Class DefaultUserLockoutService
java.lang.Object
com.broadleafcommerce.auth.user.service.DefaultUserLockoutService
- All Implemented Interfaces:
UserLockoutService
-
Constructor Summary
ConstructorDescriptionDefaultUserLockoutService
(UserService<User> userService, UserLoginAttemptService<UserLoginAttempt> userLoginAttemptService, AuthorizedClientService<AuthorizedClient> clientService, AuthorizationServerService<AuthorizationServer> serverService, UserLockoutProperties userLockoutProperties) -
Method Summary
Modifier and TypeMethodDescriptionboolean
canResetPassword
(User user) Return true if this user can reset their password.protected int
countLoginAttempts
(String username, AuthorizationServer server) void
createLoginAttempt
(User user, String loginAttemptResult) Create a user login attempt.void
createLoginAttempt
(String username, String loginAttemptResult, String clientId) Create a user login attemptprotected void
createLoginAttempt
(String username, String userId, String loginAttemptResult, String authServerId) protected AuthorizedClientService<AuthorizedClient>
protected Duration
protected Long
protected int
protected Long
protected AuthorizationServerService<AuthorizationServer>
protected UserLockoutProperties
protected UserLoginAttemptService<UserLoginAttempt>
protected UserService<User>
protected boolean
protected boolean
Manually lock a userprotected AuthorizationServer
readAuthServer
(String authServerId) protected void
throwIfLocked
(int attempts, String username, AuthorizationServer server, User user) unlockUser
(User user) Manually unlock a userunlockUserIfEligible
(String username, String clientId) If a user is eligbile for unlocking, unlock them.After a password reset, unlock the user if they're eligible.protected boolean
userShouldBeUnlocked
(User user, AuthorizationServer server)
-
Constructor Details
-
DefaultUserLockoutService
public DefaultUserLockoutService(UserService<User> userService, UserLoginAttemptService<UserLoginAttempt> userLoginAttemptService, AuthorizedClientService<AuthorizedClient> clientService, AuthorizationServerService<AuthorizationServer> serverService, UserLockoutProperties userLockoutProperties)
-
-
Method Details
-
createLoginAttempt
Description copied from interface:UserLockoutService
Create a user login attempt.- Specified by:
createLoginAttempt
in interfaceUserLockoutService
- Parameters:
user
- The user to create a login attempt forloginAttemptResult
- The login attempt result.
-
createLoginAttempt
Description copied from interface:UserLockoutService
Create a user login attempt- Specified by:
createLoginAttempt
in interfaceUserLockoutService
- Parameters:
username
- The username to create an attempt forloginAttemptResult
- The login attempt resultclientId
- The client ID
-
unlockUser
Description copied from interface:UserLockoutService
Manually unlock a user- Specified by:
unlockUser
in interfaceUserLockoutService
- Parameters:
user
- The user to unlock
-
lockUser
Description copied from interface:UserLockoutService
Manually lock a user- Specified by:
lockUser
in interfaceUserLockoutService
- Parameters:
user
- The user to lock
-
unlockUserIfEligible
Description copied from interface:UserLockoutService
If a user is eligbile for unlocking, unlock them.- Specified by:
unlockUserIfEligible
in interfaceUserLockoutService
- Parameters:
username
- The usernameclientId
- The client ID- Returns:
- The user, if they exist
-
canResetPassword
Description copied from interface:UserLockoutService
Return true if this user can reset their password.See
AuthorizationServer.getLockedUserCanResetPassword()
andUserLockoutProperties.isLockedUserCanResetPassword()
- Specified by:
canResetPassword
in interfaceUserLockoutService
- Parameters:
user
- The user to check- Returns:
- true if the user can reset their password, otherwise false.
-
unlockUserOnPasswordResetIfEligible
Description copied from interface:UserLockoutService
After a password reset, unlock the user if they're eligible.See
AuthorizationServer.getResetPasswordUnlocksUser()
andUserLockoutProperties.isResetPasswordUnlocksUser()
- Specified by:
unlockUserOnPasswordResetIfEligible
in interfaceUserLockoutService
- Parameters:
user
- The user to unlock, if eligible- Returns:
- true if the user has been unlocked, false if the user is still locked, or null if no action was taken
-
createLoginAttempt
-
userShouldBeUnlocked
-
countLoginAttempts
-
getLockoutDuration
-
readAuthServer
-
getLockoutDurationMinutes
-
getLoginFailDecayMinutes
-
getLoginAttemptsAllowed
-
throwIfLocked
protected void throwIfLocked(int attempts, String username, AuthorizationServer server, @Nullable User user) -
isResetPasswordUnlocksUser
-
isLockedUserCanResetPassword
-
getUserService
-
getUserLoginAttemptService
-
getClientService
-
getServerService
-
getUserLockoutProperties
-