Login con Multiples roles
Last updated
Was this helpful?
Last updated
Was this helpful?
Tenemos un formulario para el login de usuarios. Un usuario puede tener multiples roles.
Contiene un List<Entity> referenciado @Referenced.
@Referenced(documment = "Rol",
field = "idrol", javatype = "String", lazy = false,
repository = "com.avbravo.transporteejb.repository.RolRepository")
private List<Rol> rol;Usuario.java
@Getter
@Setter
public class Usuario {
@Id
private String username;
private String password;
private String nombre;
private String cedula;
private String celular;
private String cargo;
private String email;
@Referenced(documment = "Rol",
field = "idrol", javatype = "String", lazy = false,
repository = "com.avbravo.transporteejb.repository.RolRepository")
private List<Rol> rol;
private String activo;
@Embedded
List<UserInfo> userInfo;
public Usuario() {
}
@Override
public String toString() {
return "Usuario{" + "username=" + username + ", password=" + password + ", nombre=" + nombre + ", celular=" + celular + ", cargo=" + cargo + ", email=" + email + ", rol=" + rol + ", userInfo=" + userInfo + '}';
}
}Rol.java
public class Rol {
@Id
private String idrol;
private String rol;
private String activo;
@Embedded
List<UserInfo> userInfo;
public Rol() {
}
@Override
public String toString() {
return "Rol{" + "idrol=" + idrol + ", rol=" + rol + '}';
}
}Agregar un selectOneMenu con los roles
<?xml version='1.0' encoding='UTF-8' ?>
<!DOCTYPE html>
<html xmlns="http://www.w3.org/1999/xhtml"
xmlns:h="http://java.sun.com/jsf/html"
xmlns:f="http://java.sun.com/jsf/core"
xmlns:b="http://bootsfaces.net/ui"
xmlns:ui="http://java.sun.com/jsf/facelets"
xmlns:p="http://primefaces.org/ui"
xmlns:a="http://xmlns.jcp.org/jsf/composite/avbravo">
<h:head>
<title>#{msg['application.title']}</title>
<meta name="author" content="Aristides Villarreal"></meta>
<style type="text/css">
.form-signin {
margin: 0 auto;
max-width: 330px;
padding: 15px;
}
</style>
<f:facet name="first">
<f:view locale="#{idiomas.locale}"></f:view>
<f:loadBundle basename="com.avbravo.transporte.properties.messages" var="msg" />
<f:loadBundle basename="com.avbravoutils.properties.application" var="app" />
</f:facet>
</h:head>
<h:body style="padding-top: 60px; background-color: lightslategray">
<b:container>
<h:form styleClass="form-signin" prependId="false" id="form">
<p:messages id="growl" closable="true" />
<h2 class="form-signin-heading"><p:outputLabel value="#{msg['application.shorttitle']}" style="color: white"/></h2>
<b:inputText id="username" value="#{loginController.username}" placeholder="#{app['login.username']}" >
<f:facet name="prepend">
<b:icon name="user" />
</f:facet>
</b:inputText>
<b:inputText id="password" value="#{loginController.password}" placeholder="#{app['login.password']}" type="password">
<f:facet name="prepend">
<b:iconAwesome name="key" />
</f:facet>
</b:inputText>
<p:outputLabel value="#{msg['field.rol']}" />
<a:selectOneMenu
id="rol"
value="#{loginController.rol}"
requiredMessage="#{msg['field.idrol']}"
selectItemsValue="#{usuarioController.rolServices.rolList}"
selectItemsLabel="#{item.idrol}"
/>
<b:commandButton look="primary btn-block" value="#{app['button.login']}"
action="#{loginController.doLogin()}" icon="log-in" size="lg"
update=":form:growl"/>
<p:confirmDialog widgetVar="sessionDialog" closable="false" global="true" showEffect="fade" hideEffect="fade"
message="#{app['session.procederacerrar']}">
<p:commandButton value="#{app['button.close']}" oncomplete="PF('sessionDialog').hide();"
update=":form" styleClass="ui-confirmdialog-yes"
action="#{loginController.invalidateCurrentSession()}" />
</p:confirmDialog>
</h:form>
</b:container>
</h:body>
</html>Crear un objeto
Rol rol = new Rol();Inyectar RolRepository
@Inject
RolRepository rolRepository;En el método isValid(), verificar que posea el rol seleccionado.
