/src/main/java/com/google/ie/web/interceptor/LoginInterceptor.java

  1/* Copyright 2010 Google Inc.
  2 * 
  3 * Licensed under the Apache License, Version 2.0 (the "License");
  4 * you may not use this file except in compliance with the License.
  5 * You may obtain a copy of the License at
  6 * 
  7 *      http://www.apache.org/licenses/LICENSE-2.0
  8 * 
  9 * Unless required by applicable law or agreed to in writing, software
 10 * distributed under the License is distributed on an "AS IS" BASIS.
 11 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 12 * See the License for the specific language governing permissions and
 13 * limitations under the License
 14 */
 15
 16package com.google.ie.web.interceptor;
 17
 18import com.google.ie.web.controller.UserController;
 19
 20import org.apache.log4j.Logger;
 21import org.springframework.beans.factory.annotation.Autowired;
 22import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
 23
 24import javax.servlet.http.Cookie;
 25import javax.servlet.http.HttpServletRequest;
 26import javax.servlet.http.HttpServletResponse;
 27
 28/**
 29 * An interceptor to check if user is logged in or not. User is logged in if an
 30 * fcauth cookie is present in the request scope
 31 * 
 32 * @author abraina
 33 */
 34public class LoginInterceptor extends HandlerInterceptorAdapter {
 35
 36    private static final Logger LOG = Logger.getLogger(LoginInterceptor.class);
 37
 38    // Authentication cookie name
 39    private String fcauthCookieName;
 40    @Autowired
 41    private UserController userController;
 42
 43    @Override
 44    public boolean preHandle(HttpServletRequest request, HttpServletResponse response,
 45                    Object handler) throws Exception {
 46        // Check auth token and return true if found
 47        // Check for user object in session
 48        if (null == request.getSession().getAttribute("user")) {
 49            // Forward for authentication
 50            int authStatus = userController.authenticationCheckForOpenId(request, response, null);
 51            if (authStatus == 1) {
 52                return true;
 53            }
 54            /** Redirect to home page */
 55            request.getRequestDispatcher("/").forward(request, response);
 56            return false;
 57
 58        }
 59        return true;
 60
 61    }
 62
 63    /**
 64     * Checks if the fcauth cookie is present with a non empty value
 65     * 
 66     * @param request
 67     * @return true if a valid fcauth cookie is present in the request, else
 68     *         false
 69     */
 70    private boolean checkAuthToken(HttpServletRequest request) {
 71        Cookie[] cookies = request.getCookies();
 72        if (cookies != null) {
 73            for (int i = 0; i < cookies.length; i++) {
 74                Cookie cookie = cookies[i];
 75                if (cookie != null && cookie.getName().equals(getFcauthCookieName())) {
 76                    // Cookie found. Check for value
 77                    String authToken = cookie.getValue();
 78                    if (authToken != null && authToken.length() > 0) {
 79                        LOG.info("Auth token found. Allowing request to proceed");
 80                        return true;
 81                    }
 82                }
 83            }
 84        }
 85        LOG.warn("Auth token not found. Stopping request to proceed");
 86        return false;
 87    }
 88
 89    public void setFcauthCookieName(String fcauthCookieName) {
 90        this.fcauthCookieName = fcauthCookieName;
 91    }
 92
 93    public String getFcauthCookieName() {
 94        if (fcauthCookieName != null) {
 95            return fcauthCookieName.trim();
 96        }
 97        return fcauthCookieName;
 98    }
 99
100}
101