Java tutorial
/* * To change this license header, choose License Headers in Project Properties. * To change this template file, choose Tools | Templates * and open the template in the editor. */ package b4f.servicios; import b4f.modelos.Multa; import b4f.modelos.Rol; import b4f.modelos.TipoBici; import b4f.modelos.Usuario; import b4f.seguridad.UsersManager; import b4f.util.JwtToken; import b4f.util.Passwords; import b4f.config.PersistenceManager; import java.util.List; import javax.annotation.PostConstruct; import javax.ejb.Stateless; import javax.persistence.EntityManager; import javax.persistence.PersistenceContext; import javax.persistence.Query; import javax.ws.rs.Consumes; import javax.ws.rs.DELETE; import javax.ws.rs.GET; import javax.ws.rs.POST; import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import org.apache.shiro.SecurityUtils; import org.apache.shiro.subject.Subject; import org.json.simple.JSONObject; /** * * @author SamuelSalazar */ @Stateless @Path("/auth") @Produces(MediaType.APPLICATION_JSON) @Consumes(MediaType.APPLICATION_JSON) public class AuthService { @PersistenceContext private EntityManager entityManager; /** * Encargado de iniciar el entity manager despus de la creacin de una * nueva instancia */ @PostConstruct public void init() { try { entityManager = PersistenceManager.getInstance().getEntityManagerFactory().createEntityManager(); UsersManager.syncRoles(); } catch (Exception | Error e) { e.printStackTrace(); } } @POST @Path("/register") public Response register(Usuario usuario) { JSONObject rta = new JSONObject(); try { entityManager.getTransaction().begin(); Query q = entityManager.createQuery("Select r FROM Rol r Where r.descripcion=:desc"); usuario.setRol((Rol) q.setParameter("desc", UsersManager.UserRol.USUARIO.toString()).getSingleResult()); entityManager.persist(usuario); entityManager.getTransaction().commit(); entityManager.refresh(usuario); rta.put("usuario", usuario); rta.put("token", new JwtToken(usuario.getUsuario(), -1).getToken()); } catch (Exception | Error t) { System.err.println("[ERROR] " + t.getMessage()); rta.put("error", t.getMessage()); if (entityManager.getTransaction().isActive()) { entityManager.getTransaction().rollback(); } return Response.status(400).entity(rta).build(); } finally { entityManager.clear(); entityManager.close(); } return Response.status(201).entity(rta).build(); } @POST @Path("/login") public Response login(JSONObject cred) { Query q = entityManager.createQuery("Select u FROM Usuario u Where u.usuario= :user").setParameter("user", (String) cred.get("usuario")); List<Usuario> list = q.getResultList(); Usuario rta = list.isEmpty() ? null : list.get(0); JSONObject err = new JSONObject(); if (rta == null) { err.put("error", "El usuario no existe"); return Response.status(404).entity(err).build(); } boolean valid = Passwords.isExpectedPassword(((String) cred.get("password")).toCharArray(), rta.getPasswordSalt(), rta.getPasswordHash()); if (!valid) { err.put("error", "Contrasea invalida"); return Response.status(400).entity(err).build(); } JwtToken token = new JwtToken(rta.getUsuario(), -1); JSONObject resp = new JSONObject(); resp.put("usuario", rta); resp.put("token", token.getToken()); return Response.status(200).entity(resp).build(); } @Path("/logout") @GET public Response logout() { Subject currentUser = SecurityUtils.getSubject(); if (currentUser != null && currentUser.isAuthenticated()) { currentUser.logout(); return Response.ok().build(); } return Response.status(Response.Status.BAD_REQUEST).entity("Not logged in").type(MediaType.TEXT_PLAIN) .build(); } }