//Valida los roles del usuario si coincide con el seleccionado
Boolean foundrol = false;
for (Rol r : usuario.getRol()) {
if (rol.getIdrol().equals(r.getIdrol())) {
foundrol = true;
}
}
if (!foundrol) {
JsfUtil.successMessage(rf.getAppMessage("login.notienerolenelsistema") + " " + rol.getIdrol());
return false;
}
// if (!validadorRoles.validarRoles(usuario.getRol().getIdrol())) {
// JsfUtil.successMessage(rf.getAppMessage("login.notienerolenelsistema") + " " + usuario.getRol().getIdrol());
if (!validadorRoles.validarRoles(rol.getIdrol())) {
JsfUtil.successMessage(rf.getAppMessage("login.notienerolenelsistema") + " " + rol.getIdrol());
return false;
}LoginController.java
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
package com.avbravo.transporte.controller;
// <editor-fold defaultstate="collapsed" desc="imports">
import com.avbravo.avbravoutils.JsfUtil;
import com.avbravo.avbravosecurity.SecurityInterface;
import javax.inject.Inject;
import com.avbravo.avbravoutils.email.ManagerEmail;
import com.avbravo.ejbjmoordb.services.AccessInfoServices;
import com.avbravo.transporte.roles.ValidadorRoles;
import com.avbravo.transporte.util.ResourcesFiles;
import com.avbravo.transporteejb.entity.Rol;
import com.avbravo.transporteejb.entity.Usuario;
import com.avbravo.transporteejb.repository.AccessInfoRepository;
import com.avbravo.transporteejb.repository.RolRepository;
import com.avbravo.transporteejb.repository.UsuarioRepository;
import java.util.logging.Logger;
import javax.inject.Named;
import java.io.Serializable;
import java.util.HashMap;
import java.util.Optional;
import javax.annotation.PostConstruct;
import javax.annotation.PreDestroy;
import javax.enterprise.context.SessionScoped;
// </editor-fold>
/**
*
* @authoravbravo
*/
@Named
@SessionScoped
public class LoginController implements Serializable, SecurityInterface {
// <editor-fold defaultstate="collapsed" desc="fields">
private static final long serialVersionUID = 1L;
private static final Logger LOG = Logger.getLogger(LoginController.class.getName());
private HashMap<String, String> parameters = new HashMap<>();
private String passwordold;
private String passwordnew;
private String passwordnewrepeat;
Rol rol = new Rol();
//Acceso
@Inject
AccessInfoServices accessInfoServices;
@Inject
AccessInfoRepository accessInfoRepository;
@Inject
ResourcesFiles rf;
@Inject
ValidadorRoles validadorRoles;
Boolean loggedIn = false;
private String username;
private String password;
private String foto;
private String id;
private String key;
String usernameSelected;
Boolean recoverSession = false;
Boolean userwasLoged = false;
Boolean tokenwassend = false;
String usernameRecover = "";
String myemail = "@gmail.com";
String mytoken = "";
@Inject
UsuarioRepository usuarioRepository;
Usuario usuario = new Usuario();
@Inject
RolRepository rolRepository;
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="getter/setter">
public Rol getRol() {
return rol;
}
public void setRol(Rol rol) {
this.rol = rol;
}
public String getPasswordold() {
return passwordold;
}
public void setPasswordold(String passwordold) {
this.passwordold = passwordold;
}
public String getPasswordnew() {
return passwordnew;
}
public void setPasswordnew(String passwordnew) {
this.passwordnew = passwordnew;
}
public String getPasswordnewrepeat() {
return passwordnewrepeat;
}
public void setPasswordnewrepeat(String passwordnewrepeat) {
this.passwordnewrepeat = passwordnewrepeat;
}
public String getMyemail() {
return myemail;
}
public void setMyemail(String myemail) {
this.myemail = myemail;
}
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public String getKey() {
return key;
}
public void setKey(String key) {
this.key = key;
}
public Usuario getUsuario() {
return usuario;
}
public void setUsuario(Usuario usuario) {
this.usuario = usuario;
}
public String getUsername() {
return username;
}
public void setUsername(String username) {
this.username = username;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public Boolean getLoggedIn() {
return loggedIn;
}
public void setLoggedIn(Boolean loggedIn) {
this.loggedIn = loggedIn;
}
public Boolean getTokenwassend() {
return tokenwassend;
}
public void setTokenwassend(Boolean tokenwassend) {
this.tokenwassend = tokenwassend;
}
public String getMytoken() {
return mytoken;
