Merge pull request 'Token expiration added' (#22) from token-expiration into master
Reviewed-on: http://git.plannaplan.pl/filipizydorczyk/backend/pulls/22
This commit is contained in:
commit
1ddeb83cb4
@ -1,6 +1,7 @@
|
||||
package com.plannaplan.entities;
|
||||
|
||||
import java.sql.Date;
|
||||
import java.sql.Timestamp;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import javax.persistence.Entity;
|
||||
import javax.persistence.GeneratedValue;
|
||||
@ -11,6 +12,8 @@ import com.plannaplan.types.UserRoles;
|
||||
|
||||
@Entity
|
||||
public class User {
|
||||
private static final float TOKEN_EXPIRE_MINUTES = 15;
|
||||
|
||||
@Id
|
||||
@GeneratedValue(strategy = GenerationType.AUTO)
|
||||
private Long id;
|
||||
@ -19,7 +22,7 @@ public class User {
|
||||
private String email;
|
||||
private UserRoles role;
|
||||
private String token;
|
||||
private Date tokenCreatedDate;
|
||||
private Timestamp tokenUsageDate;
|
||||
|
||||
public User() {
|
||||
}
|
||||
@ -39,8 +42,8 @@ public class User {
|
||||
this.email = email;
|
||||
}
|
||||
|
||||
public Date getTokenCreatedDate() {
|
||||
return tokenCreatedDate;
|
||||
public Timestamp getTokenUsageDate() {
|
||||
return tokenUsageDate;
|
||||
}
|
||||
|
||||
public String getToken() {
|
||||
@ -48,7 +51,7 @@ public class User {
|
||||
}
|
||||
|
||||
public void setToken(String token) {
|
||||
this.tokenCreatedDate = new Date(System.currentTimeMillis());
|
||||
this.tokenUsageDate = new Timestamp(System.currentTimeMillis());
|
||||
this.token = token;
|
||||
}
|
||||
|
||||
@ -79,4 +82,16 @@ public class User {
|
||||
public Long getId() {
|
||||
return this.id;
|
||||
}
|
||||
|
||||
public boolean isCredentialsNonExpired() {
|
||||
final long diffInMilliseconds = Math
|
||||
.abs(this.tokenUsageDate.getTime() - new Timestamp(System.currentTimeMillis()).getTime());
|
||||
final long minutes = TimeUnit.MILLISECONDS.toMinutes(diffInMilliseconds);
|
||||
|
||||
if (minutes > TOKEN_EXPIRE_MINUTES) {
|
||||
return false;
|
||||
}
|
||||
this.tokenUsageDate = new Timestamp(System.currentTimeMillis());
|
||||
return true;
|
||||
}
|
||||
}
|
@ -0,0 +1,13 @@
|
||||
package com.plannaplan.exceptions;
|
||||
|
||||
public class TokenExpiredException extends RuntimeException {
|
||||
/**
|
||||
*
|
||||
*/
|
||||
private static final long serialVersionUID = 1L;
|
||||
|
||||
public TokenExpiredException(String message) {
|
||||
super(message);
|
||||
}
|
||||
|
||||
}
|
71
buisnesslogic/src/test/java/com/plannaplan/entities/UserTest.java
Executable file
71
buisnesslogic/src/test/java/com/plannaplan/entities/UserTest.java
Executable file
@ -0,0 +1,71 @@
|
||||
package com.plannaplan.entities;
|
||||
|
||||
import static org.junit.jupiter.api.Assertions.assertFalse;
|
||||
import static org.junit.jupiter.api.Assertions.assertTrue;
|
||||
|
||||
import java.lang.reflect.Field;
|
||||
import java.sql.Timestamp;
|
||||
import java.util.concurrent.TimeUnit;
|
||||
|
||||
import org.junit.Test;
|
||||
|
||||
public class UserTest {
|
||||
|
||||
@Test
|
||||
public void shouldResturnTokenIsNotExpired() {
|
||||
final User user = new User();
|
||||
user.setToken("testowy-bezpieczny-token");
|
||||
assertTrue(user.isCredentialsNonExpired(), "Credential shouldnt expire yet");
|
||||
|
||||
long minutes = this.getMinutesDiff(user.getTokenUsageDate());
|
||||
|
||||
assertTrue(minutes == 0, "Should update last token usage");
|
||||
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldResturnTokenIsNotExpiredWithLessThan15minutes()
|
||||
throws NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
|
||||
|
||||
final User user = new User();
|
||||
user.setToken("testowy-bezpieczny-token");
|
||||
this.setLastTokenUsage(user, new Timestamp(System.currentTimeMillis() - (6 * 60 * 1000)));
|
||||
|
||||
assertTrue(user.isCredentialsNonExpired(), "Credential shouldnt expire yet");
|
||||
|
||||
final long minutes = this.getMinutesDiff(user.getTokenUsageDate());
|
||||
assertTrue(minutes == 0, "Should update last token usage");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void shouldResturnTokenIsExpired()
|
||||
throws NoSuchFieldException, SecurityException, IllegalArgumentException, IllegalAccessException {
|
||||
|
||||
final User user = new User();
|
||||
user.setToken("testowy-bezpieczny-token");
|
||||
this.setLastTokenUsage(user, new Timestamp(System.currentTimeMillis() - (25 * 60 * 1000)));
|
||||
|
||||
assertFalse(user.isCredentialsNonExpired(), "Credential should expire");
|
||||
|
||||
final long diffInMilliseconds = Math
|
||||
.abs(user.getTokenUsageDate().getTime() - new Timestamp(System.currentTimeMillis()).getTime());
|
||||
final long minutes = TimeUnit.MILLISECONDS.toMinutes(diffInMilliseconds);
|
||||
|
||||
assertTrue(minutes > 0, "Shouldn't update last token usage");
|
||||
}
|
||||
|
||||
private long getMinutesDiff(Timestamp timestamp) {
|
||||
final long diffInMilliseconds = Math
|
||||
.abs(timestamp.getTime() - new Timestamp(System.currentTimeMillis()).getTime());
|
||||
final long minutes = TimeUnit.MILLISECONDS.toMinutes(diffInMilliseconds);
|
||||
return minutes;
|
||||
}
|
||||
|
||||
private void setLastTokenUsage(User user, Timestamp timestampToSet)
|
||||
throws IllegalArgumentException, IllegalAccessException, NoSuchFieldException, SecurityException {
|
||||
Field reader = User.class.getDeclaredField("tokenUsageDate");
|
||||
reader.setAccessible(true);
|
||||
reader.set(user, timestampToSet);
|
||||
}
|
||||
|
||||
}
|
@ -70,8 +70,11 @@ public class AuthenticationProvider extends AbstractUserDetailsAuthenticationPro
|
||||
|
||||
@Override
|
||||
public boolean isCredentialsNonExpired() {
|
||||
// is being done in other task
|
||||
return true;
|
||||
if (user.isCredentialsNonExpired()) {
|
||||
userService.save(user);
|
||||
return true;
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
@Override
|
||||
|
Loading…
Reference in New Issue
Block a user