Added a login() variant that assumes the user is fully authenticated and

dives right into the session creation and auth cookie generation.


git-svn-id: https://samskivert.googlecode.com/svn/trunk@722 6335cc39-0255-0410-8fd6-9bcaacd3b74c
This commit is contained in:
shaper
2002-05-02 01:15:09 +00:00
parent f462d967fa
commit 7a1599f0d0
@@ -1,5 +1,5 @@
//
// $Id: UserManager.java,v 1.11 2002/05/01 01:50:05 shaper Exp $
// $Id: UserManager.java,v 1.12 2002/05/02 01:15:09 shaper Exp $
//
// samskivert library - useful routines for java programs
// Copyright (C) 2001 Michael Bayne
@@ -148,10 +148,44 @@ public class UserManager
return user;
}
/**
* Authenticates the requester and initiates an authenticated session
* for them. <em>Note:</em> The caller should make sure the user has
* been authenticated through some other means before calling this
* method. An authenticated session involves their receiving a cookie
* that proves them to be authenticated and an entry in the session
* database being created that maps their information to their
* userid. If this call completes, the session was established and the
* proper cookies were set in the supplied response object. If some
* other error occurs, an exception will be thrown.
*
* @param username The username supplied by the user.
* @param persist If true, the cookie will expire in one month, if
* false, the cookie will expire in 24 hours.
* @param rsp the response in which the cookie is to be set.
*
* @return the user object of the authenticated user.
*/
public User login (String username, boolean persist,
HttpServletResponse rsp)
throws PersistenceException, NoSuchUserException
{
// load up the requested user
User user = _repository.loadUser(username);
if (user == null) {
throw new NoSuchUserException("error.no_such_user");
}
// generate a session and set the user's auth cookie
generateSession(user, persist, rsp);
return user;
}
/**
* Attempts to authenticate the requester and initiate an
* authenticated session for them. An authenticated session involves
* their receiving a cookie that provides them to be authenticated and
* their receiving a cookie that proves them to be authenticated and
* an entry in the session database being created that maps their
* information to their userid. If this call completes, the session
* was established and the proper cookies were set in the supplied
@@ -162,6 +196,7 @@ public class UserManager
* @param password The plaintext password supplied by the user.
* @param persist If true, the cookie will expire in one month, if
* false, the cookie will expire in 24 hours.
* @param rsp the response in which the cookie is to be set.
*
* @return the user object of the authenticated user.
*/
@@ -179,6 +214,26 @@ public class UserManager
throw new InvalidPasswordException("error.invalid_password");
}
// generate a session and set the user's auth cookie
generateSession(user, persist, rsp);
return user;
}
/**
* Creates a new session for the specified user in the session
* database table and sets an authentication cookie in the supplied
* servlet response.
*
* @param user the user for whom a session is to be generated.
* @param persist If true, the cookie will expire in one month, if
* false, the cookie will expire in 24 hours.
* @param rsp the response in which the cookie is to be set.
*/
protected void generateSession (User user, boolean persist,
HttpServletResponse rsp)
throws PersistenceException
{
// generate a new session for this user
String authcode = _repository.createNewSession(user, persist);
// stick it into a cookie for their browsing convenience
@@ -190,8 +245,6 @@ public class UserManager
acookie.setMaxAge(24*60*60); // expire in 24 hours
}
rsp.addCookie(acookie);
return user;
}
public void logout (HttpServletRequest req, HttpServletResponse rsp)