statusValid

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/AbstractAuthenticationProvider.java

@@ -25,6 +25,7 @@ import org.maxkey.authn.realm.AbstractAuthenticationRealm;
 import org.maxkey.authn.support.rememberme.AbstractRemeberMeService;
 import org.maxkey.configuration.ApplicationConfig;
 import org.maxkey.constants.ConstantsLoginType;
+import org.maxkey.constants.ConstantsStatus;
 import org.maxkey.entity.UserInfo;
 import org.maxkey.password.onetimepwd.AbstractOtpAuthn;
 import org.maxkey.web.WebConstants;
@@ -324,18 +325,40 @@ public abstract class AbstractAuthenticationProvider {
         return true;
     }
 
-    protected boolean userinfoValid(UserInfo userInfo, String username) {
+    protected boolean statusValid(LoginCredential loginCredential , UserInfo userInfo) {
         if (null == userInfo) {
-            String message = WebContext.getI18nValue("login.error.username");
-            _logger.debug("login user  " + username + " not in this System ." + message);
-            UserInfo loginUser = new UserInfo(username);
+            String i18nMessage = WebContext.getI18nValue("login.error.username");
+            _logger.debug("login user  " + loginCredential.getUsername() + " not in this System ." + i18nMessage);
+            UserInfo loginUser = new UserInfo(loginCredential.getUsername());
             loginUser.setId(loginUser.generateId());
-            loginUser.setUsername(username);
+            loginUser.setUsername(loginCredential.getUsername());
             loginUser.setDisplayName("not exist");
             loginUser.setLoginCount(0);
-            authenticationRealm.insertLoginHistory(loginUser, ConstantsLoginType.LOCAL, "",
-                    WebContext.getI18nValue("login.error.username"),WebConstants.LOGIN_RESULT.USER_NOT_EXIST);
-            throw new BadCredentialsException(WebContext.getI18nValue("login.error.username"));
+            authenticationRealm.insertLoginHistory(
+            			loginUser, 
+            			ConstantsLoginType.LOCAL, 
+            			"",
+            			i18nMessage,
+            			WebConstants.LOGIN_RESULT.USER_NOT_EXIST);
+            throw new BadCredentialsException(i18nMessage);
+        }else {
+        	if(userInfo.getIsLocked()==ConstantsStatus.LOCK) {
+        		authenticationRealm.insertLoginHistory( 
+        				userInfo, 
+                        loginCredential.getAuthType(), 
+                        loginCredential.getProvider(), 
+                        loginCredential.getCode(), 
+                        WebConstants.LOGIN_RESULT.USER_LOCKED
+                    );
+        	}else if(userInfo.getStatus()!=ConstantsStatus.ACTIVE) {
+        		authenticationRealm.insertLoginHistory( 
+        				userInfo, 
+                        loginCredential.getAuthType(), 
+                        loginCredential.getProvider(), 
+                        loginCredential.getCode(), 
+                        WebConstants.LOGIN_RESULT.USER_INACTIVE
+                    );
+        	}
         }
         return true;
     }

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/RealmAuthenticationProvider.java

@@ -94,7 +94,7 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
 
         userInfo =  loadUserInfo(loginCredential.getUsername(),loginCredential.getPassword());
 
-        userinfoValid(userInfo, loginCredential.getUsername());
+        statusValid(loginCredential , userInfo);
         //mfa 
         tftcaptchaValid(loginCredential.getOtpCaptcha(),loginCredential.getAuthType(),userInfo);
         
@@ -140,7 +140,9 @@ public class RealmAuthenticationProvider extends AbstractAuthenticationProvider
     @Override
     public  Authentication authentication(LoginCredential loginCredential,boolean isTrusted) {
         UserInfo loadeduserInfo = loadUserInfo(loginCredential.getUsername(), "");
+        statusValid(loginCredential , loadeduserInfo);
         if (loadeduserInfo != null) {
+        	
             //Validate PasswordPolicy
             authenticationRealm.getPasswordPolicyValidator().passwordPolicyValid(loadeduserInfo);
             if(!isTrusted) {

maxkey-authentications/maxkey-authentication-core/src/main/java/org/maxkey/authn/realm/jdbc/JdbcAuthenticationRealm.java

@@ -25,6 +25,7 @@ import org.maxkey.persistence.db.LoginHistoryService;
 import org.maxkey.persistence.db.LoginService;
 import org.maxkey.persistence.db.PasswordPolicyValidator;
 import org.maxkey.persistence.service.UserInfoService;
+import org.maxkey.web.WebConstants;
 import org.maxkey.web.WebContext;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -119,7 +120,7 @@ public class JdbcAuthenticationRealm extends AbstractAuthenticationRealm {
         _logger.debug("passwordvalid : {}" , passwordMatches);
         if (!passwordMatches) {
             passwordPolicyValidator.plusBadPasswordCount(userInfo);
-            insertLoginHistory(userInfo, ConstantsLoginType.LOCAL, "", "xe00000004", "password error");
+            insertLoginHistory(userInfo, ConstantsLoginType.LOCAL, "", "xe00000004", WebConstants.LOGIN_RESULT.PASSWORD_ERROE);
             
             if(userInfo.getBadPasswordCount()>=(passwordPolicyValidator.getPasswordPolicy().getAttempts()/2)) {
                 throw new BadCredentialsException(

maxkey-core/src/main/java/org/maxkey/persistence/db/PasswordPolicyValidator.java

@@ -281,8 +281,6 @@ public class PasswordPolicyValidator {
                                 );
         }
 
-        
-        
         return true;
     }
    

maxkey-core/src/main/java/org/maxkey/web/WebConstants.java

@@ -91,6 +91,10 @@ public class WebConstants {
     	public static final  String FAIL 			= "fail";
     	public static final  String PASSWORD_ERROE 	= "password error";
     	public static final  String USER_NOT_EXIST 	= "user not exist";
+    	public static final  String USER_LOCKED 	= "locked";
+    	public static final  String USER_INACTIVE 	= "inactive";
+    	
+    	
     	
     	
     }