AuthService

java.lang.Object
- auth.gui.AuthService

```
@Singleton
public class AuthService
extends java.lang.Object
```
Service class around authentication and the session cookie. It works together with the SignIn controller and the @AuthAction.Auth annotation defined in AuthAction.

Field Summary

Fields
Modifier and Type	Field and Description
`static java.lang.String`	`LOGGED_IN_USER` Key name used in RequestScope to store the logged-in User
`static java.lang.String`	`SESSION_LAST_ACTIVITY_TIME` Parameter name in Play's session cookie: It contains a timestamp of the time of the last HTTP request done by the browser with this cookie
`static java.lang.String`	`SESSION_LOGIN_TIME` Parameter name in Play's session cookie: It contains the timestamp of the login time
`static java.lang.String`	`SESSION_USERNAME` Parameter name in Play's session cookie: It contains the username of the logged-in user

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`boolean`	`authenticate(User user, java.lang.String password)` Authenticates the user with the given password.
`User`	`getLoggedInUser()` Gets the logged-in user from the RequestScope.
`User`	`getLoggedInUserBySessionCookie(play.mvc.Http.Session session)` Retrieves the logged-in user from Play's session.
`boolean`	`isInactivityTimeout(play.mvc.Http.Session session)` Returns true if the session inactivity time as saved in Play's session cookie is older than allowed.
`boolean`	`isRepeatedLoginAttempt(java.lang.String normalizedUsername)` Returns true if there were already 3 login attempts within the last minute with this username
`boolean`	`isSessionTimeout(play.mvc.Http.Session session)` Returns true if the session login time as saved in Play's session cookie is older than allowed.
`void`	`writeSessionCookie(play.mvc.Http.Session session, java.lang.String normalizedUsername)` Prepares Play's session cookie for the user with the given username to be logged-in.

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Field Detail
  - SESSION_USERNAME
```
public static final java.lang.String SESSION_USERNAME
```
    Parameter name in Play's session cookie: It contains the username of the logged-in user
    
    See Also:
    
    Constant Field Values
  - SESSION_LOGIN_TIME
```
public static final java.lang.String SESSION_LOGIN_TIME
```
    Parameter name in Play's session cookie: It contains the timestamp of the login time
    
    See Also:
    
    Constant Field Values
  - SESSION_LAST_ACTIVITY_TIME
```
public static final java.lang.String SESSION_LAST_ACTIVITY_TIME
```
    Parameter name in Play's session cookie: It contains a timestamp of the time of the last HTTP request done by the browser with this cookie
    
    See Also:
    
    Constant Field Values
  - LOGGED_IN_USER
```
public static final java.lang.String LOGGED_IN_USER
```
    Key name used in RequestScope to store the logged-in User
    
    See Also:
    
    Constant Field Values
- Method Detail
  - authenticate
```
public boolean authenticate(User user,
                            java.lang.String password)
                     throws javax.naming.NamingException
```
    Authenticates the user with the given password.
    
    Throws:
    
    javax.naming.NamingException
  - isRepeatedLoginAttempt
```
public boolean isRepeatedLoginAttempt(java.lang.String normalizedUsername)
```
    Returns true if there were already 3 login attempts within the last minute with this username
  - getLoggedInUserBySessionCookie
```
public User getLoggedInUserBySessionCookie(play.mvc.Http.Session session)
```
    Retrieves the logged-in user from Play's session. If a user is logged-in their username is stored in Play's session cookie. With the username a user can be retrieved from the database. Returns null if the session doesn't contain a username or if the user doesn't exist in the database.
    In most cases getLoggedInUser() is faster since it doesn't have to query the database.
  - getLoggedInUser
```
public User getLoggedInUser()
```
    Gets the logged-in user from the RequestScope. It was put into the RequestScope by the AuthenticationAction. Therefore, this method works only if you use the @Authenticated annotation at your action.
  - writeSessionCookie
```
public void writeSessionCookie(play.mvc.Http.Session session,
                               java.lang.String normalizedUsername)
```
    Prepares Play's session cookie for the user with the given username to be logged-in. Does not authenticate the user (use authenticate() for this).
  - isSessionTimeout
```
public boolean isSessionTimeout(play.mvc.Http.Session session)
```
    Returns true if the session login time as saved in Play's session cookie is older than allowed.
  - isInactivityTimeout
```
public boolean isInactivityTimeout(play.mvc.Http.Session session)
```
    Returns true if the session inactivity time as saved in Play's session cookie is older than allowed.

Class AuthService

Field Summary

Method Summary

Methods inherited from class java.lang.Object

Field Detail

SESSION_USERNAME

SESSION_LOGIN_TIME

SESSION_LAST_ACTIVITY_TIME

LOGGED_IN_USER

Method Detail

authenticate

isRepeatedLoginAttempt

getLoggedInUserBySessionCookie

getLoggedInUser

writeSessionCookie

isSessionTimeout

isInactivityTimeout