|
Last change
on this file since 831 was
831,
checked in by keesvb, 12 years ago
|
|
first implementation of user-based REST services, only checks whether a user is owner of a study and returns the studies and assays only for his/her owned studies. The other methods are not secured yet, but ought to go via study or assay.
|
|
File size:
1000 bytes
|
| Line | |
|---|
| 1 | /** |
|---|
| 2 | * AuthService Service |
|---|
| 3 | * |
|---|
| 4 | * Checks whether a user is logged in (see also nl.metabolomicscentre.dsp.aaa.AuthService) |
|---|
| 5 | * |
|---|
| 6 | * @author keesvb |
|---|
| 7 | * @since 20100823 |
|---|
| 8 | * @package dbnp.user |
|---|
| 9 | * |
|---|
| 10 | * Revision information: |
|---|
| 11 | * $Rev$ |
|---|
| 12 | * $Author$ |
|---|
| 13 | * $Date$ |
|---|
| 14 | */ |
|---|
| 15 | package dbnp.user |
|---|
| 16 | |
|---|
| 17 | // Shiro |
|---|
| 18 | import org.apache.shiro.SecurityUtils |
|---|
| 19 | import org.apache.shiro.authc.UsernamePasswordToken |
|---|
| 20 | |
|---|
| 21 | |
|---|
| 22 | class AuthService { |
|---|
| 23 | |
|---|
| 24 | static transactional = true |
|---|
| 25 | |
|---|
| 26 | def authUser(username = "", password = "") { |
|---|
| 27 | println "authenticating ${username} with password ${password}" |
|---|
| 28 | if (!username || !password){ |
|---|
| 29 | return false // required information missing to authenticate |
|---|
| 30 | } |
|---|
| 31 | |
|---|
| 32 | def currentUser = SecurityUtils.getSubject() |
|---|
| 33 | def token = new UsernamePasswordToken(username, password); |
|---|
| 34 | |
|---|
| 35 | try { |
|---|
| 36 | currentUser.login( token ); |
|---|
| 37 | } catch ( Exception e ) { |
|---|
| 38 | return false //username wasn't in the system, show them an error message? |
|---|
| 39 | } |
|---|
| 40 | |
|---|
| 41 | //return UserBase.get(currentUser.getPrincipal()) |
|---|
| 42 | return dbnp.user.User.get(currentUser.getPrincipal()) |
|---|
| 43 | } |
|---|
| 44 | } |
|---|
Note: See
TracBrowser
for help on using the repository browser.
