mirror of
https://github.com/correl/mage.git
synced 2024-11-28 19:19:55 +00:00
Merge pull request #1442 from menocar/password
Add a password user authentication when connecting to servers.
This commit is contained in:
commit
aadc253afa
12 changed files with 258 additions and 24 deletions
|
@ -40,6 +40,7 @@
|
|||
<Component id="lblPort" alignment="1" min="-2" max="-2" attributes="0"/>
|
||||
<Component id="lblServer" min="-2" max="-2" attributes="0"/>
|
||||
<Component id="lblUserName" min="-2" max="-2" attributes="0"/>
|
||||
<Component id="lblPassword" min="-2" max="-2" attributes="0"/>
|
||||
</Group>
|
||||
<Component id="lblFlag" alignment="1" min="-2" max="-2" attributes="0"/>
|
||||
</Group>
|
||||
|
@ -53,6 +54,7 @@
|
|||
<Component id="txtServer" pref="286" max="32767" attributes="0"/>
|
||||
<Component id="txtPort" alignment="0" min="-2" pref="71" max="-2" attributes="0"/>
|
||||
<Component id="txtUserName" alignment="1" max="32767" attributes="0"/>
|
||||
<Component id="txtPassword" alignment="1" max="32767" attributes="0"/>
|
||||
</Group>
|
||||
<EmptySpace max="-2" attributes="0"/>
|
||||
<Component id="btnFind" min="-2" max="-2" attributes="0"/>
|
||||
|
@ -85,6 +87,11 @@
|
|||
<Component id="txtUserName" min="-2" max="-2" attributes="0"/>
|
||||
<Component id="lblUserName" min="-2" max="-2" attributes="0"/>
|
||||
</Group>
|
||||
<EmptySpace min="-2" max="-2" attributes="0"/>
|
||||
<Group type="103" groupAlignment="0" attributes="0">
|
||||
<Component id="txtPassword" min="-2" max="-2" attributes="0"/>
|
||||
<Component id="lblPassword" min="-2" max="-2" attributes="0"/>
|
||||
</Group>
|
||||
<EmptySpace max="-2" attributes="0"/>
|
||||
<Group type="103" groupAlignment="0" max="-2" attributes="0">
|
||||
<Component id="lblFlag" max="32767" attributes="0"/>
|
||||
|
@ -152,6 +159,16 @@
|
|||
</Component>
|
||||
<Component class="javax.swing.JTextField" name="txtUserName">
|
||||
</Component>
|
||||
<Component class="javax.swing.JLabel" name="lblPassword">
|
||||
<Properties>
|
||||
<Property name="labelFor" type="java.awt.Component" editor="org.netbeans.modules.form.ComponentChooserEditor">
|
||||
<ComponentRef name="txtPassword"/>
|
||||
</Property>
|
||||
<Property name="text" type="java.lang.String" value="Password:"/>
|
||||
</Properties>
|
||||
</Component>
|
||||
<Component class="javax.swing.JPasswordField" name="txtPassword">
|
||||
</Component>
|
||||
<Component class="javax.swing.JLabel" name="lblFlag">
|
||||
<Properties>
|
||||
<Property name="labelFor" type="java.awt.Component" editor="org.netbeans.modules.form.ComponentChooserEditor">
|
||||
|
|
|
@ -90,15 +90,17 @@ public class ConnectDialog extends MageDialog {
|
|||
public ConnectDialog() {
|
||||
initComponents();
|
||||
|
||||
this.txtUserName.addActionListener(connectAction);
|
||||
this.txtServer.addActionListener(connectAction);
|
||||
this.txtPort.addActionListener(connectAction);
|
||||
this.txtUserName.addActionListener(connectAction);
|
||||
this.txtPassword.addActionListener(connectAction);
|
||||
}
|
||||
|
||||
public void showDialog() {
|
||||
this.txtServer.setText(MageFrame.getPreferences().get("serverAddress", Config.serverName));
|
||||
this.txtPort.setText(MageFrame.getPreferences().get("serverPort", Integer.toString(Config.port)));
|
||||
this.txtUserName.setText(MageFrame.getPreferences().get("userName", ""));
|
||||
this.txtPassword.setText(MageFrame.getPreferences().get("password", ""));
|
||||
