feat: BAC-39 Authentication (#114)

Reviewed-on: #114
Co-authored-by: Janis <janis.e.20@gmx.de>
Co-committed-by: Janis <janis.e.20@gmx.de>

knockoutwhistweb/app/logic/user/UserManager.scala

@@ -3,14 +3,19 @@ package logic.user
 import com.google.inject.ImplementedBy
 import logic.user.impl.StubUserManager
 import model.users.User
+import services.OpenIDUserInfo
 
 @ImplementedBy(classOf[StubUserManager])
 trait UserManager {
 
   def addUser(name: String, password: String): Boolean
 
+  def addOpenIDUser(name: String, userInfo: OpenIDUserInfo): Boolean
+
   def authenticate(name: String, password: String): Option[User]
 
+  def authenticateOpenID(provider: String, providerId: String): Option[User]
+
   def userExists(name: String): Option[User]
 
   def userExistsById(id: Long): Option[User]

knockoutwhistweb/app/logic/user/impl/HibernateUserManager.scala

@@ -0,0 +1,161 @@
+package logic.user.impl
+
+import com.typesafe.config.Config
+import jakarta.inject.Inject
+import jakarta.persistence.EntityManager
+import logic.user.UserManager
+import model.users.{User, UserEntity}
+import services.OpenIDUserInfo
+import util.UserHash
+
+import javax.inject.Singleton
+import scala.jdk.CollectionConverters.*
+
+@Singleton
+class HibernateUserManager @Inject()(em: EntityManager, config: Config) extends UserManager {
+
+  override def addUser(name: String, password: String): Boolean = {
+    try {
+      // Check if user already exists
+      val existing = em.createQuery("SELECT u FROM UserEntity u WHERE u.username = :username", classOf[UserEntity])
+        .setParameter("username", name)
+        .getResultList
+      
+      if (!existing.isEmpty) {
+        return false
+      }
+
+      // Create new user
+      val userEntity = UserEntity.fromUser(User(
+        internalId = 0L, // Will be set by database
+        id = java.util.UUID.randomUUID(),
+        name = name,
+        passwordHash = UserHash.hashPW(password)
+      ))
+
+      em.persist(userEntity)
+      em.flush()
+      true
+    } catch {
+      case _: Exception => false
+    }
+  }
+
+  override def addOpenIDUser(name: String, userInfo: OpenIDUserInfo): Boolean = {
+    try {
+      // Check if user already exists
+      val existing = em.createQuery("SELECT u FROM UserEntity u WHERE u.username = :username", classOf[UserEntity])
+        .setParameter("username", name)
+        .getResultList
+      
+      if (!existing.isEmpty) {
+        return false
+      }
+
+      // Check if OpenID user already exists
+      val existingOpenID = em.createQuery(
+        "SELECT u FROM UserEntity u WHERE u.openidProvider = :provider AND u.openidProviderId = :providerId", 
+        classOf[UserEntity]
+      )
+        .setParameter("provider", userInfo.provider)
+        .setParameter("providerId", userInfo.id)
+        .getResultList
+      
+      if (!existingOpenID.isEmpty) {
+        return false
+      }
+
+      // Create new OpenID user
+      val userEntity = UserEntity.fromOpenIDUser(name, userInfo)
+
+      em.persist(userEntity)
+      em.flush()
+      true
+    } catch {
+      case _: Exception => false
+    }
+  }
+
+  override def authenticate(name: String, password: String): Option[User] = {
+    try {
+      val users = em.createQuery("SELECT u FROM UserEntity u WHERE u.username = :username", classOf[UserEntity])
+        .setParameter("username", name)
+        .getResultList
+      
+      if (users.isEmpty) {
+        return None
+      }
+
+      val userEntity = users.get(0)
+      if (UserHash.verifyUser(password, userEntity.toUser)) {
+        Some(userEntity.toUser)
+      } else {
+        None
+      }
+    } catch {
+      case _: Exception => None
+    }
+  }
+
+  override def authenticateOpenID(provider: String, providerId: String): Option[User] = {
+    try {
+      val users = em.createQuery(
+        "SELECT u FROM UserEntity u WHERE u.openidProvider = :provider AND u.openidProviderId = :providerId", 
+        classOf[UserEntity]
+      )
+        .setParameter("provider", provider)
+        .setParameter("providerId", providerId)
+        .getResultList
+      
+      if (users.isEmpty) {
+        None
+      } else {
+        Some(users.get(0).toUser)
+      }
+    } catch {
+      case _: Exception => None
+    }
+  }
+
+  override def userExists(name: String): Option[User] = {
+    try {
+      val users = em.createQuery("SELECT u FROM UserEntity u WHERE u.username = :username", classOf[UserEntity])
+        .setParameter("username", name)
+        .getResultList
+      
+      if (users.isEmpty) {
+        None
+      } else {
+        Some(users.get(0).toUser)
+      }
+    } catch {
+      case _: Exception => None
+    }
+  }
+
+  override def userExistsById(id: Long): Option[User] = {
+    try {
+      Option(em.find(classOf[UserEntity], id)).map(_.toUser)
+    } catch {
+      case _: Exception => None
+    }
+  }
+
+  override def removeUser(name: String): Boolean = {
+    try {
+      val users = em.createQuery("SELECT u FROM UserEntity u WHERE u.username = :username", classOf[UserEntity])
+        .setParameter("username", name)
+        .getResultList
+      
+      if (users.isEmpty) {
+        false
+      } else {
+        em.remove(users.get(0))
+        em.flush()
+        true
+      }
+    } catch {
+      case _: Exception => false
+    }
+  }
+}

