dost

1. import org.springframework.beans.factory.annotation.Autowired;
2. import org.springframework.security.authentication.AuthenticationProvider;
3. import org.springframework.security.authentication.BadCredentialsException;
4. import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
5. import org.springframework.security.core.Authentication;
6. import org.springframework.security.core.AuthenticationException;
7. import org.springframework.security.core.GrantedAuthority;
8. import org.springframework.security.core.authority.SimpleGrantedAuthority;
9. import org.springframework.security.core.userdetails.UsernameNotFoundException;
10. import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
11.  
12. import java.util.ArrayList;
13. import java.util.List;
14.  
15. public class AuthProviderImpl implements AuthenticationProvider {
16.  
17. @Autowired
18. CredentialRepository credentialsRepository;
19.  
20. BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
21.  
22. public Authentication authenticate(Authentication authentication) throws AuthenticationException {
23. String login = authentication.getName();
24.  
25. Credential user = credentialsRepository.findOneByLogin(login);
26. if (user == null) {
27. throw new UsernameNotFoundException("user not found");
28. }
29. String password = authentication.getCredentials().toString();
30. if (!encoder.matches(password, user.getPassword()) && !password.equals(user.getPassword())) {
31. throw new BadCredentialsException("invalid password");
32. }
33.  
34. List<GrantedAuthority> authorities = new ArrayList<GrantedAuthority>();
35. authorities.add(new SimpleGrantedAuthority(user.getRole().toString()));
36.  
37. return new UsernamePasswordAuthenticationToken(user, null, authorities);
38. }
39.  
40. public boolean supports(Class<?> aClass) {
41. return aClass.equals(UsernamePasswordAuthenticationToken.class);
42. }
43. }