this.chkAutoConnect.setSelected(Boolean.parseBoolean(MageFrame.getPreferences().get(KEY_CONNECT_AUTO_CONNECT, "false")));
|
||||
this.chkForceUpdateDB.setSelected(false); // has always to be set manually to force comparison
|
||||
|
||||
|
@ -120,6 +122,7 @@ public class ConnectDialog extends MageDialog {
|
|||
MageFrame.getPreferences().put("serverAddress", txtServer.getText().trim());
|
||||
MageFrame.getPreferences().put("serverPort", txtPort.getText().trim());
|
||||
MageFrame.getPreferences().put("userName", txtUserName.getText().trim());
|
||||
MageFrame.getPreferences().put("password", txtPassword.getText().trim());
|
||||
MageFrame.getPreferences().put(KEY_CONNECT_AUTO_CONNECT, Boolean.toString(chkAutoConnect.isSelected()));
|
||||
}
|
||||
|
||||
|
@ -139,6 +142,8 @@ public class ConnectDialog extends MageDialog {
|
|||
txtPort = new javax.swing.JTextField();
|
||||
lblUserName = new javax.swing.JLabel();
|
||||
txtUserName = new javax.swing.JTextField();
|
||||
lblPassword = new javax.swing.JLabel();
|
||||
txtPassword = new javax.swing.JPasswordField();
|
||||
lblFlag = new javax.swing.JLabel();
|
||||
cbFlag = new mage.client.util.gui.countryBox.CountryComboBox();
|
||||
chkAutoConnect = new javax.swing.JCheckBox();
|
||||
|
@ -175,6 +180,21 @@ public class ConnectDialog extends MageDialog {
|
|||
lblUserName.setLabelFor(txtUserName);
|
||||
lblUserName.setText("User name:");
|
||||
|
||||
txtUserName.addActionListener(new java.awt.event.ActionListener() {
|
||||
public void actionPerformed(java.awt.event.ActionEvent evt) {
|
||||
txtUserNameActionPerformed(evt);
|
||||
}
|
||||
});
|
||||
|
||||
lblPassword.setLabelFor(txtPassword);
|
||||
lblPassword.setText("Password:");
|
||||
|
||||
txtPassword.addActionListener(new java.awt.event.ActionListener() {
|
||||
public void actionPerformed(java.awt.event.ActionEvent evt) {
|
||||
txtPasswordActionPerformed(evt);
|
||||
}
|
||||
});
|
||||
|
||||
lblFlag.setLabelFor(txtUserName);
|
||||
lblFlag.setText("User flag:");
|
||||
|
||||
|
@ -234,7 +254,8 @@ public class ConnectDialog extends MageDialog {
|
|||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING)
|
||||
.addComponent(lblPort)
|
||||
.addComponent(lblServer)
|
||||
.addComponent(lblUserName))
|
||||
.addComponent(lblUserName)
|
||||
.addComponent(lblPassword))
|
||||
.addComponent(lblFlag, javax.swing.GroupLayout.Alignment.TRAILING))
|
||||
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
|
||||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
|
||||
|
@ -245,7 +266,8 @@ public class ConnectDialog extends MageDialog {
|
|||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.TRAILING, false)
|
||||
.addComponent(txtServer, javax.swing.GroupLayout.DEFAULT_SIZE, 286, Short.MAX_VALUE)
|
||||
.addComponent(txtPort, javax.swing.GroupLayout.Alignment.LEADING, javax.swing.GroupLayout.PREFERRED_SIZE, 71, javax.swing.GroupLayout.PREFERRED_SIZE)
|
||||
.addComponent(txtUserName))
|
||||
.addComponent(txtUserName)
|
||||
.addComponent(txtPassword))
|
||||
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
|
||||
.addComponent(btnFind))
|
||||
.addComponent(chkForceUpdateDB, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
|
||||
|
@ -269,6 +291,10 @@ public class ConnectDialog extends MageDialog {
|
|||
.addComponent(txtUserName, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
|
||||
.addComponent(lblUserName))
|
||||
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
|
||||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING)
|
||||
