#398 code refactor

Author: kfchu

saturn-console-api/src/main/java/com/vip/saturn/job/console/controller/gui/AuthenticationController.java

@@ -31,9 +31,6 @@ public SuccessResponseEntity login(@RequestParam String username, @RequestParam
 			HttpServletRequest request) throws SaturnJobConsoleException {
 
 		User user = authenticationService.authenticate(username, password);
-		if (user == null) {
-			throw new SaturnJobConsoleException(SaturnJobConsoleException.ERROR_CODE_AUTHN_FAIL, "用户名或密码不正确");
-		}
 
 		request.getSession().setAttribute(SessionAttributeKeys.LOGIN_USER_NAME, user.getUserName());
 		request.getSession().setAttribute(SessionAttributeKeys.LOGIN_USER_REAL_NAME, user.getRealName());

saturn-console-api/src/main/java/com/vip/saturn/job/console/service/impl/AuthenticationServiceImpl.java

@@ -7,6 +7,7 @@
 import com.vip.saturn.job.console.utils.PasswordUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.transaction.annotation.Transactional;
 import org.springframework.util.StringUtils;
 
 public class AuthenticationServiceImpl implements AuthenticationService {
@@ -17,18 +18,21 @@ public class AuthenticationServiceImpl implements AuthenticationService {
 	@Value("${authentication.hash:plaintext}")
 	private String hashMethod;
 
+	@Transactional(readOnly = true)
 	@Override
 	public User authenticate(String username, String password) throws SaturnJobConsoleException {
 		if (StringUtils.isEmpty(password)) {
-			return null;
+			throw new SaturnJobConsoleException(SaturnJobConsoleException.ERROR_CODE_AUTHN_FAIL, "密码不能为空");
 		}
 
 		User user = userRepository.select(username);
 		if (user == null) {
-			return null;
+			throw new SaturnJobConsoleException(SaturnJobConsoleException.ERROR_CODE_AUTHN_FAIL, "用户名或密码不正确");
 		}
 
-		return PasswordUtils.validate(password, user.getPassword(), hashMethod) ? user : null;
+		PasswordUtils.validate(password, user.getPassword(), hashMethod);
+
+		return user;
 	}
 
 	public void setHashMethod(String hashMethod) {

saturn-console-api/src/main/java/com/vip/saturn/job/console/utils/PasswordUtils.java

@@ -53,29 +53,35 @@ public static String hash(String password, byte[] salt) throws NoSuchAlgorithmEx
 		return Hex.encodeHexString(key.getEncoded());
 	}
 
-	public static boolean validate(String password, String passwordInDB, String hashMethod)
+	public static void validate(String password, String passwordInDB, String hashMethod)
 			throws SaturnJobConsoleException {
 		if (!isHashMethodSupported(hashMethod)) {
 			throw new SaturnJobConsoleException(String.format("hash method [%s] is not supported", hashMethod));
 		}
 
 		if (PasswordUtils.HASH_METHOD_PLANTEXT.equals(hashMethod)) {
-			return password.equals(passwordInDB);
+			if (!password.equals(passwordInDB)) {
+				throw new SaturnJobConsoleException(SaturnJobConsoleException.ERROR_CODE_AUTHN_FAIL, "用户名或密码不正确");
+			}
+			return;
 		}
 
 		String[] saltAndPassword = passwordInDB.split("\\$");
 		if (saltAndPassword.length != 2) {
 			log.debug("malformed password in db");
-			return false;
+			throw new SaturnJobConsoleException(SaturnJobConsoleException.ERROR_CODE_AUTHN_FAIL, "用户名或密码不正确");
 		}
 
 		String hashOfRequestPassword;
 		try {
 			hashOfRequestPassword = hash(password, getSalt(saltAndPassword[1]));
 		} catch (Exception e) {
-			return false;
+			throw new SaturnJobConsoleException(SaturnJobConsoleException.ERROR_CODE_AUTHN_FAIL, "用户名或密码不正确");
+		}
+
+		if (!hashOfRequestPassword.equals(new String(saltAndPassword[0]))) {
+			throw new SaturnJobConsoleException(SaturnJobConsoleException.ERROR_CODE_AUTHN_FAIL, "用户名或密码不正确");
 		}
-		return hashOfRequestPassword.equals(new String(saltAndPassword[0]));
 	}
 
 	public static boolean isHashMethodSupported(String hashMethod) {

saturn-console-api/src/test/java/com/vip/saturn/job/console/utils/PasswordUtilsTest.java

@@ -1,5 +1,6 @@
 package com.vip.saturn.job.console.utils;
 
+import com.vip.saturn.job.console.exception.SaturnJobConsoleException;
 import org.junit.Test;
 
 import static org.junit.Assert.*;
@@ -16,15 +17,36 @@ public void testGenSaltedPassword() throws Exception {
 	public void testValidate() throws Exception {
 		String passwordInDB = "a2c2646186828474b754591a547c18f132d88d744c152655a470161a1a052135$73616c74";
 
-		assertTrue(PasswordUtils.validate("password", passwordInDB, "PBKDF2WithHmacSHA1"));
-		assertFalse(PasswordUtils.validate("password1", passwordInDB, "PBKDF2WithHmacSHA1"));
-		assertTrue(PasswordUtils.validate("password", "password", "plaintext"));
-		assertFalse(PasswordUtils.validate("password1", "password", "plaintext"));
+		PasswordUtils.validate("password", passwordInDB, "PBKDF2WithHmacSHA1");
+		PasswordUtils.validate("password", "password", "plaintext");
+
+		int count = 0;
+		try {
+			PasswordUtils.validate("password1", passwordInDB, "PBKDF2WithHmacSHA1");
+		} catch (SaturnJobConsoleException e) {
+			count++;
+			assertEquals(SaturnJobConsoleException.ERROR_CODE_AUTHN_FAIL, e.getErrorCode());
+		}
+		try {
+			PasswordUtils.validate("password1", "password", "plaintext");
+		} catch (SaturnJobConsoleException e) {
+			count++;
+			assertEquals(SaturnJobConsoleException.ERROR_CODE_AUTHN_FAIL, e.getErrorCode());
+		}
+
+		assertEquals(2, count);
 	}
 
 	@Test
 	public void testValidateWherePasswordInDBisMalfomred() throws Exception {
 		int count = 0;
-		assertFalse(PasswordUtils.validate("password", "password", "PBKDF2WithHmacSHA1"));
+		try {
+			PasswordUtils.validate("password", "password", "PBKDF2WithHmacSHA1");
+		} catch (SaturnJobConsoleException e) {
+			count++;
+			assertEquals(SaturnJobConsoleException.ERROR_CODE_AUTHN_FAIL, e.getErrorCode());
+		}
+
+		assertEquals(1, count);
 	}
 }