Package com.twosigma.beaker.core.rest

Source Code of com.twosigma.beaker.core.rest.LoginRest

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
/*
*  Copyright 2014 TWO SIGMA OPEN SOURCE, LLC
*
*  Licensed under the Apache License, Version 2.0 (the "License");
*  you may not use this file except in compliance with the License.
*  You may obtain a copy of the License at
*
*         http://www.apache.org/licenses/LICENSE-2.0
*
*  Unless required by applicable law or agreed to in writing, software
*  distributed under the License is distributed on an "AS IS" BASIS,
*  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
*  See the License for the specific language governing permissions and
*  limitations under the License.
*/
package com.twosigma.beaker.core.rest;

import com.google.inject.Inject;
import com.twosigma.beaker.core.module.config.BeakerConfig;
import java.io.IOException;
import java.net.URI;
import java.net.UnknownHostException;
import javax.ws.rs.Path;
import javax.ws.rs.POST;
import javax.ws.rs.Produces;
import javax.ws.rs.FormParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.NewCookie;
import javax.ws.rs.core.Response;
import org.apache.commons.codec.digest.DigestUtils;

/**
* Allow users to login by setting a cookie.
*/
@Path("login")
public class LoginRest {

  private BeakerConfig config;

  @Inject
  private LoginRest(BeakerConfig bkConfig) {
    this.config = bkConfig;
  }

  /* As it stands there is no need to hash the password because it is
     never saved.  But we are planning on adding an option to read the
     hash from a config file (github Issue #319), this code is really
     a start on the implementation of that. */
  private String hash(String password) {
    return DigestUtils.sha512Hex(password + config.getPasswordSalt());
  }
 
  @POST
  @Path("login")
  @Produces(MediaType.TEXT_HTML)
  public Response login(@FormParam("password") String password,
      @FormParam("origin") String origin)
      throws UnknownHostException
  {
    String cookie = config.getAuthCookie();
    if (password != null && origin != null &&
  hash(password).equals(config.getPasswordHash())) {
      return Response.seeOther(URI.create(origin + "/beaker/"))
        .cookie(new NewCookie("BeakerAuth", cookie, "/", null, null,
                              NewCookie.DEFAULT_MAX_AGE, true)).build();
    }
    // bad password, try again
    return Response.seeOther(URI.create(origin + "/login/login.html")).build();
  }
}
TOP

Related Classes of com.twosigma.beaker.core.rest.LoginRest

  • javax.ws.rs.core.NewCookie
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.