Source code

001// --------------------------------------------------------------------------------
002// Copyright 2002-2025 Echo Three, LLC
003//
004// Licensed under the Apache License, Version 2.0 (the "License");
005// you may not use this file except in compliance with the License.
006// You may obtain a copy of the License at
007//
008//     http://www.apache.org/licenses/LICENSE-2.0
009//
010// Unless required by applicable law or agreed to in writing, software
011// distributed under the License is distributed on an "AS IS" BASIS,
012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013// See the License for the specific language governing permissions and
014// limitations under the License.
015// --------------------------------------------------------------------------------
016
017package com.echothree.control.user.authentication.server.command;
018
019import com.echothree.control.user.authentication.common.form.CustomerLoginForm;
020import com.echothree.model.control.party.common.PartyTypes;
021import com.echothree.model.control.party.server.logic.LockoutPolicyLogic;
022import com.echothree.model.control.party.server.logic.PartyLogic;
023import com.echothree.model.control.user.server.logic.UserLoginLogic;
024import com.echothree.model.data.user.common.pk.UserVisitPK;
025import com.echothree.util.common.command.BaseResult;
026import com.echothree.util.common.validation.FieldDefinition;
027import com.echothree.util.common.validation.FieldType;
028import java.util.Arrays;
029import java.util.Collections;
030import java.util.List;
031import javax.enterprise.context.RequestScoped;
032
033@RequestScoped
034public class CustomerLoginCommand
035        extends BaseLoginCommand<CustomerLoginForm> {
036
037    // No COMMAND_SECURITY_DEFINITION, anyone may execute this command.
038    private final static List<FieldDefinition> FORM_FIELD_DEFINITIONS;
039    
040    static {
041        FORM_FIELD_DEFINITIONS = Collections.unmodifiableList(Arrays.asList(
042                new FieldDefinition("Username", FieldType.STRING, true, 1L, 80L),
043                new FieldDefinition("Password", FieldType.STRING, true, 1L, 40L),
044                new FieldDefinition("RemoteInet4Address", FieldType.INET_4_ADDRESS, false, null, null)
045                ));
046    }
047    
048    /** Creates a new instance of CustomerLoginCommand */
049    public CustomerLoginCommand() {
050        super(null, FORM_FIELD_DEFINITIONS);
051    }
052    
053    @Override
054    protected BaseResult execute() {
055        var userLogin = UserLoginLogic.getInstance().getUserLoginByUsername(this, form.getUsername());
056        
057        if(!hasExecutionErrors()) {
058            var party = userLogin.getParty();
059
060            PartyLogic.getInstance().checkPartyType(this, party, PartyTypes.CUSTOMER.name());
061
062            if(!hasExecutionErrors()) {
063                var userControl = getUserControl();
064                var userLoginStatus = userControl.getUserLoginStatusForUpdate(party);
065
066                LockoutPolicyLogic.getInstance().checkUserLogin(session, this, party, userLoginStatus);
067                
068                if(!hasExecutionErrors()) {
069                    if(checkPasswords(userLoginStatus, form.getPassword(), party, true)) {
070                        var strRemoteInet4Address = form.getRemoteInet4Address();
071                        var remoteInet4Address = strRemoteInet4Address == null ? null : Integer.valueOf(form.getRemoteInet4Address());
072                        
073                        successfulLogin(userLoginStatus, party, null, remoteInet4Address);
074                    }
075                }
076                
077                if(hasExecutionErrors()) {
078                    unsuccessfulLogin(userLoginStatus);
079                }
080            }
081        }
082        
083        return null;
084    }
085    
086}