sirius.biz.jdbc.model

Class LoginData

java.lang.Object

sirius.kernel.di.transformers.Composable

sirius.db.mixing.Mixable

sirius.db.mixing.Composite

sirius.biz.jdbc.model.LoginData

All Implemented Interfaces:

sirius.kernel.di.transformers.Transformable

public class LoginData
extends sirius.db.mixing.Composite

Stores a username and encrypted password along with some trace data to support logins which can be embedded into other entities or mixins.

Note that no uniqueness constraint is placed on the username as the context of unqiueness has to be decided by the outside class.

An example of an actual user is UserAccount.

Field Summary

Fields

Modifier and Type	Field and Description
static sirius.db.mixing.Mapping	ACCOUNT_LOCKED Contains a flag which checks if the user is permitted to login.
static sirius.db.mixing.Mapping	API_TOKEN Provides an API TOKEN which is crypthgraphically created and can be used as password for technical integrations
static sirius.db.mixing.Mapping	GENERATED_PASSWORD Contains the generated password as cleartext (so it can be reported to the user).
static sirius.db.mixing.Mapping	LAST_EXTERNAL_LOGIN Records the timestamp of the last login via an external system.
static sirius.db.mixing.Mapping	LAST_LOGIN Records the timestamp of the last login.
static sirius.db.mixing.Mapping	LAST_PASSWORD_CHANGE Records the timestamp of the last password change.
static sirius.db.mixing.Mapping	NUMBER_OF_LOGINS Records the number of logins.
static sirius.db.mixing.Mapping	PASSWORD_HASH Contains the hashed value of the password to verify the password at login
static sirius.db.mixing.Mapping	SALT Contains a random salt which is prepended to the password before hashing to block rainbow tables and the like.
static sirius.db.mixing.Mapping	UCASE_PASSWORD_HASH Contains the hash value of the password in all upper case.
static sirius.db.mixing.Mapping	USERNAME Contains the username used to identify the account.

Fields inherited from class sirius.db.mixing.Mixable

elastic, mango, mixing, oma

Fields inherited from class sirius.kernel.di.transformers.Composable

components

Constructor Summary

Constructors

Constructor and Description
LoginData()

Method Summary

Modifier and Type	Method and Description
protected void	autofill()
boolean	checkPassword(String password, String defaultSalt) Checks if the given password is correct.
String	getApiToken()
String	getCleartextPassword() Returns the currently set password in cleartext.
String	getGeneratedPassword()
LocalDateTime	getLastExternalLogin()
LocalDateTime	getLastLogin()
LocalDateTime	getLastPasswordChange()
int	getNumberOfLogins()
String	getPasswordHash()
String	getSalt()
String	getUcasePasswordHash()
String	getUsername()
static String	hashPassword(String salt, String password) Computes a password hash for a given salt and password.
boolean	isAccountLocked()
boolean	isDisplayGeneratedPassword() Determines if the generated password should be displayed.
void	setAccountLocked(boolean accountLocked)
void	setApiToken(String apiToken)
void	setCleartextPassword(String cleartextPassword) Sets the password in cleartext.
void	setGeneratedPassword(String generatedPassword)
void	setLastExternalLogin(LocalDateTime lastExternalLogin)
void	setLastLogin(LocalDateTime lastLogin)
void	setNumberOfLogins(int numberOfLogins)
void	setUsername(String username)
void	verifyPassword(String password, String confirmation, int minPasswordLength) Verifys the given password if it meets the length requirement and is equal to its confirmation.

Methods inherited from class sirius.db.mixing.Mixable

is, makeNewInstance, tryAs

Methods inherited from class sirius.kernel.di.transformers.Composable

as, attach, attach

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

USERNAME

public static final sirius.db.mixing.Mapping USERNAME

Contains the username used to identify the account.

PASSWORD_HASH

public static final sirius.db.mixing.Mapping PASSWORD_HASH

Contains the hashed value of the password to verify the password at login

UCASE_PASSWORD_HASH

public static final sirius.db.mixing.Mapping UCASE_PASSWORD_HASH

Contains the hash value of the password in all upper case. This is used to support case insensitive password. This is kind of a crazy idea, but some systems need this functionality for legacy reasons.

