public/docs
1
0
Fork 0
mirror of https://github.com/sismics/docs.git synced 2025-12-13 09:46:17 +00:00
Code Issues Releases Wiki Activity

#84: TOTP key generation and validation code checking on login

Browse Source
This commit is contained in:
jendib
2016-03-22 23:08:49 +01:00
parent 5f84da61c8
commit fb0bb62eaf
11 changed files with 118 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs-core/src/main/java/com/sismics/docs/core/dao/jpa/UserDao.java
View File

@@ -36,9 +36,9 @@ public class UserDao {
*
* @param username User login
* @param password User password
* @return ID of the authenticated user or null
* @return The authenticated user or null
*/
public String authenticate(String username, String password) {
public User authenticate(String username, String password) {
EntityManager em = ThreadLocalContext.get().getEntityManager();
Query q = em.createQuery("select u from User u where u.username = :username and u.deleteDate is null");
q.setParameter("username", username);
@@ -47,7 +47,7 @@ public class UserDao {
if (!BCrypt.checkpw(password, user.getPassword())) {
return null;
}
return user.getId();
return user;
} catch (NoResultException e) {
return null;
}
@@ -104,6 +104,7 @@ public class UserDao {
userFromDb.setEmail(user.getEmail());
userFromDb.setStorageQuota(user.getStorageQuota());
userFromDb.setStorageCurrent(user.getStorageCurrent());
userFromDb.setTotpKey(user.getTotpKey());
// Create audit log
AuditLogUtil.create(userFromDb, AuditLogType.UPDATE, userId);

21
docs-core/src/main/java/com/sismics/docs/core/model/jpa/AuthenticationToken.java
View File

@@ -64,56 +64,63 @@ public class AuthenticationToken {
return id;
}
public void setId(String id) {
public AuthenticationToken setId(String id) {
this.id = id;
return this;
}
public String getUserId() {
return userId;
}
public void setUserId(String userId) {
public AuthenticationToken setUserId(String userId) {
this.userId = userId;
return this;
}
public boolean isLongLasted() {
return longLasted;
}
public void setLongLasted(boolean longLasted) {
public AuthenticationToken setLongLasted(boolean longLasted) {
this.longLasted = longLasted;
return this;
}
public String getIp() {
return ip;
}
public void setIp(String ip) {
public AuthenticationToken setIp(String ip) {
this.ip = ip;
return this;
}
public String getUserAgent() {
return userAgent;
}
public void setUserAgent(String userAgent) {
public AuthenticationToken setUserAgent(String userAgent) {
this.userAgent = userAgent;
return this;
}
public Date getCreationDate() {
return creationDate;
}
public void setCreationDate(Date creationDate) {
public AuthenticationToken setCreationDate(Date creationDate) {
this.creationDate = creationDate;
return this;
}
public Date getLastConnectionDate() {
return lastConnectionDate;
}
public void setLastConnectionDate(Date lastConnectionDate) {
public AuthenticationToken setLastConnectionDate(Date lastConnectionDate) {
this.lastConnectionDate = lastConnectionDate;
return this;
}
@Override

45
docs-core/src/main/java/com/sismics/docs/core/model/jpa/User.java
View File

@@ -48,6 +48,12 @@ public class User implements Loggable {
@Column(name = "USE_PRIVATEKEY_C", nullable = false, length = 100)
private String privateKey;
/**
* TOTP secret key.
*/
@Column(name = "USE_TOTPKEY_C", length = 100)
private String totpKey;
/**
* Email address.
*/
@@ -82,48 +88,54 @@ public class User implements Loggable {
return id;
}
public void setId(String id) {
public User setId(String id) {
this.id = id;
return this;
}
public String getRoleId() {
return roleId;
}
public void setRoleId(String roleId) {
public User setRoleId(String roleId) {
this.roleId = roleId;
return this;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
public User setUsername(String username) {
this.username = username;
return this;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
public User setPassword(String password) {
this.password = password;
return this;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
public User setEmail(String email) {
this.email = email;
return this;
}
public Date getCreateDate() {
return createDate;
}
public void setCreateDate(Date createDate) {
public User setCreateDate(Date createDate) {
this.createDate = createDate;
return this;
}
@Override
@@ -131,32 +143,45 @@ public class User implements Loggable {
return deleteDate;
}
public void setDeleteDate(Date deleteDate) {
public User setDeleteDate(Date deleteDate) {
this.deleteDate = deleteDate;
return this;
}
public String getPrivateKey() {
return privateKey;
}
public void setPrivateKey(String privateKey) {
public User setPrivateKey(String privateKey) {
this.privateKey = privateKey;
return this;
}
public Long getStorageQuota() {
return storageQuota;
}
public void setStorageQuota(Long storageQuota) {
public User setStorageQuota(Long storageQuota) {
this.storageQuota = storageQuota;
return this;
}
public Long getStorageCurrent() {
return storageCurrent;
}
public void setStorageCurrent(Long storageCurrent) {
public User setStorageCurrent(Long storageCurrent) {
this.storageCurrent = storageCurrent;
return this;
}
public String getTotpKey() {
return totpKey;
}
public User setTotpKey(String totpKey) {
this.totpKey = totpKey;
return this;
}
@Override

2
docs-core/src/main/resources/config.properties
View File

@@ -1 +1 @@
db.version=8
db.version=9

2
docs-core/src/main/resources/db/update/dbupdate-009-0.sql Normal file
View File

@@ -0,0 +1,2 @@
alter table T_USER add column USE_TOTPKEY_C varchar(100);
update T_CONFIG set CFG_VALUE_C = '9' where CFG_ID_C = 'DB_VERSION';