}
public void setMytoken(String mytoken) {
this.mytoken = mytoken;
}
public String getUsernameSelected() {
return usernameSelected;
}
public void setUsernameSelected(String usernameSelected) {
this.usernameSelected = usernameSelected;
}
public Boolean getUserwasLoged() {
return userwasLoged;
}
public void setUserwasLoged(Boolean userwasLoged) {
this.userwasLoged = userwasLoged;
}
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="init">
@PostConstruct
public void init() {
loggedIn = false;
recoverSession = false;
userwasLoged = false;
tokenwassend = false;
}
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="destroy">
@PreDestroy
public void destroy() {
}
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="constructor">
public LoginController() {
}
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="irLogin">
public String irLogin() {
// return "/faces/login";
return "/login";
}
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="doLogin">
public String doLogin() {
try {
tokenwassend = false;
userwasLoged = false;
loggedIn = true;
usuario = new Usuario();
if (username == null || password == null) {
JsfUtil.warningMessage(rf.getAppMessage("login.usernamenotvalid"));
return null;
}
usernameRecover = usernameRecoveryOfSession();
recoverSession = !usernameRecover.equals("");
if (recoverSession) {
invalidateCurrentSession();
// RequestContext.getCurrentInstance().execute("PF('sessionDialog').show();");
JsfUtil.warningMessage(rf.getAppMessage("session.procederacerrar"));
return "";
}
if (recoverSession && usernameRecover.equals(username)) {
} else {
if (isUserLogged(username)) {
userwasLoged = true;
JsfUtil.warningMessage(rf.getAppMessage("login.alreadylogged"));
if (destroyByUsername(username)) {
}
return "";
}
}
if (!isUserValid()) {
accessInfoRepository.save(accessInfoServices.generateAccessInfo(username, "login", rf.getAppMessage("login.usernameorpasswordnotvalid")));
JsfUtil.warningMessage(rf.getAppMessage("login.usernameorpasswordnotvalid"));
return "";
}
saveUserInSession(username, 2100);
accessInfoRepository.save(accessInfoServices.generateAccessInfo(username, "login", rf.getAppMessage("login.welcome")));
loggedIn = true;
foto = "img/me.jpg";
JsfUtil.successMessage(rf.getAppMessage("login.welcome") + " " + usuario.getNombre());
return "/faces/index.xhtml?faces-redirect=true";
// return "/dashboard.xhtml?faces-redirect=true";
} catch (Exception e) {
JsfUtil.errorMessage(e, "doLogin()");
}
return "";
}
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="isValid">
/**
* verifica si es valido el usuario
*
* @return
*/
private Boolean isUserValid() {
Boolean isvalid = false;
try {
if (username.isEmpty() || username.equals("") || username == null) {
JsfUtil.successMessage(rf.getAppMessage("warning.usernameisempty"));
return false;
}
if (password.isEmpty() || password.equals("") || password == null) {
JsfUtil.successMessage(rf.getAppMessage("warning.passwordisempty"));
return false;
}
usuario.setUsername(username);
Optional<Usuario> optional = usuarioRepository.findById(usuario);
if (!optional.isPresent()) {
JsfUtil.warningMessage(rf.getAppMessage("login.usernamenotvalid"));
return false;
} else {
Usuario u2 = optional.get();
// usuario = optional.get();
usuario = u2;
if (!JsfUtil.desencriptar(usuario.getPassword()).equals(password)) {
JsfUtil.successMessage(rf.getAppMessage("login.passwordnotvalid"));
return false;
}
//Valida los roles del usuario si coincide con el seleccionado
Boolean foundrol = false;
for (Rol r : usuario.getRol()) {
if (rol.getIdrol().equals(r.getIdrol())) {
foundrol = true;
}
}
if (!foundrol) {
JsfUtil.successMessage(rf.getAppMessage("login.notienerolenelsistema") + " " + rol.getIdrol());
return false;
}
// if (!validadorRoles.validarRoles(usuario.getRol().getIdrol())) {
// JsfUtil.successMessage(rf.getAppMessage("login.notienerolenelsistema") + " " + usuario.getRol().getIdrol());
if (!validadorRoles.validarRoles(rol.getIdrol())) {
JsfUtil.successMessage(rf.getAppMessage("login.notienerolenelsistema") + " " + rol.getIdrol());
return false;
}
}
return true;
} catch (Exception e) {
JsfUtil.errorMessage("userValid() " + e.getLocalizedMessage());
}
return isvalid;
}// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="sendToken()">
public String sendToken() {
try {
// if(!myemail.equals("emailusuario")){