.addComponent(txtPassword, javax.swing.GroupLayout.PREFERRED_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.PREFERRED_SIZE)
|
||||
.addComponent(lblPassword))
|
||||
.addPreferredGap(javax.swing.LayoutStyle.ComponentPlacement.RELATED)
|
||||
.addGroup(layout.createParallelGroup(javax.swing.GroupLayout.Alignment.LEADING, false)
|
||||
.addComponent(lblFlag, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE)
|
||||
.addComponent(cbFlag, javax.swing.GroupLayout.DEFAULT_SIZE, javax.swing.GroupLayout.DEFAULT_SIZE, Short.MAX_VALUE))
|
||||
|
@ -302,10 +328,6 @@ public class ConnectDialog extends MageDialog {
|
|||
|
||||
private void btnConnectActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_btnConnectActionPerformed
|
||||
|
||||
if (txtUserName.getText().isEmpty()) {
|
||||
JOptionPane.showMessageDialog(rootPane, "Please provide a user name");
|
||||
return;
|
||||
}
|
||||
if (txtServer.getText().trim().isEmpty()) {
|
||||
JOptionPane.showMessageDialog(rootPane, "Please provide a server address");
|
||||
return;
|
||||
|
@ -314,6 +336,14 @@ public class ConnectDialog extends MageDialog {
|
|||
JOptionPane.showMessageDialog(rootPane, "Please provide a port number");
|
||||
return;
|
||||
}
|
||||
if (txtUserName.getText().isEmpty()) {
|
||||
JOptionPane.showMessageDialog(rootPane, "Please provide a user name");
|
||||
return;
|
||||
}
|
||||
if (txtPassword.getText().isEmpty()) {
|
||||
JOptionPane.showMessageDialog(rootPane, "Please provide a password");
|
||||
return;
|
||||
}
|
||||
if (Integer.valueOf(txtPort.getText()) < 1 || Integer.valueOf(txtPort.getText()) > 65535) {
|
||||
JOptionPane.showMessageDialog(rootPane, "Invalid port number");
|
||||
txtPort.setText(MageFrame.getPreferences().get("serverPort", Integer.toString(Config.port)));
|
||||
|
@ -327,6 +357,7 @@ public class ConnectDialog extends MageDialog {
|
|||
connection.setHost(this.txtServer.getText().trim());
|
||||
connection.setPort(Integer.valueOf(this.txtPort.getText().trim()));
|
||||
connection.setUsername(this.txtUserName.getText().trim());
|
||||
connection.setPassword(this.txtPassword.getText().trim());
|
||||
connection.setForceDBComparison(this.chkForceUpdateDB.isSelected());
|
||||
MageFrame.getPreferences().put(KEY_CONNECT_FLAG, ((CountryItemEditor) cbFlag.getEditor()).getImageItem());
|
||||
|
||||
|
@ -541,6 +572,14 @@ public class ConnectDialog extends MageDialog {
|
|||
// TODO add your handling code here:
|
||||
}//GEN-LAST:event_chkForceUpdateDBActionPerformed
|
||||
|
||||
private void txtUserNameActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_txtUserNameActionPerformed
|
||||
// TODO add your handling code here:
|
||||
}//GEN-LAST:event_txtUserNameActionPerformed
|
||||
|
||||
private void txtPasswordActionPerformed(java.awt.event.ActionEvent evt) {//GEN-FIRST:event_txtPasswordActionPerformed
|
||||
// TODO add your handling code here:
|
||||
}//GEN-LAST:event_txtPasswordActionPerformed
|
||||
|
||||
// Variables declaration - do not modify//GEN-BEGIN:variables
|
||||
private javax.swing.JButton btnCancel;
|
||||
private javax.swing.JButton btnConnect;
|
||||
|
@ -550,10 +589,12 @@ public class ConnectDialog extends MageDialog {
|
|||
private javax.swing.JCheckBox chkForceUpdateDB;
|
||||
private javax.swing.JButton jProxySettingsButton;
|
||||
private javax.swing.JLabel lblFlag;
|
||||
private javax.swing.JLabel lblPassword;
|
||||
private javax.swing.JLabel lblPort;
|
||||
private javax.swing.JLabel lblServer;
|
||||
