@Singleton
public class AuthService
extends java.lang.Object
SignIn
controller and the @AuthAction.Auth
annotation defined in AuthAction
.Modifier and Type | Field and Description |
---|---|
static java.lang.String |
LOGGED_IN_USER
Key name used in RequestScope to store the logged-in User
|
static java.lang.String |
SESSION_LAST_ACTIVITY_TIME
Parameter name in Play's session cookie: It contains a timestamp of the
time of the last HTTP request done by the browser with this cookie
|
static java.lang.String |
SESSION_LOGIN_TIME
Parameter name in Play's session cookie: It contains the timestamp of the login time
|
static java.lang.String |
SESSION_USERNAME
Parameter name in Play's session cookie: It contains the username of the logged-in user
|
Modifier and Type | Method and Description |
---|---|
boolean |
authenticate(User user,
java.lang.String password)
Authenticates the user with the given password.
|
void |
clearSessionCookie(play.mvc.Http.Session session)
Deletes the session cookie.
|
User |
getLoggedInUser()
Gets the logged-in user from the RequestScope.
|
User |
getLoggedInUserBySessionCookie(play.mvc.Http.Session session)
Retrieves the logged-in user from Play's session.
|
boolean |
isInactivityTimeout(play.mvc.Http.Session session)
Returns true if the session inactivity time as saved in Play's session
cookie is older than allowed.
|
boolean |
isRepeatedLoginAttempt(java.lang.String normalizedUsername)
Returns true if there were already 3 login attempts within the last minute with this username
|
boolean |
isSessionTimeout(play.mvc.Http.Session session)
Returns true if the session login time as saved in Play's session cookie
is older than allowed.
|
void |
refreshSessionCookie(play.mvc.Http.Session session)
Refreshes the last activity timestamp in Play's session cookie.
|
void |
writeSessionCookie(play.mvc.Http.Session session,
java.lang.String normalizedUsername)
Prepares Play's session cookie for the user with the given username to be logged-in.
|
public static final java.lang.String SESSION_USERNAME
public static final java.lang.String SESSION_LOGIN_TIME
public static final java.lang.String SESSION_LAST_ACTIVITY_TIME
public static final java.lang.String LOGGED_IN_USER
public boolean authenticate(User user, java.lang.String password) throws javax.naming.NamingException
javax.naming.NamingException
public boolean isRepeatedLoginAttempt(java.lang.String normalizedUsername)
public User getLoggedInUserBySessionCookie(play.mvc.Http.Session session)
In most cases getLoggedInUser() is faster since it doesn't have to query the database.
public User getLoggedInUser()
public void writeSessionCookie(play.mvc.Http.Session session, java.lang.String normalizedUsername)
public void refreshSessionCookie(play.mvc.Http.Session session)
public void clearSessionCookie(play.mvc.Http.Session session)
public boolean isSessionTimeout(play.mvc.Http.Session session)
public boolean isInactivityTimeout(play.mvc.Http.Session session)