticationResponse response =
securityService.authenticateUser(username, password);
// Don't return user information if authentication failed
if (!response.isSuccess()) {
throw new WebApplicationException(Response.Status.UNAUTHORIZED);
}
return mapper.map(response.getUser(), User.class);
}