Inspect both twofa and local login methods

Before release ssh-key inspect both login methods. Not only twofa.

bwreg-jpa/src/main/java/edu/kit/scc/webreg/dao/UserLoginInfoDao.java

@@ -13,6 +13,7 @@ package edu.kit.scc.webreg.dao;
 import java.util.List;
 
 import edu.kit.scc.webreg.entity.UserLoginInfoEntity;
+import edu.kit.scc.webreg.entity.UserLoginMethod;
 
 public interface UserLoginInfoDao extends BaseDao<UserLoginInfoEntity, Long> {
 
@@ -20,6 +21,6 @@ public interface UserLoginInfoDao extends BaseDao<UserLoginInfoEntity, Long> {
 
 	List<UserLoginInfoEntity> findByRegistry(Long registryId);
 
-	UserLoginInfoEntity findByRegistryTwofaSuccess(Long registryId);
+	UserLoginInfoEntity findLastByRegistryAndMethod(Long registryId, UserLoginMethod method);
 
 }

bwreg-jpa/src/main/java/edu/kit/scc/webreg/dao/jpa/JpaUserLoginInfoDao.java

@@ -14,7 +14,6 @@ import java.util.List;
 
 import javax.enterprise.context.ApplicationScoped;
 import javax.inject.Named;
-import javax.persistence.NoResultException;
 
 import edu.kit.scc.webreg.dao.UserLoginInfoDao;
 import edu.kit.scc.webreg.entity.UserLoginInfoEntity;
@@ -40,12 +39,12 @@ public class JpaUserLoginInfoDao extends JpaBaseDao<UserLoginInfoEntity, Long> i
 
 	@Override
 	@SuppressWarnings("unchecked")
-	public UserLoginInfoEntity findByRegistryTwofaSuccess(Long registryId) {
+	public UserLoginInfoEntity findLastByRegistryAndMethod(Long registryId, UserLoginMethod method) {
 		List<UserLoginInfoEntity> list = em.createQuery(
 				"select e from UserLoginInfoEntity e where e.registry.id = :registryId "
 				+ "and e.loginMethod = :loginMethod order by e.loginDate desc")
 				.setParameter("registryId", registryId)
-				.setParameter("loginMethod", UserLoginMethod.TWOFA)
+				.setParameter("loginMethod", method)
 				.setMaxResults(1)
 				.getResultList();
 		if (list.size() == 0) {

bwreg-service/src/main/java/edu/kit/scc/webreg/service/ssh/SshLoginServiceImpl.java

@@ -21,6 +21,7 @@ import edu.kit.scc.webreg.entity.SshPubKeyRegistryEntity;
 import edu.kit.scc.webreg.entity.UserEntity;
 import edu.kit.scc.webreg.entity.UserLoginInfoEntity;
 import edu.kit.scc.webreg.entity.UserLoginInfoStatus;
+import edu.kit.scc.webreg.entity.UserLoginMethod;
 import edu.kit.scc.webreg.exc.NoRegistryFoundException;
 import edu.kit.scc.webreg.exc.NoUserFoundException;
 import edu.kit.scc.webreg.exc.RestInterfaceException;
@@ -67,9 +68,11 @@ public class SshLoginServiceImpl implements SshLoginService {
 		if (service.getServiceProps().containsKey("twofa") && 
 				service.getServiceProps().get("twofa").equalsIgnoreCase("enabled")) {
 			
-			UserLoginInfoEntity loginInfo = userLoginInfoDao.findByRegistryTwofaSuccess(registry.getId());
+			UserLoginInfoEntity twofaLoginInfo = userLoginInfoDao.findLastByRegistryAndMethod(registry.getId(), UserLoginMethod.TWOFA);
+			UserLoginInfoEntity localLoginInfo = userLoginInfoDao.findLastByRegistryAndMethod(registry.getId(), UserLoginMethod.LOCAL);
 			
-			if (loginInfo != null && loginInfo.getLoginStatus().equals(UserLoginInfoStatus.SUCCESS)) {
+			if (twofaLoginInfo != null && twofaLoginInfo.getLoginStatus().equals(UserLoginInfoStatus.SUCCESS) &&
+					localLoginInfo != null && localLoginInfo.getLoginStatus().equals(UserLoginInfoStatus.SUCCESS)) {
 				
 				// check expiry for twofa
 				Long expiry = 60L * 60L * 1000L;
@@ -77,7 +80,8 @@ public class SshLoginServiceImpl implements SshLoginService {
 					expiry = Long.parseLong(service.getServiceProps().get("twofa_expiry"));
 				}
 				
-				if ((System.currentTimeMillis() - loginInfo.getLoginDate().getTime()) < expiry) {
+				if ((System.currentTimeMillis() - twofaLoginInfo.getLoginDate().getTime()) < expiry &&
+						(System.currentTimeMillis() - localLoginInfo.getLoginDate().getTime()) < expiry) {
 					List<SshPubKeyRegistryEntity> regKeyList = sshPubKeyRegistryDao.findByRegistryForInteractiveLogin(registry.getId());
 					return buildKeyList(regKeyList, user);
 				}
@@ -135,9 +139,11 @@ public class SshLoginServiceImpl implements SshLoginService {
 		if (service.getServiceProps().containsKey("twofa") && 
 				service.getServiceProps().get("twofa").equalsIgnoreCase("enabled")) {
 			
-			UserLoginInfoEntity loginInfo = userLoginInfoDao.findByRegistryTwofaSuccess(registry.getId());
+			UserLoginInfoEntity twofaLoginInfo = userLoginInfoDao.findLastByRegistryAndMethod(registry.getId(), UserLoginMethod.TWOFA);
+			UserLoginInfoEntity localLoginInfo = userLoginInfoDao.findLastByRegistryAndMethod(registry.getId(), UserLoginMethod.LOCAL);
 			
-			if (loginInfo != null && loginInfo.getLoginStatus().equals(UserLoginInfoStatus.SUCCESS)) {
+			if (twofaLoginInfo != null && twofaLoginInfo.getLoginStatus().equals(UserLoginInfoStatus.SUCCESS) &&
+					localLoginInfo != null && localLoginInfo.getLoginStatus().equals(UserLoginInfoStatus.SUCCESS)) {
 				
 				// check expiry for twofa
 				Long expiry = 60L * 60L * 1000L;
@@ -145,7 +151,8 @@ public class SshLoginServiceImpl implements SshLoginService {
 					expiry = Long.parseLong(service.getServiceProps().get("twofa_expiry"));
 				}
 				
-				if ((System.currentTimeMillis() - loginInfo.getLoginDate().getTime()) < expiry) {
+				if ((System.currentTimeMillis() - twofaLoginInfo.getLoginDate().getTime()) < expiry &&
+						(System.currentTimeMillis() - localLoginInfo.getLoginDate().getTime()) < expiry) {
 					List<SshPubKeyRegistryEntity> regKeyList = sshPubKeyRegistryDao.findByRegistryForLogin(registry.getId());
 					return buildKeyList(regKeyList, user);
 				}