private javax.swing.JLabel lblStatus;
|
||||
private javax.swing.JLabel lblUserName;
|
||||
private javax.swing.JPasswordField txtPassword;
|
||||
private javax.swing.JTextField txtPort;
|
||||
private javax.swing.JTextField txtServer;
|
||||
private javax.swing.JTextField txtUserName;
|
||||
|
|
|
@ -56,7 +56,7 @@ import mage.view.UserView;
|
|||
public interface MageServer {
|
||||
|
||||
// connection methods
|
||||
boolean registerClient(String userName, String sessionId, MageVersion version) throws MageException;
|
||||
boolean registerClient(String userName, String password, String sessionId, MageVersion version) throws MageException;
|
||||
|
||||
boolean registerAdmin(String password, String sessionId, MageVersion version) throws MageException;
|
||||
// Not used
|
||||
|
|
|
@ -45,6 +45,7 @@ public class Connection {
|
|||
private int port;
|
||||
private String username;
|
||||
private String password;
|
||||
private String adminPassword;
|
||||
private ProxyType proxyType;
|
||||
private String proxyHost;
|
||||
private int proxyPort;
|
||||
|
@ -172,6 +173,14 @@ public class Connection {
|
|||
this.password = password;
|
||||
}
|
||||
|
||||
public String getAdminPassword() {
|
||||
return adminPassword;
|
||||
}
|
||||
|
||||
public void setAdminPassword(String adminPassword) {
|
||||
this.adminPassword = adminPassword;
|
||||
}
|
||||
|
||||
public String getProxyHost() {
|
||||
return proxyHost;
|
||||
}
|
||||
|
|
|
@ -278,14 +278,14 @@ public class SessionImpl implements Session {
|
|||
|
||||
this.sessionId = callbackClient.getSessionId();
|
||||
boolean registerResult;
|
||||
if (connection.getPassword() == null) {
|
||||
if (connection.getAdminPassword() == null) {
|
||||
// for backward compatibility. don't remove twice call - first one does nothing but for version checking
|
||||
registerResult = server.registerClient(connection.getUsername(), sessionId, client.getVersion());
|
||||
registerResult = server.registerClient(connection.getUsername(), connection.getPassword(), sessionId, client.getVersion());
|
||||
if (registerResult) {
|
||||
server.setUserData(connection.getUsername(), sessionId, connection.getUserData());
|
||||
}
|
||||
} else {
|
||||
registerResult = server.registerAdmin(connection.getPassword(), sessionId, client.getVersion());
|
||||
registerResult = server.registerAdmin(connection.getAdminPassword(), sessionId, client.getVersion());
|
||||
}
|
||||
if (registerResult) {
|
||||
sessionState = SessionState.CONNECTED;
|
||||
|
|
|
@ -413,7 +413,7 @@ public class ConnectDialog extends JDialog {
|
|||
connection = new Connection();
|
||||
connection.setHost(this.txtServer.getText());
|
||||
connection.setPort(Integer.valueOf(this.txtPort.getText()));
|
||||
connection.setPassword(new String(txtPassword.getPassword()));
|
||||
connection.setAdminPassword(new String(txtPassword.getPassword()));
|
||||
connection.setUsername("Admin");
|
||||
connection.setProxyType((ProxyType) this.cbProxyType.getSelectedItem());
|
||||
if (!this.cbProxyType.getSelectedItem().equals(ProxyType.NONE)) {
|
||||
|
|
|
@ -148,6 +148,12 @@
|
|||
<version>${project.version}</version>
|
||||
<scope>runtime</scope>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.shiro</groupId>
|
||||
<artifactId>shiro-core</artifactId>
|
||||
<version>1.2.4</version>
|
||||
<type>jar</type>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
|
||||
<build>
|
||||
|
|
52
Mage.Server/src/main/java/mage/server/AuthorizedUser.java
Normal file
52
