2 * Copyright (C) 2001, 2002 The Mir-coders group
4 * This file is part of Mir.
6 * Mir is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * Mir is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with Mir; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 * In addition, as a special exception, The Mir-coders gives permission to link
21 * the code of this program with any library licensed under the Apache Software License,
22 * The Sun (tm) Java Advanced Imaging library (JAI), The Sun JIMI library
23 * (or with modified versions of the above that use the same license as the above),
24 * and distribute linked combinations including the two. You must obey the
25 * GNU General Public License in all respects for all of the code used other than
26 * the above mentioned libraries. If you modify this file, you may extend this
27 * exception to your version of the file, but you are not obligated to do so.
28 * If you do not wish to do so, delete this exception statement from your version.
31 package mircoders.module;
33 import java.util.HashMap;
36 import mir.entity.EntityList;
37 import mir.log.LoggerWrapper;
38 import mir.module.AbstractModule;
39 import mir.module.ModuleExc;
40 import mir.module.ModuleFailure;
41 import mir.util.JDBCStringRoutines;
42 import mircoders.entity.EntityUsers;
43 import mircoders.global.MirGlobal;
44 import mircoders.storage.DatabaseUsers;
54 public class ModuleUsers extends AbstractModule
56 static LoggerWrapper logger = new LoggerWrapper("Module.Users");
58 public ModuleUsers() {
59 super(DatabaseUsers.getInstance());
63 * Authenticate and lookup a user
65 * @param user The user to lookup
66 * @param password The password
67 * @return The authenticated user, or <code>null</code> if the user
68 * doesn't exist, or the supplied password is invalid.
72 public EntityUsers getUserForLogin(String user, String password) throws ModuleExc, ModuleFailure {
75 "login='" + JDBCStringRoutines.escapeStringLiteral(user) + "' " +
76 "and password='" + JDBCStringRoutines.escapeStringLiteral(
77 MirGlobal.localizer().adminInterface().makePasswordDigest(password)) +
81 EntityList userList = getByWhereClause(whereString, -1);
83 if (userList != null && userList.size() == 1) {
84 EntityUsers result = (EntityUsers) userList.elementAt(0);
86 if (result.getFieldValue("is_disabled") == null ||
87 result.getFieldValue("is_disabled").equals("0"))
94 throw new ModuleFailure(t);
98 public boolean checkUserPassword(EntityUsers aUser, String aPassword) throws ModuleExc, ModuleFailure {
100 return aUser.getFieldValue("password").equals(MirGlobal.localizer().adminInterface().makePasswordDigest(aPassword));
102 catch (Throwable t) {
103 throw new ModuleFailure(t);
107 private Map digestPassword(Map aValues) throws ModuleFailure {
108 Map result = aValues;
111 if (aValues.containsKey("password")) {
112 result = new HashMap();
113 result.putAll(aValues);
114 result.put("password",
115 MirGlobal.localizer().adminInterface().
116 makePasswordDigest( (String) aValues.get("password")));
119 catch (Throwable t) {
120 throw new ModuleFailure("ModuleUsers.add: " + t.getMessage(), t);
131 * @throws ModuleFailure
134 public String add (Map theValues) throws ModuleExc, ModuleFailure {
136 return super.add(digestPassword(theValues));
138 catch (Throwable t) {
139 throw new ModuleFailure(t);
148 * @throws ModuleFailure
150 public String set (Map theValues) throws ModuleExc, ModuleFailure {
152 return super.set(digestPassword(theValues));
154 catch (Throwable t) {
155 throw new ModuleFailure(t);
159 public void recordLogin(EntityUsers aUser) throws ModuleExc, ModuleFailure {
161 String sql = "update webdb_users set lastlogin=now() where id = " + aUser.getId();
163 database.executeUpdate(sql);
165 catch (Throwable t) {
166 // no propagation of this error for now, to allow mir to still function
167 // with older db schemas
168 // throw new ModuleFailure(t);