package com.jasamedika.medifirst2000.security;

import org.slf4j.Logger;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.web.AuthenticationEntryPoint;
import org.springframework.stereotype.Component;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;

import static com.jasamedika.medifirst2000.constants.Constants.MessageInfo.ERROR_MESSAGE;
import static org.apache.commons.httpclient.HttpStatus.SC_FORBIDDEN;
import static org.slf4j.LoggerFactory.getLogger;

/**
 * RestAuthenticationEntryPoint class set Unauthorized response from
 * "Unauthorized client"
 * 
 * @author Roberto, Syamsu
 */
@Component("RestAuthenticationEntryPoint")
public class RestAuthenticationEntryPoint implements AuthenticationEntryPoint {

	private static final Logger LOGGER = getLogger(RestAuthenticationEntryPoint.class);

	@Override
	public void commence(HttpServletRequest request, HttpServletResponse response, AuthenticationException ae)
			throws IOException, ServletException {
		LOGGER.error("Mencoba akses tanpa login");

		response.getWriter().write("{" + ERROR_MESSAGE + ":'Please login to get access'}");
		response.setHeader(ERROR_MESSAGE, "Please login to get access");
		response.setStatus(SC_FORBIDDEN);
	}

}