Package eu.webtoolkit.jwt.auth

Interface AbstractPasswordService

All Known Implementing Classes:
PasswordService
public interface AbstractPasswordService
Abstract password authentication service.

This abstract class defines the interface for password authentication.

It provides methods to verify a password, to update a password, and to throttle password verification attempts.

See Also:

  • Method Details

    • getBaseAuth

      AuthService getBaseAuth()
      Returns the basic authentication service.

    • isAttemptThrottlingEnabled

      boolean isAttemptThrottlingEnabled()
      Returns whether password attempt throttling is enabled.

    • getPasswordThrottle

      AuthThrottle getPasswordThrottle()
      Returns the class instance managing the delaying.

      See Also:

    • getStrengthValidator

      AbstractPasswordService.AbstractStrengthValidator getStrengthValidator()
      Returns a validator which checks that a password is strong enough.

    • delayForNextAttempt

      int delayForNextAttempt(User user)
      Returns the delay for this user for a next authentication attempt.

      The implementation of this functionality is managed by AuthThrottle.

      See Also:

    • verifyPassword

      PasswordResult verifyPassword(User user, String password)
      Verifies a password for a given user.

      The supplied password is verified against the user's credentials stored in the database. If password account throttling is enabled, it may also refuse an authentication attempt.

    • updatePassword

      void updatePassword(User user, String password)
      Sets a new password for the given user.

      This stores a new password for the user in the database.