Mage.Server/src/main/java/mage/server/AuthorizedUser.java
Normal file
|
@ -0,0 +1,52 @@
|
|||
package mage.server;
|
||||
|
||||
import com.j256.ormlite.field.DatabaseField;
|
||||
import com.j256.ormlite.table.DatabaseTable;
|
||||
import org.apache.shiro.authc.AuthenticationInfo;
|
||||
import org.apache.shiro.authc.AuthenticationToken;
|
||||
import org.apache.shiro.authc.SimpleAuthenticationInfo;
|
||||
import org.apache.shiro.authc.UsernamePasswordToken;
|
||||
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
|
||||
import org.apache.shiro.util.ByteSource;
|
||||
import org.apache.shiro.codec.Base64;
|
||||
import org.apache.shiro.crypto.hash.Hash;
|
||||
|
||||
@DatabaseTable(tableName = "authorized_user")
|
||||
public class AuthorizedUser {
|
||||
|
||||
@DatabaseField(indexName = "name_index")
|
||||
protected String name;
|
||||
|
||||
@DatabaseField
|
||||
protected String password;
|
||||
|
||||
@DatabaseField
|
||||
protected String salt;
|
||||
|
||||
@DatabaseField
|
||||
protected String hashAlgorithm;
|
||||
|
||||
@DatabaseField
|
||||
protected int hashIterations;
|
||||
|
||||
public AuthorizedUser() {
|
||||
}
|
||||
|
||||
public AuthorizedUser(String name, Hash hash) {
|
||||
this.name = name;
|
||||
this.password = hash.toBase64();
|
||||
this.salt = hash.getSalt().toBase64();
|
||||
this.hashAlgorithm = hash.getAlgorithmName();
|
||||
this.hashIterations = hash.getIterations();
|
||||
}
|
||||
|
||||
public boolean doCredentialsMatch(String name, String password) {
|
||||
HashedCredentialsMatcher matcher = new HashedCredentialsMatcher(this.hashAlgorithm);
|
||||
matcher.setHashIterations(this.hashIterations);
|
||||
AuthenticationToken token = new UsernamePasswordToken(name, password);
|
||||
AuthenticationInfo info = new SimpleAuthenticationInfo(this.name,
|
||||
ByteSource.Util.bytes(Base64.decode(this.password)),
|
||||
ByteSource.Util.bytes(Base64.decode(this.salt)), "");
|
||||
return matcher.doCredentialsMatch(token, info);
|
||||
}
|
||||
}
|
|
@ -0,0 +1,97 @@
|
|||
package mage.server;
|
||||
|
||||
import com.j256.ormlite.dao.Dao;
|
||||
import com.j256.ormlite.dao.DaoManager;
|
||||
import com.j256.ormlite.jdbc.JdbcConnectionSource;
|
||||
import com.j256.ormlite.stmt.QueryBuilder;
|
||||
import com.j256.ormlite.stmt.SelectArg;
|
||||
import com.j256.ormlite.support.ConnectionSource;
|
||||
import com.j256.ormlite.support.DatabaseConnection;
|
||||
import com.j256.ormlite.table.TableUtils;
|
||||
import java.io.File;
|
||||
import java.sql.SQLException;
|
||||
import java.util.List;
|
||||
import java.util.concurrent.Callable;
|
||||
import mage.cards.repository.RepositoryUtil;
|
||||
import org.apache.log4j.Logger;
|
||||
import org.apache.shiro.crypto.RandomNumberGenerator;
|
||||
import org.apache.shiro.crypto.SecureRandomNumberGenerator;
|
||||
import org.apache.shiro.crypto.hash.Hash;
|
||||
import org.apache.shiro.crypto.hash.Sha256Hash;
|
||||
import org.apache.shiro.crypto.hash.SimpleHash;
|
||||
|
||||
public enum AuthorizedUserRepository {
|
||||
|
||||
instance;
|
||||
|
||||
private static final String JDBC_URL = "jdbc:h2:file:./db/authorized_user.h2;AUTO_SERVER=TRUE";
|
||||
private static final String VERSION_ENTITY_NAME = "authorized_user";
|
||||
// raise this if db structure was changed
|
||||
private static final long DB_VERSION = 0;
|
||||
private static final RandomNumberGenerator rng = new SecureRandomNumberGenerator();
|
||||
|
||||
private Dao<AuthorizedUser, Object> dao;
|
||||
|
