From 441c660af706fd3c6d0e06b36b8f25a808fcdf5f Mon Sep 17 00:00:00 2001
From: Roberto Sánchez <roberto.sanchez@curisit.net>
Date: Fri, 17 Jan 2014 17:35:50 +0000
Subject: [PATCH] #396 feature - Added security management methods for REST API

---
 securis/src/main/java/net/curisit/securis/services/UserResource.java |   32 +++++++++++++++++++++++++++++++-
 1 files changed, 31 insertions(+), 1 deletions(-)

diff --git a/securis/src/main/java/net/curisit/securis/services/UserResource.java b/securis/src/main/java/net/curisit/securis/services/UserResource.java
index 0b5e208..2bc90ee 100644
--- a/securis/src/main/java/net/curisit/securis/services/UserResource.java
+++ b/securis/src/main/java/net/curisit/securis/services/UserResource.java
@@ -19,6 +19,7 @@
 import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
@@ -206,13 +207,42 @@
 		log.info("user: {}, pass: {}", user, password);
 		log.info("is user in role: {} == {} ? ", "advance", request.isUserInRole("advance"));
 
-		request.getSession().setAttribute("username", user);
 		if ("no".equals(password))
 			return Response.status(Status.UNAUTHORIZED).build();
 		String tokenAuth = tokenHelper.generateToken(user);
 		return Response.ok(Utils.createMap("success", true, "token", tokenAuth)).build();
 	}
 
+	/**
+	 * Check if current token is valid
+	 * 
+	 * @param user
+	 * @param password
+	 * @param request
+	 * @return
+	 */
+	@POST
+	@Path("/check")
+	@Produces(
+		{ MediaType.APPLICATION_JSON })
+	public Response check(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token, @QueryParam("token") String token2) {
+		if (token == null)
+			token = token2;
+		if (token == null)
+			return Response.status(Status.FORBIDDEN).build();
+
+		log.info("Token : " + token);
+		String user = tokenHelper.extractUserFromToken(token);
+		log.info("Token user: " + user);
+		Date date = tokenHelper.extractDateCreationFromToken(token);
+		log.info("Token date: " + date);
+		boolean valid = tokenHelper.isTokenValid(token);
+
+		log.info("Is Token valid: " + valid);
+
+		return Response.ok(Utils.createMap("valid", true, "user", user, "date", date, "token", token)).build();
+	}
+
 	@GET
 	@Path("/logout")
 	@Produces(

--
Gitblit v1.3.2