Package com.dotmarketing.cms.login.action

Source Code of com.dotmarketing.cms.login.action.LoginAction

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
package com.dotmarketing.cms.login.action;

import java.util.List;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.dotcms.repackage.org.apache.struts.Globals;
import com.dotcms.repackage.org.apache.struts.action.ActionErrors;
import com.dotcms.repackage.org.apache.struts.action.ActionForm;
import com.dotcms.repackage.org.apache.struts.action.ActionForward;
import com.dotcms.repackage.org.apache.struts.action.ActionMapping;
import com.dotcms.repackage.org.apache.struts.action.ActionMessage;
import com.dotcms.repackage.org.apache.struts.action.ActionMessages;
import com.dotcms.repackage.org.apache.struts.actions.DispatchAction;

import com.dotcms.util.SecurityUtils;
import com.dotmarketing.beans.UserProxy;
import com.dotmarketing.business.APILocator;
import com.dotmarketing.business.Role;
import com.dotmarketing.cms.factories.PublicCompanyFactory;
import com.dotmarketing.cms.login.factories.LoginFactory;
import com.dotmarketing.cms.login.struts.LoginForm;
import com.dotmarketing.util.Config;
import com.dotmarketing.util.CookieUtil;
import com.dotmarketing.util.Logger;
import com.dotmarketing.util.UtilMethods;
import com.dotmarketing.util.WebKeys;
import com.liferay.portal.NoSuchUserException;
import com.liferay.portal.model.Company;
import com.liferay.portal.model.User;

/**
*
*/
public class LoginAction extends DispatchAction {

    public ActionForward unspecified(ActionMapping mapping, ActionForm lf, HttpServletRequest request,
            HttpServletResponse response) throws Exception {

      Logger.debug(this, "Locale: " + request.getSession().getAttribute(Globals.LOCALE_KEY));

        /*This was created for CSU-604
         * This code let it send messages of warning between pages, when
         * the session or request messages doesn't work
         * */
        if(UtilMethods.isSet(request.getParameter("message"))){
          ActionMessages message = new ActionMessages();
      message.add("message", new ActionMessage(request.getParameter("message")));
      saveMessages(request, message);
        }else if(UtilMethods.isSet(request.getParameter("error"))){
          ActionMessages errors = new ActionMessages();
      errors.add("errors", new ActionMessage(request.getParameter("error")));
      saveErrors(request, errors);
        }

        ActionForward af = (mapping.findForward("loginPage"));

        return af;
    }

    public ActionForward login(ActionMapping mapping, ActionForm lf, HttpServletRequest request,
            HttpServletResponse response) throws Exception {
        LoginForm form = (LoginForm) lf;

        /**
         * referrer can be used to have diferent login forms in diferent pages
         * so referer has to be set (as a hidden input) in the login form page to return there in case of an error or
         * success (the sucess url can be overriden by setting the session REDIRECT_AFTER_LOGIN property in the login form as well)
         */
        String referrer = null;
    if (request.getAttribute("referrer") != null && !request.getAttribute("referrer").toString().equalsIgnoreCase(""))
    {
      referrer = (String)request.getAttribute("referrer");
    }
    else if (request.getParameter("referrer") != null && !request.getParameter("referrer").toString().equalsIgnoreCase(""))
    {
      referrer = SecurityUtils.stripReferer(request, (String)request.getParameter("referrer"));
    }

    try {

          if (LoginFactory.doLogin(form, request, response)) {

            if(!UtilMethods.isSet(referrer))
              referrer = "/";

              User u = (User) request.getSession().getAttribute(WebKeys.CMS_USER);

              List<Role> userRoles = com.dotmarketing.business.APILocator.getRoleAPI().loadRolesForUser(u.getUserId());
              Role defaultRole = com.dotmarketing.business.APILocator.getRoleAPI().loadRoleByKey(Config.getStringProperty("CMS_VIEWER_ROLE"));
              if (!userRoles.contains(defaultRole)) {
                com.dotmarketing.business.APILocator.getRoleAPI().addRoleToUser(defaultRole.getId(), u);
              }

              UserProxy userproxy = com.dotmarketing.business.APILocator.getUserProxyAPI().getUserProxy(u,APILocator.getUserAPI().getSystemUser(), false);
              if (UtilMethods.isSet(userproxy.getLongLivedCookie())) {
                //reset cookie in request
                Cookie cookie = UtilMethods.getCookie(request.getCookies(), WebKeys.LONG_LIVED_DOTCMS_ID_COOKIE);
                if (cookie != null) {
                  cookie.setMaxAge(-1);
                  cookie.setPath("/");
                      response.addCookie(cookie);
                }
              }
              else {
              String _dotCMSID = "";
              if(!UtilMethods.isSet(UtilMethods.getCookieValue(request.getCookies(),
                  com.dotmarketing.util.WebKeys.LONG_LIVED_DOTCMS_ID_COOKIE))) {
                Cookie idCookie = CookieUtil.createCookie();