||||
private AuthorizedUserRepository() {
|
||||
File file = new File("db");
|
||||
if (!file.exists()) {
|
||||
file.mkdirs();
|
||||
}
|
||||
try {
|
||||
ConnectionSource connectionSource = new JdbcConnectionSource(JDBC_URL);
|
||||
boolean obsolete = RepositoryUtil.isDatabaseObsolete(connectionSource, VERSION_ENTITY_NAME, DB_VERSION);
|
||||
|
||||
if (obsolete) {
|
||||
TableUtils.dropTable(connectionSource, AuthorizedUser.class, true);
|
||||
}
|
||||
|
||||
TableUtils.createTableIfNotExists(connectionSource, AuthorizedUser.class);
|
||||
dao = DaoManager.createDao(connectionSource, AuthorizedUser.class);
|
||||
} catch (SQLException ex) {
|
||||
Logger.getLogger(AuthorizedUserRepository.class).error("Error creating authorized_user repository - ", ex);
|
||||
}
|
||||
}
|
||||
|
||||
public void add(final String userName, final String password) {
|
||||
try {
|
||||
dao.callBatchTasks(new Callable<Object>() {
|
||||
@Override
|
||||
public Object call() throws Exception {
|
||||
try {
|
||||
Hash hash = new SimpleHash(Sha256Hash.ALGORITHM_NAME, password, rng.nextBytes(), 1024);
|
||||
AuthorizedUser user = new AuthorizedUser(userName, hash);
|
||||
dao.create(user);
|
||||
} catch (SQLException ex) {
|
||||
Logger.getLogger(AuthorizedUserRepository.class).error("Error adding a user to DB - ", ex);
|
||||
}
|
||||
return null;
|
||||
}
|
||||
});
|
||||
} catch (Exception ex) {
|
||||
}
|
||||
}
|
||||
|
||||
public AuthorizedUser get(String userName) {
|
||||
try {
|
||||
QueryBuilder<AuthorizedUser, Object> qb = dao.queryBuilder();
|
||||
qb.where().eq("name", new SelectArg(userName));
|
||||
List<AuthorizedUser> results = dao.query(qb.prepare());
|
||||
if (results.size() == 1) {
|
||||
return results.get(0);
|
||||
}
|
||||
return null;
|
||||
} catch (SQLException ex) {
|
||||
}
|
||||
return null;
|
||||
}
|
||||
|
||||
public void closeDB() {
|
||||
try {
|
||||
if (dao != null && dao.getConnectionSource() != null) {
|
||||
DatabaseConnection conn = dao.getConnectionSource().getReadWriteConnection();
|
||||
conn.executeStatement("shutdown compact", 0);
|
||||
}
|
||||
} catch (SQLException ex) {
|
||||
}
|
||||
}
|
||||
}
|
|
@ -96,24 +96,24 @@ public class MageServerImpl implements MageServer {
|
|||
private static final Logger logger = Logger.getLogger(MageServerImpl.class);
|
||||
private static final ExecutorService callExecutor = ThreadExecutor.getInstance().getCallExecutor();
|
||||
|
||||
private final String password;
|
||||
private final String adminPassword;
|
||||
private final boolean testMode;
|
||||
|
||||
public MageServerImpl(String password, boolean testMode) {
|
||||
this.password = password;
|
||||
public MageServerImpl(String adminPassword, boolean testMode) {
|
||||
this.adminPassword = adminPassword;
|
||||
this.testMode = testMode;
|
||||
ServerMessagesUtil.getInstance().getMessages();
|
||||
}
|
||||
|
||||
@Override
|
||||
public boolean registerClient(String userName, String sessionId, MageVersion version) throws MageException {
|
||||
public boolean registerClient(String userName, String password, String sessionId, MageVersion version) throws MageException {
|
||||
try {
|
||||
if (version.compareTo(Main.getVersion()) != 0) {
|
||||
logger.info("MageVersionException: userName=" + userName + ", version=" + version);
|
||||
LogServiceImpl.instance.log(LogKeys.KEY_WRONG_VERSION, userName, version.toString(), Main.getVersion().toString(), sessionId);
|
||||
throw new MageVersionException(version, Main.getVersion());
