/src/main/java/com/google/ie/web/interceptor/LoginInterceptor.java

http://thoughtsite.googlecode.com/ · Java · 101 lines · 53 code · 15 blank · 33 comment · 15 complexity · a3c0c3bb273bb243010bc9720554772b MD5 · raw file

  1. /* Copyright 2010 Google Inc.
  2. *
  3. * Licensed under the Apache License, Version 2.0 (the "License");
  4. * you may not use this file except in compliance with the License.
  5. * You may obtain a copy of the License at
  6. *
  7. * http://www.apache.org/licenses/LICENSE-2.0
  8. *
  9. * Unless required by applicable law or agreed to in writing, software
  10. * distributed under the License is distributed on an "AS IS" BASIS.
  11. * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  12. * See the License for the specific language governing permissions and
  13. * limitations under the License
  14. */
  15. package com.google.ie.web.interceptor;
  16. import com.google.ie.web.controller.UserController;
  17. import org.apache.log4j.Logger;
  18. import org.springframework.beans.factory.annotation.Autowired;
  19. import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
  20. import javax.servlet.http.Cookie;
  21. import javax.servlet.http.HttpServletRequest;
  22. import javax.servlet.http.HttpServletResponse;
  23. /**
  24. * An interceptor to check if user is logged in or not. User is logged in if an
  25. * fcauth cookie is present in the request scope
  26. *
  27. * @author abraina
  28. */
  29. public class LoginInterceptor extends HandlerInterceptorAdapter {
  30. private static final Logger LOG = Logger.getLogger(LoginInterceptor.class);
  31. // Authentication cookie name
  32. private String fcauthCookieName;
  33. @Autowired
  34. private UserController userController;
  35. @Override
  36. public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
  37. Object handler) throws Exception {
  38. // Check auth token and return true if found
  39. // Check for user object in session
  40. if (null == request.getSession().getAttribute("user")) {
  41. // Forward for authentication
  42. int authStatus = userController.authenticationCheckForOpenId(request, response, null);
  43. if (authStatus == 1) {
  44. return true;
  45. }
  46. /** Redirect to home page */
  47. request.getRequestDispatcher("/").forward(request, response);
  48. return false;
  49. }
  50. return true;
  51. }
  52. /**
  53. * Checks if the fcauth cookie is present with a non empty value
  54. *
  55. * @param request
  56. * @return true if a valid fcauth cookie is present in the request, else
  57. * false
  58. */
  59. private boolean checkAuthToken(HttpServletRequest request) {
  60. Cookie[] cookies = request.getCookies();
  61. if (cookies != null) {
  62. for (int i = 0; i < cookies.length; i++) {
  63. Cookie cookie = cookies[i];
  64. if (cookie != null && cookie.getName().equals(getFcauthCookieName())) {
  65. // Cookie found. Check for value
  66. String authToken = cookie.getValue();
  67. if (authToken != null && authToken.length() > 0) {
  68. LOG.info("Auth token found. Allowing request to proceed");
  69. return true;
  70. }
  71. }
  72. }
  73. }
  74. LOG.warn("Auth token not found. Stopping request to proceed");
  75. return false;
  76. }
  77. public void setFcauthCookieName(String fcauthCookieName) {
  78. this.fcauthCookieName = fcauthCookieName;
  79. }
  80. public String getFcauthCookieName() {
  81. if (fcauthCookieName != null) {
  82. return fcauthCookieName.trim();
  83. }
  84. return fcauthCookieName;
  85. }
  86. }