001// -------------------------------------------------------------------------------- 002// Copyright 2002-2025 Echo Three, LLC 003// 004// Licensed under the Apache License, Version 2.0 (the "License"); 005// you may not use this file except in compliance with the License. 006// You may obtain a copy of the License at 007// 008// http://www.apache.org/licenses/LICENSE-2.0 009// 010// Unless required by applicable law or agreed to in writing, software 011// distributed under the License is distributed on an "AS IS" BASIS, 012// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013// See the License for the specific language governing permissions and 014// limitations under the License. 015// -------------------------------------------------------------------------------- 016 017package com.echothree.model.control.party.server.logic; 018 019import com.echothree.model.control.party.server.control.PartyControl; 020import com.echothree.model.data.party.server.entity.Party; 021import com.echothree.model.data.party.server.entity.PartyTypeLockoutPolicyDetail; 022import com.echothree.model.data.user.server.entity.UserLoginStatus; 023import com.echothree.util.common.message.ExecutionErrors; 024import com.echothree.util.server.message.ExecutionErrorAccumulator; 025import com.echothree.util.server.persistence.Session; 026import javax.enterprise.context.ApplicationScoped; 027import javax.enterprise.inject.spi.CDI; 028 029@ApplicationScoped 030public class LockoutPolicyLogic { 031 032 protected LockoutPolicyLogic() { 033 super(); 034 } 035 036 public static LockoutPolicyLogic getInstance() { 037 return CDI.current().select(LockoutPolicyLogic.class).get(); 038 } 039 040 private void resetFailureCount(final Session session, final UserLoginStatus userLoginStatus, 041 final PartyTypeLockoutPolicyDetail policyDetail) { 042 if(!policyDetail.getManualLockoutReset()) { 043 var resetFailureCountTime = policyDetail.getResetFailureCountTime(); 044 045 if(resetFailureCountTime != null && userLoginStatus.getFailureCount() != 0) { 046 if(session.START_TIME - userLoginStatus.getLastFailureTime() > resetFailureCountTime) { 047 userLoginStatus.setFailureCount(0); 048 } 049 } 050 } 051 } 052 053 private void checkLockoutFailureCount(final ExecutionErrorAccumulator ema, final UserLoginStatus userLoginStatus, 054 final PartyTypeLockoutPolicyDetail policyDetail) { 055 var lockoutFailureCount = policyDetail.getLockoutFailureCount(); 056 057 if(lockoutFailureCount != null && userLoginStatus.getFailureCount() >= lockoutFailureCount) { 058 ema.addExecutionError(ExecutionErrors.LockoutFailureCountExceeded.name()); 059 060 if(policyDetail.getManualLockoutReset()) { 061 ema.addExecutionError(ExecutionErrors.LockoutManualResetRequired.name()); 062 } 063 } 064 } 065 066 private void checkLockoutInactiveTime(final Session session, final ExecutionErrorAccumulator ema, 067 final UserLoginStatus userLoginStatus, final PartyTypeLockoutPolicyDetail policyDetail) { 068 var lockoutInactiveTime = policyDetail.getLockoutInactiveTime(); 069 var lastLoginTime = userLoginStatus.getLastLoginTime(); 070 071 if(lockoutInactiveTime != null && lastLoginTime != null && session.START_TIME - userLoginStatus.getLastLoginTime() >= lockoutInactiveTime) { 072 ema.addExecutionError(ExecutionErrors.LockoutInactiveTimeExceeded.name()); 073 } 074 } 075 076 public void checkUserLogin(final Session session, final ExecutionErrorAccumulator ema, final Party party, 077 final UserLoginStatus userLoginStatus) { 078 var partyControl = Session.getModelController(PartyControl.class); 079 var policy = partyControl.getPartyTypeLockoutPolicy(party.getLastDetail().getPartyType()); 080 081 if(policy != null) { 082 var policyDetail = policy.getLastDetail(); 083 084 resetFailureCount(session, userLoginStatus, policyDetail); 085 checkLockoutFailureCount(ema, userLoginStatus, policyDetail); 086 checkLockoutInactiveTime(session, ema, userLoginStatus, policyDetail); 087 } 088 } 089 090}