knockoutwhistweb/app/logic/user/impl/StubUserManager.scala

@@ -3,14 +3,16 @@ package logic.user.impl
 import com.typesafe.config.Config
 import logic.user.UserManager
 import model.users.User
+import services.OpenIDUserInfo
 import util.UserHash
 
 import javax.inject.{Inject, Singleton}
+import scala.collection.mutable
 
 @Singleton
-class StubUserManager @Inject()(val config: Config) extends UserManager {
+class StubUserManager @Inject()(config: Config) extends UserManager {
 
-  private val user: Map[String, User] = Map(
+  private val user: mutable.Map[String, User] = mutable.Map(
     "Janis" -> User(
       internalId = 1L,
       id = java.util.UUID.fromString("123e4567-e89b-12d3-a456-426614174000"),
@@ -19,8 +21,8 @@ class StubUserManager @Inject()(val config: Config) extends UserManager {
     ),
     "Leon" -> User(
       internalId = 2L,
-      id = java.util.UUID.fromString("223e4567-e89b-12d3-a456-426614174000"),
-      name = "Leon",
+      id = java.util.UUID.randomUUID(),
+      name = "Jakob",
       passwordHash = UserHash.hashPW("password123")
     ),
     "Jakob" -> User(
@@ -32,7 +34,26 @@ class StubUserManager @Inject()(val config: Config) extends UserManager {
   )
 
   override def addUser(name: String, password: String): Boolean = {
-    throw new NotImplementedError("StubUserManager.addUser is not implemented")
+    val newUser = User(
+      internalId = user.size.toLong + 1,
+      id = java.util.UUID.randomUUID(),
+      name = name,
+      passwordHash = UserHash.hashPW(password)
+    )
+    user(name) = newUser
+    true
+  }
+
+  override def addOpenIDUser(name: String, userInfo: OpenIDUserInfo): Boolean = {
+    // For stub implementation, just add a user without password
+    val newUser = User(
+      internalId = user.size.toLong + 1,
+      id = java.util.UUID.randomUUID(),
+      name = name,
+      passwordHash = "" // No password for OpenID users
+    )
+    user(name) = newUser
+    true
   }
 
   override def authenticate(name: String, password: String): Option[User] = {
@@ -42,6 +63,13 @@ class StubUserManager @Inject()(val config: Config) extends UserManager {
     }
   }
 
+  override def authenticateOpenID(provider: String, providerId: String): Option[User] = {
+    user.values.find { u =>
+      // In a real implementation, this would check stored OpenID provider info
+      u.name.startsWith(s"${provider}_") && u.name.contains(providerId)
+    }
+  }
+
   override def userExists(name: String): Option[User] = {
     user.get(name)
   }
@@ -51,7 +79,6 @@ class StubUserManager @Inject()(val config: Config) extends UserManager {
   }
 
   override def removeUser(name: String): Boolean = {
-    throw new NotImplementedError("StubUserManager.removeUser is not implemented")
+    user.remove(name).isDefined
   }
-
 }