Package com.broadleafcommerce.auth.user.service

Interface UserLockoutService

All Known Implementing Classes:

DefaultUserLockoutService

public interface UserLockoutService

Service responsible for handling login attempts. This service handles the creation, locking, unlocking, etc. of user accounts.

Method Summary

Modifier and Type	Method	Description
boolean	canResetPassword(User user)	Return true if this user can reset their password.
void	createLoginAttempt(User user, String loginAttemptResult)	Create a user login attempt.
void	createLoginAttempt(String username, String loginAttemptResult, String clientId)	Create a user login attempt
User	lockUser(User user)	Manually lock a user
User	unlockUser(User user)	Manually unlock a user
Optional<User>	unlockUserIfEligible(String username, String clientId)	If a user is eligbile for unlocking, unlock them.
Boolean	unlockUserOnPasswordResetIfEligible(User user)	After a password reset, unlock the user if they're eligible.

Method Detail

createLoginAttempt

void createLoginAttempt(User user,
                        String loginAttemptResult)

Create a user login attempt.

Parameters:

user - The user to create a login attempt for

loginAttemptResult - The login attempt result.

Throws:

org.springframework.security.authentication.LockedException - if the user is locked out

createLoginAttempt

void createLoginAttempt(String username,
                        String loginAttemptResult,
                        String clientId)

Create a user login attempt

Parameters:

username - The username to create an attempt for

loginAttemptResult - The login attempt result

clientId - The client ID

unlockUser

User unlockUser(User user)

Manually unlock a user

Parameters:

user - The user to unlock

lockUser

User lockUser(User user)

Manually lock a user

Parameters:

user - The user to lock

unlockUserIfEligible

Optional<User> unlockUserIfEligible(String username,
                                    String clientId)

If a user is eligbile for unlocking, unlock them.

Parameters:

username - The username

clientId - The client ID

Returns:

The user, if they exist

canResetPassword

boolean canResetPassword(User user)

Return true if this user can reset their password.

See AuthorizationServer.getLockedUserCanResetPassword() and UserLockoutProperties.isLockedUserCanResetPassword()

Parameters:

user - The user to check

Returns:

true if the user can reset their password, otherwise false.

unlockUserOnPasswordResetIfEligible

@Nullable
Boolean unlockUserOnPasswordResetIfEligible(User user)

After a password reset, unlock the user if they're eligible.

See AuthorizationServer.getResetPasswordUnlocksUser() and UserLockoutProperties.isResetPasswordUnlocksUser()

Parameters:

user - The user to unlock, if eligible

Returns:

true if the user has been unlocked, false if the user is still locked, or null if no action was taken