package org.carewebframework.hibernate.security;

import org.carewebframework.api.domain.IUser;
import org.carewebframework.hibernate.core.AbstractDAO;
import org.hibernate.Query;
import org.hibernate.SessionFactory;
import org.hibernate.Transaction;

/* loaded from: input_file:org/carewebframework/hibernate/security/UserDAO.class */
public class UserDAO extends AbstractDAO<User> {
    private static final String HQL_AUTHENTICATE = "FROM org.carewebframework.hibernate.security.User WHERE LOWER(username)=:username AND password=:password AND (domain=:domain OR domain='*')";

    public UserDAO(SessionFactory sessionFactory) {
        super(sessionFactory);
    }

    public IUser authenticate(String str, String str2, SecurityDomain securityDomain) {
        Transaction beginTransaction = getSession().beginTransaction();
        try {
            Query createQuery = getSession().createQuery(HQL_AUTHENTICATE);
            createQuery.setString("password", str2);
            createQuery.setString("username", str.toLowerCase());
            createQuery.setString("domain", securityDomain.getLogicalId());
            User user = (User) createQuery.uniqueResult();
            if (user != null) {
                user.setLoginDomain(securityDomain);
            }
            beginTransaction.commit();
            return user;
        } catch (Exception e) {
            beginTransaction.rollback();
            throw e;
        }
    }
}