// //no es el email del usuario
// }
ManagerEmail managerEmail = new ManagerEmail();
String token = tokenOfUsername(username);
if (!token.equals("")) {
String texto = rf.getAppMessage("token.forinitsession") + " " + token + rf.getAppMessage("token.forinvalidate ");
if (managerEmail.send(myemail, rf.getAppMessage("token.tokenofsecurity"), texto, "adminemail@gmail.com", "adminpasswordemail")) {
JsfUtil.successMessage(rf.getAppMessage("token.wassendtoemail"));
tokenwassend = true;
} else {
JsfUtil.warningMessage(rf.getAppMessage("token.errortosendemail"));
}
} else {
JsfUtil.warningMessage(rf.getAppMessage("token.asiganedtouser"));
}
} catch (Exception e) {
JsfUtil.errorMessage("sendToken() " + e.getLocalizedMessage());
}
return "";
}// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="destroyByUser()">
public String destroyByUser() {
try {
if (isUserValid()) {
userwasLoged = !destroyByUsername(username);
if (!userwasLoged) {
JsfUtil.successMessage(rf.getAppMessage("session.destroyedloginagain"));
} else {
JsfUtil.successMessage(rf.getAppMessage("session.notdestroyed"));
}
} else {
JsfUtil.warningMessage(rf.getAppMessage("warning.usernotvalid"));
}
} catch (Exception e) {
JsfUtil.errorMessage("destroyByUser() " + e.getLocalizedMessage());
}
return "";
}
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="destroyWithToken()">
public String destroyByToken() {
try {
if (isUserValid()) {
userwasLoged = !destroyByToken(username, mytoken);
} else {
JsfUtil.warningMessage("Los datos del usuario no son validos");
}
} catch (Exception e) {
JsfUtil.warningMessage(rf.getAppMessage("warning.usernotvalid"));
}
return "";
}
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="invalidateCurrentSession">
public String invalidateCurrentSession() {
try {
if (invalidateMySession()) {
JsfUtil.successMessage(rf.getAppMessage("sesion.invalidate"));
} else {
JsfUtil.warningMessage(rf.getAppMessage("sesion.errortoinvalidate"));
}
} catch (Exception e) {
JsfUtil.successMessage("invalidateCurrentSession() " + e.getLocalizedMessage());
}
return "";
}// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="doLogout">
public String doLogout() {
return logout("/transporte/faces/login.xhtml?faces-redirect=true");
}
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="changePassword">
public String changePassword() {
try {
if (passwordold.isEmpty() || passwordold.equals("") || passwordold == null) {
//password anterior no debe estar vacio
JsfUtil.warningMessage(rf.getMessage("warning.passwordvacio"));
return "";
}
if (passwordnew.isEmpty() || passwordnew.equals("") || passwordold == null) {
//password nuevo no debe estar vacio
JsfUtil.warningMessage(rf.getMessage("warning.passwordnuevovacio"));
return "";
}
if (passwordnewrepeat.isEmpty() || passwordnewrepeat.equals("") || passwordnewrepeat == null) {
//el password repetido no coincide
JsfUtil.warningMessage(rf.getMessage("warning.passwordnuevorepetidovacio"));
return "";
}
if (!passwordnew.equals(passwordnewrepeat)) {
//password nuevo no coincide
JsfUtil.warningMessage(rf.getMessage("warning.passwordnocoinciden"));
return "";
}
if (!passwordold.equals(JsfUtil.desencriptar(usuario.getPassword()))) {
//password anterior no valido
JsfUtil.warningMessage(rf.getMessage("warning.passwordanteriornoescorrecto"));
return "";
}
if (passwordold.equals(passwordnew)) {
//esta colocando el password anterior como nuevo
JsfUtil.warningMessage(rf.getMessage("warning.passwordanteriorigualalnuevo"));
return "";
}
usuario.setPassword(JsfUtil.encriptar(passwordnew));
usuarioRepository.update(usuario);
JsfUtil.successMessage(rf.getAppMessage("info.update"));
} catch (Exception e) {
JsfUtil.errorMessage(e.getLocalizedMessage());
}
return null;
}
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="put(String key, String value)">
public void put(String key, String value) {
try {
parameters.put(key, value);
} catch (Exception e) {
JsfUtil.errorMessage("asignarParametro() " + e.getLocalizedMessage());
}
}
// </editor-fold>
// <editor-fold defaultstate="collapsed" desc="get(String key)">
public String get(String key) {
String value = "";
try {
value = parameters.get(key);
} catch (Exception e) {
JsfUtil.errorMessage("valueParameters() " + e.getLocalizedMessage());
}
return value;
} // </editor-fold>
}
