Examples of org.structr.core.entity.Principal

• org.structr.core.entity.Principal
  @author Axel Morgner

        results = app.nodeQuery(Principal.class).and(User.confirmationKey, key).getResult();
      }

      if (!results.isEmpty()) {

        final Principal user = results.get(0);

        try (final Tx tx = app.tx()) {

          // Clear confirmation key and set session id
          user.setProperty(User.confirmationKey, null);

          if (auth.getUserAutoLogin()){

            AuthHelper.doLogin(request, user);
          }

  }

  @Override
  public void onRequest(CloudConnection serverConnection, ExportContext context) throws IOException, FrameworkException {

    final Principal user = serverConnection.getUser(userName);
    if (user != null) {

      try {
        this.keyLength = Math.min(keyLength, Cipher.getMaxAllowedKeyLength(CloudService.STREAM_CIPHER));
        this.salt      = user.getProperty(Principal.salt);

        serverConnection.impersonateUser(user);
        serverConnection.send(new AuthenticationResponse(userName, user.getEncryptedPassword(), salt, keyLength));

      } catch (Throwable t) {
        t.printStackTrace();
      }

  public void processMessage(final WebSocketMessage webSocketData) {

    final String sessionId = webSocketData.getSessionId();
    logger.log(Level.FINE, "PING received from session {0}", sessionId);

    final Principal currentUser = AuthHelper.getPrincipalForSessionId(sessionId);

    if (currentUser != null) {

      getWebSocket().send(MessageBuilder.status()
        .data("username", currentUser.getProperty(AbstractNode.name))
        .data("isAdmin", currentUser.getProperty(Principal.isAdmin))
        .code(100).build(), true);

    } else {

      logger.log(Level.FINE, "Invalid session id");

  @Override
  public SecurityContext initializeAndExamineRequest(final HttpServletRequest request, final HttpServletResponse response) throws FrameworkException {

    SecurityContext securityContext;

    Principal user = checkSessionAuthentication(request);

    if (user == null) {

      user = checkExternalAuthentication(request, response);

    ResourceAccess resourceAccess = ResourceAccess.findGrant(rawResourceSignature);

    Method method       = methods.get(request.getMethod());

    Principal user = getUser(request, true);
    boolean validUser = (user != null);

    // super user is always authenticated
    if (validUser && (user instanceof SuperUser || user.getProperty(Principal.isAdmin))) {
      return;
    }

    // no grants => no access rights
    if (resourceAccess == null) {

  }

  @Override
  public Principal doLogin(final HttpServletRequest request, final String emailOrUsername, final String password) throws AuthenticationException {

    Principal user = AuthHelper.getPrincipalForPassword(Person.eMail, emailOrUsername, password);
    if  (user != null) {

      AuthHelper.doLogin(request, user);
    }

  @Override
  public void doLogout(HttpServletRequest request) {

    try {
      Principal user = getUser(request, false);
      if (user != null) {

        AuthHelper.doLogout(request, user);
      }

        if (value != null) {

          PropertyKey credentialKey = oauthServer.getCredentialKey();

          Principal user = AuthHelper.getPrincipalForCredential(credentialKey, value);

          if (user == null && userAutoCreate) {

            user = RegistrationResource.createUser(superUserContext, credentialKey, value, true, userClass);

      request.getSession(true);

      return null;
    }

    Principal user = AuthHelper.getPrincipalForSessionId(sessionIdFromRequest);
    if (user != null) {

      return user;
    }

  @Override
  public Principal getUser(final HttpServletRequest request, final boolean tryLogin) throws FrameworkException {

    // First, check session (JSESSIONID cookie)
    Principal user = checkSessionAuthentication(request);

    if (user == null) {

      // Second, check X-Headers
      String userName = request.getHeader("X-User");