              }
              _dotCMSID = UtilMethods.getCookieValue(request.getCookies(),
                  com.dotmarketing.util.WebKeys.LONG_LIVED_DOTCMS_ID_COOKIE);
              userproxy.setLongLivedCookie(_dotCMSID);

              }

              request.getSession().removeAttribute(WebKeys.PENDING_ALERT_SEEN);

              if (request.getSession().getAttribute(WebKeys.REDIRECT_AFTER_LOGIN) != null) {
                  String redir = (String) request.getSession().getAttribute(WebKeys.REDIRECT_AFTER_LOGIN);
                  request.removeAttribute(WebKeys.REDIRECT_AFTER_LOGIN);
                  Logger.debug(this.getClass(), "redirecting after account creation: " + redir);
                  ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, redir));
                  af.setRedirect(true);
                  return af;
              }

          ActionMessages msg = new ActionMessages();
              msg.add(Globals.MESSAGE_KEY, new ActionMessage("message.Login.Successful"));
              request.setAttribute(Globals.MESSAGE_KEY, msg);

              ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, referrer));
              af.setRedirect(true);
              return af;
          }
          else if (isUserInactive(form, request)) {
            return mapping.findForward("resendActivationPage");
          }

          Logger.debug(this, "Failed login redirecting to: " + referrer);
          ActionErrors errors = new ActionErrors();
          errors.add(Globals.ERROR_KEY, new ActionMessage("errors.password.mismatch"));
          request.getSession().setAttribute(Globals.ERROR_KEY, errors);

          if(referrer != null && !referrer.equals("/")) {
            ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, referrer));
            af.setRedirect(true);
            return af;
          } else {
            if (!Config.getBooleanProperty("USE_CHALLENGE_QUESTION")) {
                if(referrer != null && !referrer.equals("/")) {
                  ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, referrer));
                  af.setRedirect(true);
                  return af;
                } else
                  return mapping.findForward("loginPage");
            } else {
              User user = null;
                Company company = PublicCompanyFactory.getDefaultCompany();
              if (company.getAuthType().equals(Company.AUTH_TYPE_EA)) {
                user = APILocator.getUserAPI().loadByUserByEmail(form.getUserName().toLowerCase(), APILocator.getUserAPI().getSystemUser(), false);
                } else {
                  user = APILocator.getUserAPI().loadUserById(form.getUserName().toLowerCase(),APILocator.getUserAPI().getSystemUser(),false);
                }
              ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, mapping.findForward("challengeQuestionPage").getPath() + "?emailAddress=" + user.getEmailAddress()));

              return af;
            }
          }

    } catch (NoSuchUserException e) {
      Logger.debug(this, "Failed - User does not exist - login redirecting to: loginPage");
          ActionErrors errors = new ActionErrors();
          errors.add(Globals.ERROR_KEY, new ActionMessage("errors.user.not.exist"));
          request.setAttribute(Globals.ERROR_KEY, errors);
          //return to login page showing message the user doesn't exist
          if(referrer != null && !referrer.equals("/")) {
            ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, referrer));
            af.setRedirect(true);
            return af;
          } else
            return mapping.findForward("loginPage");
    }

    }

    /**
     * validates if an user exists and its status is inactive
     * this method is for Knight Foundation only
     * @param form
     * @param request
     * @return true if the user exists but it's inactive
     * @throws NoSuchUserException
     */
    private boolean isUserInactive(LoginForm form, HttpServletRequest request) throws NoSuchUserException {
        try {

          String userName = form.getUserName();

            Company comp = com.dotmarketing.cms.factories.PublicCompanyFactory.getDefaultCompany();
            User user = null;

            if (comp.getAuthType().equals(Company.AUTH_TYPE_EA)) {
              user = APILocator.getUserAPI().loadByUserByEmail(userName, APILocator.getUserAPI().getSystemUser(), false);
            } else {
              user = APILocator.getUserAPI().loadUserById(userName,APILocator.getUserAPI().getSystemUser(),false);
            }

            if ((user == null) || (!UtilMethods.isSet(user.getEmailAddress()))) {
              throw new NoSuchUserException();
            }

            if (!user.isActive()) {
        // re-sending activation account link
        request.setAttribute("userId", user.getUserId());
        return true;
            }

        } catch (NoSuchUserException e) {
          throw e;
        } catch (Exception e) {
            Logger.debug(LoginFactory.class, "userExistsButInactive validation Failed" + e);
        }
        return false;

    }
}
TOP

Related Classes of com.dotmarketing.cms.login.action.LoginAction

  • com.dotcms.repackage.org.apache.struts.action.ActionErrors
  • com.dotcms.repackage.org.apache.struts.action.ActionForward
  • com.dotcms.repackage.org.apache.struts.action.ActionMessage
  • com.dotcms.repackage.org.apache.struts.action.ActionMessages
  • com.dotmarketing.beans.UserProxy
  • com.dotmarketing.business.Role
  • com.dotmarketing.cms.createaccount.action.CreateAccountAction
  • com.dotmarketing.cms.login.struts.LoginForm
  • com.liferay.portal.model.Company
  • com.liferay.portal.model.User
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.