|
||||
}
|
||||
return SessionManager.getInstance().registerUser(sessionId, userName);
|
||||
return SessionManager.getInstance().registerUser(sessionId, userName, password);
|
||||
} catch (MageException ex) {
|
||||
if (ex instanceof MageVersionException) {
|
||||
throw (MageVersionException) ex;
|
||||
|
@ -134,12 +134,12 @@ public class MageServerImpl implements MageServer {
|
|||
}
|
||||
|
||||
@Override
|
||||
public boolean registerAdmin(String password, String sessionId, MageVersion version) throws MageException {
|
||||
public boolean registerAdmin(String adminPassword, String sessionId, MageVersion version) throws MageException {
|
||||
try {
|
||||
if (version.compareTo(Main.getVersion()) != 0) {
|
||||
throw new MageException("Wrong client version " + version + ", expecting version " + Main.getVersion());
|
||||
}
|
||||
if (!password.equals(this.password)) {
|
||||
if (!adminPassword.equals(this.adminPassword)) {
|
||||
throw new MageException("Wrong password");
|
||||
}
|
||||
return SessionManager.getInstance().registerAdmin(sessionId);
|
||||
|
|
|
@ -74,8 +74,8 @@ public class Session {
|
|||
this.lock = new ReentrantLock();
|
||||
}
|
||||
|
||||
public String registerUser(String userName) throws MageException {
|
||||
String returnMessage = registerUserHandling(userName);
|
||||
public String registerUser(String userName, String password) throws MageException {
|
||||
String returnMessage = registerUserHandling(userName, password);
|
||||
if (returnMessage != null) {
|
||||
sendErrorMessageToClient(returnMessage);
|
||||
}
|
||||
|
@ -86,7 +86,7 @@ public class Session {
|
|||
return lock.isLocked();
|
||||
}
|
||||
|
||||
public String registerUserHandling(String userName) throws MageException {
|
||||
public String registerUserHandling(String userName, String password) throws MageException {
|
||||
this.isAdmin = false;
|
||||
if (userName.equals("Admin")) {
|
||||
return "User name Admin already in use";
|
||||
|
@ -102,6 +102,18 @@ public class Session {
|
|||
if (m.find()) {
|
||||
return "User name '" + userName + "' includes not allowed characters: use a-z, A-Z and 0-9";
|
||||
}
|
||||
|
||||
AuthorizedUser authorizedUser = AuthorizedUserRepository.instance.get(userName);
|
||||
if (authorizedUser == null) {
|
||||
// Do this in an explicit sign-up flow.
|
||||
AuthorizedUserRepository.instance.add(userName, password);
|
||||
} else {
|
||||
if (!authorizedUser.doCredentialsMatch(userName, password)) {
|
||||
return "Wrong username or password";
|
||||
}
|
||||
}
|
||||
|
||||
// TODO: Do an authentication with userName and password.
|
||||
User user = UserManager.getInstance().createUser(userName, host);
|
||||
boolean reconnect = false;
|
||||
if (user == null) { // user already exists
|
||||
|
|
|
@ -70,10 +70,10 @@ public class SessionManager {
|
|||
sessions.put(sessionId, session);
|
||||
}
|
||||
|
||||
public boolean registerUser(String sessionId, String userName) throws MageException {
|
||||
public boolean registerUser(String sessionId, String userName, String password) throws MageException {
|
||||
Session session = sessions.get(sessionId);
|
||||
if (session != null) {
|
||||
String returnMessage = session.registerUser(userName);
|
||||
String returnMessage = session.registerUser(userName, password);
|
||||
if (returnMessage == null) {
|
||||
LogServiceImpl.instance.log(LogKeys.KEY_USER_CONNECTED, userName, session.getHost(), sessionId);
|
||||
|
||||
|
|
Loading…
Reference in a new issue