前端修复,日志功能加入
This commit is contained in:
Zzzz
@@ -36,24 +36,49 @@ public class AuthServiceImpl implements AuthService {
|
||||
@Override
|
||||
public AuthenticationResult authenticate(String username, String password) {
|
||||
String normalizedUsername = normalizeUsername(username);
|
||||
if (normalizedUsername.isEmpty() || password == null || password.trim().isEmpty()) {
|
||||
if (!normalizedUsername.equals(nullToEmpty(username))) {
|
||||
LOGGER.info("Login username normalized"
|
||||
+ " usernameSubmitted=" + (username != null)
|
||||
+ " usernameLength=" + length(username)
|
||||
+ " normalizedUsernameLength=" + normalizedUsername.length()
|
||||
+ " normalizedUsername=" + safeLogValue(normalizedUsername));
|
||||
}
|
||||
|
||||
boolean usernameMissing = normalizedUsername.isEmpty();
|
||||
boolean passwordMissing = password == null || password.trim().isEmpty();
|
||||
if (usernameMissing || passwordMissing) {
|
||||
LOGGER.info("Login rejected reason=missing-required"
|
||||
+ " usernameSubmitted=" + (username != null)
|
||||
+ " usernameMissing=" + usernameMissing
|
||||
+ " passwordSubmitted=" + (password != null)
|
||||
+ " passwordMissing=" + passwordMissing);
|
||||
return AuthenticationResult.failure(REQUIRED_MESSAGE);
|
||||
}
|
||||
|
||||
try {
|
||||
LOGGER.info("Login lookup start username=" + safeLogValue(normalizedUsername));
|
||||
Optional<User> user = userDao.findActiveByUsername(normalizedUsername);
|
||||
if (!user.isPresent() || !PasswordHasher.verify(password, user.get().getPasswordHash())) {
|
||||
LOGGER.info("Login failed for username=" + normalizedUsername);
|
||||
if (!user.isPresent()) {
|
||||
LOGGER.info("Login failed reason=active-user-not-found username=" + safeLogValue(normalizedUsername));
|
||||
return AuthenticationResult.failure(INVALID_MESSAGE);
|
||||
}
|
||||
|
||||
User authenticated = user.get();
|
||||
User candidate = user.get();
|
||||
if (!PasswordHasher.verify(password, candidate.getPasswordHash())) {
|
||||
LOGGER.info("Login failed reason=password-mismatch"
|
||||
+ " userId=" + candidate.getId()
|
||||
+ " role=" + candidate.getRole().getCode()
|
||||
+ " username=" + safeLogValue(normalizedUsername));
|
||||
return AuthenticationResult.failure(INVALID_MESSAGE);
|
||||
}
|
||||
|
||||
User authenticated = candidate;
|
||||
Set<Permission> permissions = permissionPolicy.permissionsFor(authenticated.getRole());
|
||||
AuthenticatedUser sessionUser = AuthenticatedUser.from(authenticated, permissions);
|
||||
LOGGER.info("Login success userId=" + authenticated.getId() + " role=" + authenticated.getRole().getCode());
|
||||
return AuthenticationResult.success(sessionUser);
|
||||
} catch (DaoException | IllegalStateException ex) {
|
||||
LOGGER.log(Level.SEVERE, "Login service error for username=" + normalizedUsername, ex);
|
||||
LOGGER.log(Level.SEVERE, "Login service error for username=" + safeLogValue(normalizedUsername), ex);
|
||||
return AuthenticationResult.failure(UNAVAILABLE_MESSAGE);
|
||||
}
|
||||
}
|
||||
@@ -66,4 +91,29 @@ public class AuthServiceImpl implements AuthService {
|
||||
private String normalizeUsername(String username) {
|
||||
return username == null ? "" : username.trim();
|
||||
}
|
||||
|
||||
private String nullToEmpty(String value) {
|
||||
return value == null ? "" : value;
|
||||
}
|
||||
|
||||
private int length(String value) {
|
||||
return value == null ? 0 : value.length();
|
||||
}
|
||||
|
||||
private String safeLogValue(String value) {
|
||||
if (value == null) {
|
||||
return "";
|
||||
}
|
||||
|
||||
StringBuilder builder = new StringBuilder();
|
||||
int limit = Math.min(value.length(), 120);
|
||||
for (int i = 0; i < limit; i++) {
|
||||
char current = value.charAt(i);
|
||||
builder.append(Character.isISOControl(current) ? '?' : current);
|
||||
}
|
||||
if (value.length() > limit) {
|
||||
builder.append("...");
|
||||
}
|
||||
return builder.toString();
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user