SALT

public static final sirius.db.mixing.Mapping SALT

Contains a random salt which is prepended to the password before hashing to block rainbow tables and the like.

GENERATED_PASSWORD

public static final sirius.db.mixing.Mapping GENERATED_PASSWORD

Contains the generated password as cleartext (so it can be reported to the user). Once the user changes the password, this field will be set to null.

API_TOKEN

public static final sirius.db.mixing.Mapping API_TOKEN

Provides an API TOKEN which is crypthgraphically created and can be used as password for technical integrations

NUMBER_OF_LOGINS

public static final sirius.db.mixing.Mapping NUMBER_OF_LOGINS

Records the number of logins.

LAST_LOGIN

public static final sirius.db.mixing.Mapping LAST_LOGIN

Records the timestamp of the last login.

LAST_EXTERNAL_LOGIN

public static final sirius.db.mixing.Mapping LAST_EXTERNAL_LOGIN

Records the timestamp of the last login via an external system.

When using external identity poviders, like SAML, we want to keep track when the last login via this happened as we probably want to enforce regular validations (logins).

LAST_PASSWORD_CHANGE

public static final sirius.db.mixing.Mapping LAST_PASSWORD_CHANGE

Records the timestamp of the last password change.

ACCOUNT_LOCKED

public static final sirius.db.mixing.Mapping ACCOUNT_LOCKED

Contains a flag which checks if the user is permitted to login.

Constructor Detail

LoginData

public LoginData()

Method Detail

autofill

protected void autofill()

verifyPassword

public void verifyPassword(String password,
                           String confirmation,
                           int minPasswordLength)

Verifys the given password if it meets the length requirement and is equal to its confirmation.

Parameters:

password - the password to check for

confirmation - the confirmation password to check for

minPasswordLength - the minimum password length

Throws:

sirius.kernel.health.HandledException - if password is too short or if passwords do mismatch

hashPassword

public static String hashPassword(String salt,
                                  String password)

Computes a password hash for a given salt and password.

Parameters:

salt - the salt to use

password - the password to hash

Returns:

a cryptographic one way hash based on the salt and password

checkPassword

public boolean checkPassword(String password,
                             String defaultSalt)

Checks if the given password is correct.

Parameters:

password - the password to validate

defaultSalt - the salt used as a fallback

Returns:

true if the password is valid, false otherwise

getCleartextPassword

public String getCleartextPassword()

Returns the currently set password in cleartext.

Note that this value is transient and therefore not saved to the database.

Returns:

the currently applied password in cleatext

setCleartextPassword

public void setCleartextPassword(String cleartextPassword)

Sets the password in cleartext.

Note that this value is transient and therefore not saved to the database. This field only exists for convenience, as it can be filled and the associated entity can be save. All hashes will be updated accordingly.

Parameters:

cleartextPassword - the password as clear text

getPasswordHash

public String getPasswordHash()

getUcasePasswordHash

public String getUcasePasswordHash()

getSalt

public String getSalt()

getGeneratedPassword

public String getGeneratedPassword()

setGeneratedPassword

public void setGeneratedPassword(String generatedPassword)

getNumberOfLogins

public int getNumberOfLogins()

setNumberOfLogins

public void setNumberOfLogins(int numberOfLogins)

getLastLogin

public LocalDateTime getLastLogin()

setLastLogin

public void setLastLogin(LocalDateTime lastLogin)

getLastExternalLogin

public LocalDateTime getLastExternalLogin()

setLastExternalLogin

public void setLastExternalLogin(LocalDateTime lastExternalLogin)

getLastPasswordChange

public LocalDateTime getLastPasswordChange()

isDisplayGeneratedPassword

public boolean isDisplayGeneratedPassword()

Determines if the generated password should be displayed.

Returns:

true if the generated password should be displayed, false otherwise

isAccountLocked

public boolean isAccountLocked()

setAccountLocked

public void setAccountLocked(boolean accountLocked)

getUsername

public String getUsername()

setUsername

public void setUsername(String username)

getApiToken

public String getApiToken()

setApiToken

public void setApiToken(String apiToken)