com.axelor.auth

Class AuthService

java.lang.Object

com.axelor.auth.AuthService

@Singleton
public class AuthService
extends Object

The AuthService class provides various utility services including password encryption, password match and saving user password in encrypted form.

The AuthService should not be manually instantiated but either injected or user getInstance() method to get the instance of the service.

Constructor Summary

Constructors

Constructor and Description
AuthService()

Method Summary

Modifier and Type	Method and Description
void	changePassword(User user, String password) Changes user password.
void	checkPassword(ActionRequest request, ActionResponse response) Helper action to check user password.
Object	encrypt(Object user, Map context) This is an adapter method to be used with data import.
String	encrypt(String password) Encrypt the given password text if it's not encrypted yet.
User	encrypt(User user) Encrypt the password of the given user.
static AuthService	getInstance() Get the instance of the AuthService.
String	getPasswordPattern() Gets configured user password pattern.
String	getPasswordPatternTitle() Gets configured user password pattern description.
boolean	match(String plain, String saved) Match the given plain and saved passwords.
boolean	passwordMatchesPattern(String password) Checks whether the password matches the configured pattern.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

AuthService

@Inject
public AuthService()

Method Detail

getInstance

public static AuthService getInstance()

Get the instance of the AuthService.

Returns:

the AuthService instance

Throws:

IllegalStateException - if AuthService is not initialized

encrypt

public String encrypt(String password)

Encrypt the given password text if it's not encrypted yet.

The method tests the password for a special format to check if it is already encrypted, and In that case the password is returned as it is to avoid multiple encryption.

Parameters:

password - the password to encrypt

Returns:

encrypted password

encrypt

public User encrypt(User user)

Encrypt the password of the given user.

Parameters:

user - the user whose password needs to be encrypted

Returns:

the same user instance

encrypt

public Object encrypt(Object user,
                      Map context)

This is an adapter method to be used with data import.

This method can be used as call="com.axelor.auth.AuthService:encrypt" while importing user data to ensure user passwords are encrypted.

Parameters:

user - the object instance passed by data import engine

context - the data import context

Returns:

the same instance passed

match

public boolean match(String plain,
                     String saved)

Match the given plain and saved passwords.

Parameters:

plain - the plain password text

saved - the saved password text (hashed)

Returns:

true if they match

checkPassword

public void checkPassword(ActionRequest request,
                          ActionResponse response)

Helper action to check user password.

Parameters:

request - the request with username & password as context or data

response - the response, with user details if password matched

changePassword

public void changePassword(User user,
                           String password)

Changes user password.

Parameters:

user -

newPassword -

passwordMatchesPattern

public boolean passwordMatchesPattern(String password)

Checks whether the password matches the configured pattern.

Parameters:

password -

Returns:

getPasswordPattern

public String getPasswordPattern()

Gets configured user password pattern.

Returns:

getPasswordPatternTitle

public String getPasswordPatternTitle()

Gets configured user password pattern description.

Returns: