@Entity
@Table(name="user")
public class User {
@Id
@GeneratedValue
public Long id;
public String email;
public String password;
}
public class LoginForm {
@Required
@Constraints.Email
private String email;
@Required
@Constraints.MinLength(value=4)
private String password;
public String validate() {
if(Authentication.authenticate(this.email, this.password) == null) {
return "Invalid user or password";
}
return null;
}
public final class Authentication extends Controller {
public static Result login() {
return ok(
login.render(form(LoginForm.class))
);
}
public static Result authenticate() {
// the validate method of the form has already been called
Form<LoginForm> loginForm = form(LoginForm.class).bindFromRequest();
if(loginForm.hasErrors()) {
return badRequest(login.render(loginForm));
} else {
session("email", loginForm.get().getEmail());
return redirect(
routes.Application.index()
);
}
}
public static User authenticate(final String email, final String password){
return Ebean.find(User.class)
.where()
.eq("email", email)
.eq("password", Base64.getSHABase64(password))
.findUnique();
}
public static Result logout() {
session().clear();
flash("success", "You've been logged out");
return redirect(
routes.Authentication.login()
);
}
}
public class Secured extends Security.Authenticator {
@Override
public String getUsername(Context ctx) {
return ctx.session().get("email");
}
@Override
public Result onUnauthorized(Context ctx) {
return redirect(routes.Authentication.login());
}
}
@Security.Authenticated(Secured.class)
public class Application extends Controller {
public static Result index() {
Logger.debug("Logged in as user " + Context.current().request().username());
return ok(index.render("Your new application is ready."));
}
}