BSAccountController

/******************************************************************************
 * BSAccountController.java - login/logout
 *
 * BSAccount - BuckoSoft Web Account Manager
 * Copyright(c) 2015 - Dick Balaska and BuckoSoft, Corp.
 *
 */
package com.buckosoft.BSAccount.web;

import java.io.IOException;
import java.io.PrintWriter;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;

import com.buckosoft.BSAccount.BSAccountMan;
import com.buckosoft.BSAccount.domain.BSAccount;
import com.buckosoft.BSAccount.domain.BSAccountUser;
import com.buckosoft.BSAccount.domain.BSAccountUserWebSession;
import com.buckosoft.BSAccount.domain.Credentials;

/** Controller for login and logout.
 * @see BSAccount
 * @author dick
 * @since 2015-04-22
 *
 */
@Controller
public class BSAccountController {
	protected final Log log = LogFactory.getLog(getClass());

	@Autowired
	private BSAccountMan	bsAccountMan;

	/** Login to the BuckoSoft web system
	 * @param request
	 * @param response
	 * @param credentials A username/password object passed from the web
	 * @return either "OK" or a detailed message of the failure
	 */
	@RequestMapping(value="/login", method=RequestMethod.POST, produces=MediaType.TEXT_PLAIN_VALUE)
	public void login(HttpServletRequest request, HttpServletResponse response,
			Credentials credentials) {
		BSAccountUserWebSession userWebSession = this.bsAccountMan.getUserWebSession(request);
		if (log.isInfoEnabled()) {
			String s = credentials.getPassword().replaceAll(".*", "+");
			log.info("username=" + credentials.getUsername() + " password=" + s);
		}
		log.debug("userWebSession=" + userWebSession);
		BSAccount account = this.bsAccountMan.getAccount(credentials.getUsername(), credentials.getPassword());
		String ret = "unknown";
		if (account == null) {
			ret = "user/password not found";
			log.info("user " + credentials.getUsername() + " FAILED log in");
			try {
				response.sendError(401, ret);
				return;
			} catch (IOException e) {
				e.printStackTrace();
			}
		} else {
			ret = "OK";
			BSAccountUser user = this.bsAccountMan.getUser(account);
			userWebSession.setUser(user);
			log.info("user " + credentials.getUsername() + " logged in");
		}
		try {
			response.getWriter().print(ret);
		} catch (IOException e) {}
		return;
	}

	@RequestMapping(value="/logout", produces=MediaType.TEXT_PLAIN_VALUE)
	public void logout(HttpServletRequest request, HttpServletResponse response) {
		BSAccountUserWebSession userWebSession = this.bsAccountMan.getUserWebSession(request);
		if (userWebSession.isLoggedIn()) {
			log.info("user " + userWebSession.getUser().getUsername() + " logged out");
			userWebSession.setUser(bsAccountMan.getNewUser());
			request.getSession().invalidate();
			try {
				response.getWriter().print("OK");
			} catch (IOException e) {}

		} else {
			try {
				response.sendError(401, "Not logged in");
				response.getWriter().print("Not logged in");
			} catch (IOException e) {}
		}
		return;
	}

	@RequestMapping(value="/getJumpApp", produces=MediaType.TEXT_PLAIN_VALUE)
	public void getJumpApp(HttpServletRequest request, PrintWriter writer) {
		long ret = 0;

		BSAccountUserWebSession userWebSession = this.bsAccountMan.getUserWebSession(request);
		if (userWebSession.isLoggedIn()) {
			ret = this.bsAccountMan.getAppJumper(userWebSession.getUser().accessAccount());
		}
		writer.print("" + ret);
	}
}