public String login()

in manager/general/src/main/java/org/apache/doris/stack/service/user/AuthenticationService.java [329:485]

• 94 lines of code
• 16 McCabe index (conditional complexity)

    public String login(UserLoginReq loginReq, HttpServletRequest request) throws Exception {
        log.debug("user login.");
        loginDelayTime = Integer.parseInt(environment.getProperty(PropertyDefine.LOGIN_DELAY_TIME_PROPERTY));
        maxLoginTimesInFiveMinutes = Integer.parseInt(environment.getProperty(PropertyDefine.MAX_LOGIN_TIMES_IN_FIVE_MINUTES_PROPERTY));
        maxLoginTimes = Integer.parseInt(environment.getProperty(PropertyDefine.MAX_LOGIN_TIMES_PROPERTY));
        maxLoginFailedTimes = Integer.parseInt(environment.getProperty(PropertyDefine.MAX_LOGIN_FAILED_TIMES_PROPERTY));
        checkRequestBody(loginReq.hasEmptyField());

        // get service http address
        String sitUrl = request.getHeader("Origin");
        settingComponent.addNewSetting(ConfigConstant.SITE_URL_KEY, sitUrl);
        log.debug("The site url is {}.", sitUrl);

        String requestUserAgent = request.getHeader("User-Agent");
        log.debug("user agent is {}.", requestUserAgent);
        UserAgent userAgent = UserAgent.parseUserAgentString(requestUserAgent);
        // Get device ID
        String deviceId = userAgent.getId() == 0 ? "unknown" : String.valueOf(userAgent.getId());
        // Get browser information
        String description = StringUtils.isEmpty(userAgent.getBrowser().getName()) ? "unknown" : userAgent.getBrowser().getName();
        // Get the real IP address of the remote machine
        String ipAddress = StringUtils.isEmpty(getIpAdrress(request)) ? "unknown" : getIpAdrress(request);

        log.debug("remote request device id is {}, browser is {}, ip address is {}.", deviceId, description, ipAddress);

        String username = loginReq.getUsername();

        Long nextLoginTime = notExistNextLoginMap.getOrDefault(username, 0L);
        if (System.currentTimeMillis() <= nextLoginTime) {
            throw new UserFailedLoginTooManyException();
        }

        // user id
        int userId;

        List<CoreUserEntity> coreUserEntities;
        // login by first name or email
        if (username.matches(EMAIL_REGEX)) {

            // default username not contains @
            log.debug("user try to login by email and password.");
            coreUserEntities = userRepository.getByEmailAndLdapAuth(username, ldapComponent.enabled());
            coreUserEntities = coreUserEntities.stream().filter(e -> e.getEmail().equals(username)).collect(
                    Collectors.toList());
        } else {
            log.debug("user login by first name and password.");
            coreUserEntities = userRepository.getByFirstNameAndLdapAuth(username, ldapComponent.enabled());
            // where first_name does not distinguish case
            coreUserEntities = coreUserEntities.stream().filter(e -> e.getFirstName().equals(username)).collect(
                    Collectors.toList());
        }
        if (coreUserEntities.size() > 1) {
            throw new UsernameDuplicateException();
        }
        //List<CoreUserEntity> coreUserEntities = userRepository.getByEmailAndLdapAuth(username,
        //        ldapComponent.enabled());
        boolean notExisted = (coreUserEntities == null || coreUserEntities.size() != 1);

        List<CoreUserEntity> idaasCoreUserEntities = userRepository.getByEmailAndIdaasAuth(username,
                idaasComponent.enabled());
        boolean idaasNotExisted = (idaasCoreUserEntities == null || idaasCoreUserEntities.size() != 1);

        CoreUserEntity user;

        if (ldapComponent.enabled()) {
            // If the user has enabled LDAP authentication, he can only log in through LDAP authentication
            if (notExisted) {
                user = loginByLdap(loginReq);
                if (user.getId() == null) {
                    // The first login does not have an ID, so you do not need to verify whether it is disabled
                    log.debug("The user {} is first login ldap user.", username);

                }

            } else {
                user = coreUserEntities.get(0);
                // Detect whether the user is disabled
                utilService.checkUserActive(user);
                loginByLdap(loginReq, user.getId());
            }
        } else if (idaasComponent.enabled()) {
            // If you have enabled idaas authentication, you can only log in through idaas authentication
            if (idaasNotExisted) {
                user = loginByIdaas(loginReq);
                // The first login does not have an ID, so you do not need to verify whether it is disabled
                log.debug("The user {} is first login idaas user.", username);
            } else {
                user = coreUserEntities.get(0);
                loginByIdaas(loginReq, user.getId());
            }
        } else {
            // If it is the studio itself, it can only be authenticated through the studio itself
            if (notExisted) {
                int failedTimes = notExistMap.getOrDefault(username, 0);
                failedTimes++;
                notExistMap.put(username, failedTimes);
                if (failedTimes >= maxLoginFailedTimes) {

                    notExistNextLoginMap.put(username, System.currentTimeMillis() + 5 * 60 * 1000);

                }
                // If the user does not exist
                log.error("The user {} not exist.", username);
                throw new UserLoginException();
            }
            user = coreUserEntities.get(0);
            // Detect whether the user is disabled
            utilService.checkUserActive(user);
            checkLogin(user.getPasswordSalt(), loginReq.getPassword(), user.getPassword(), user.getId());

        }

        // Modify the latest login time
        user.setLastLogin(new Timestamp(System.currentTimeMillis()));
        userId = userRepository.save(user).getId();

        // Check the number of users online at the same time
        checkLoginCount(userId);

        // Check whether remote login
        checkIfLoginOtherPlace(userId, deviceId);

        // If the login is successful, clear the failed login history and times
        cleanFailedLoginHistory(userId);

        // If the LDAP user logs in for the first time and does not belong to any space
//        if (notExisted || idaasNotExisted) {
//            SettingEntity authType = settingComponent.readSetting(ConfigConstant.AUTH_TYPE_KEY);
//            log.debug("{} user {} first login studio, add user in default group.",
//                    authType.getValue(), loginReq.getUsername());
//            SettingEntity defaultGroup = settingComponent.readSetting(ConfigConstant.DEFAULT_GROUP_KEY);
//
//            PermissionsGroupMembershipEntity permissionsGroupMembershipEntity =
//            new PermissionsGroupMembershipEntity();
//            permissionsGroupMembershipEntity.setGroupId(Integer.parseInt(defaultGroup.getValue()));
//            permissionsGroupMembershipEntity.setUserId(userId);
//            permissionsGroupMembership.save(permissionsGroupMembershipEntity);
//        }

        // Add session information
        log.debug("Create user {} login session.", userId);
        String sessionId = UuidUtil.newUuid();
        CoreSessionEntity sessionEntity = new CoreSessionEntity(sessionId, userId,
                new Timestamp(System.currentTimeMillis()), null);
        sessionRepository.save(sessionEntity);

        // Add login history
        LoginHistoryEntity loginHistoryEntity = new LoginHistoryEntity(new Timestamp(System.currentTimeMillis()),
                userId, sessionId, deviceId, description, ipAddress);
        loginHistoryRepository.save(loginHistoryEntity);

        log.debug("Add user {} joined or login activity.", userId);

        activityComponent.userLoginActivity(userId, user.getClusterId());

        return sessionId;
    }