public LoginResponse doLogin()

in ignite-tc-helper-web/src/main/java/org/apache/ignite/ci/web/rest/login/Login.java [89:163]

• 50 lines of code
• 7 McCabe index (conditional complexity)

    public LoginResponse doLogin(@FormParam("uname") String username,
                                 @FormParam("psw") String pwd,
        IUserStorage users,
                                 String primarySrvId,
                                 Collection<String> srvIds,
                                 ITcLogin tcLogin) {
        SecureRandom random = new SecureRandom();
        byte[] tokBytes = random.generateSeed(TOKEN_LEN);
        String tok = Base64Util.encodeBytesToString(tokBytes);

        String sessId = Base64Util.encodeBytesToString(random.generateSeed(SESS_ID_LEN));

        UserSession userSes = new UserSession();
        userSes.username = username;
        userSes.sessId = sessId;

        userSes.loginTs = System.currentTimeMillis();

        LoginResponse loginRes = new LoginResponse();

        System.out.println("Saved session id " + sessId);

        TcHelperUser user = getOrCreateUser(username, users, random);

        byte[] userKeyCandidate = CryptUtil.hmacSha256(user.salt, (username + ":" + pwd));
        byte[] userKeyCandidateKcv = CryptUtil.aesKcv(userKeyCandidate);


        final User tcUser = tcLogin.checkServiceUserAndPassword(primarySrvId, username, pwd);

        if (user.userKeyKcv == null) {
            if (tcUser == null) {
                loginRes.errorMessage =
                        "Service " + primarySrvId + " rejected credentials/user not found";

                return loginRes;
            }

            //todo new registration should be checked on server first
            user.userKeyKcv = userKeyCandidateKcv;

            user.email = tcUser.email;
            user.fullName = tcUser.name;

            user.getOrCreateCreds(primarySrvId).setLogin(username).setPassword(pwd, userKeyCandidate);

            user.enrichUserData(tcUser);

            for (String addSrvId : srvIds) {
                if (!addSrvId.equals(primarySrvId)) {
                    final User tcAddUser = tcLogin.checkServiceUserAndPassword(addSrvId, username, pwd);

                    if (tcAddUser != null) {
                        user.getOrCreateCreds(addSrvId).setLogin(username).setPassword(pwd, userKeyCandidate);

                        user.enrichUserData(tcAddUser);
                    }
                }
            }

            users.putUser(username, user);
        } else {
            if (!Arrays.equals(userKeyCandidateKcv, user.userKeyKcv))
                return loginRes; //password validation failed
        }

        //todo may be enrich user data here as well.
        userSes.userKeyUnderToken = CryptUtil.aesEncrypt(tokBytes, userKeyCandidate);

        users.putSession(sessId, userSes);

        loginRes.fullToken = sessId + ":" + tok;

        return loginRes;
    }