net.commerce.zocalo.user
Class Registry
java.lang.Object
net.commerce.zocalo.user.Registry
public class Registry
- extends java.lang.Object
The Registry tracks users who have logged in. When someone logs in, their SecureUser object
is stored in the registry, keyed by a randomly generated token. The token is placed in a
Cookie, keyed by the REGISTRATION keyword. If they connect with the appropriate cookie,
we'll be able to find their SecureUser object when they next connect from the cookie they provide.
Users who authenticate as admin will get a Cookie with the ADMIN_TOKEN keyed to a different random
token that can be used to look up the ADMIN_TOKEN in the Registry. Anyone with an appropriate
ADMIN_TOKEN Cookie will be able to edit the user list and add claims. (I expect these powers to
devolve to separate markets later, but this starting point allows me to enforce logins and give
someone the power to create users and markets before making the devolved powers work.)
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
REGISTRATION
public static final java.lang.String REGISTRATION
- See Also:
- Constant Field Values
ADMIN_TOKEN
public static final java.lang.String ADMIN_TOKEN
- See Also:
- Constant Field Values
passwdGen
public static PasswordUtil passwdGen
Registry
public Registry()
userCount
public long userCount()
register
public javax.servlet.http.Cookie register(SecureUser user)
register
public void register(UnconfirmedUser user)
lookupUser
public SecureUser lookupUser(javax.servlet.http.HttpServletRequest request)
lookupUser
public SecureUser lookupUser(java.lang.String token)
addAdminToken
public void addAdminToken(java.lang.String token)
isAdminToken
public boolean isAdminToken(java.lang.String token)
removeUnconfirmed
public void removeUnconfirmed(java.lang.String token)
initPasswdSeed
public static void initPasswdSeed(java.lang.String password)
newToken
public static java.lang.String newToken()