package security;
import be.objectify.deadbolt.core.models.Subject;
import be.objectify.deadbolt.java.DeadboltHandler;
import be.objectify.deadbolt.java.DynamicResourceHandler;
import controllers.SecurityController;
import models.DaoManager;
import models.entities.User;
import play.Logger;
import play.db.jpa.Transactional;
import play.libs.F;
import play.mvc.Http;
import play.mvc.Result;
import static play.mvc.Results.forbidden;
/**
* Created by kiryl on 15.08.2014.
*/
public class MyDeadboltHandler implements DeadboltHandler {
@Override
public F.Promise<Result> beforeAuthCheck(final Http.Context context) {
return F.Promise.pure(null);
}
@Override
public Subject getSubject(final Http.Context context) {
User user = null;
String[] authTokenHeaderValues = context.request().headers().get(SecurityController.AUTH_TOKEN_HEADER);
if ((authTokenHeaderValues != null) && (authTokenHeaderValues.length == 1) && (authTokenHeaderValues[0] != null)) {
Logger.debug("got token "+ authTokenHeaderValues[0]);
user = DaoManager.getUserDao().findByAuthToken(authTokenHeaderValues[0]);
Logger.debug("found by token user " + user.getIdentifier());
Logger.debug("user roles size" + user.getRoles().size() + " first role is " + user.getRoles().get(0).getName());
if (user != null) {
context.args.put("user", user);
}
}
return user;
}
@Override
public DynamicResourceHandler getDynamicResourceHandler(
final Http.Context context) {
return null;
}
@Override
public F.Promise<Result> onAuthFailure(final Http.Context context,
final String content) {
return F.Promise.promise(new F.Function0<Result>() {
@Override
public Result apply() throws Throwable {
return forbidden("Forbidden");
}
});
}
}