Subversion Repositories WebE

Rev

Rev 19 | Rev 23 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
18 moos 1
package ch.ffhs.webE.action;
2
 
19 moos 3
 
20 moos 4
import java.util.Map;
5
 
19 moos 6
import ch.ffhs.webE.dao.UserDAO;
7
import ch.ffhs.webE.dao.UserDAOImpl;
8
import ch.ffhs.webE.domain.User;
9
 
20 moos 10
import com.opensymphony.xwork2.ActionContext;
18 moos 11
import com.opensymphony.xwork2.ActionSupport;
19 moos 12
import com.opensymphony.xwork2.ModelDriven;
18 moos 13
 
19 moos 14
public class LoginAction extends ActionSupport implements ModelDriven<User>{
18 moos 15
 
16
        private static final long serialVersionUID = 1799753056277211344L;
19 moos 17
        private User user = new User();
18
        private UserDAO userDAO = new UserDAOImpl();
18 moos 19
 
20 moos 20
        //Form fields
18 moos 21
        private String userName ;
19 moos 22
        private String pw;     
20 moos 23
 
24
        //Session Object
25
        Map<String, Object> session = ActionContext.getContext().getSession();
18 moos 26
 
20 moos 27
 
18 moos 28
        public LoginAction() {
29
        }
30
 
20 moos 31
        public String doLogin() {
19 moos 32
 
33
                //If password or user name are empty, the login fails.
34
                if("".equals(getUserName()) || "".equals(getPw()) || getUserName() == null || getPw() == null) {
35
                        return "failed";
20 moos 36
                }
19 moos 37
 
20 moos 38
                String verifiedUser = verifyUser(getUserName(), getPw());
39
                if(verifiedUser.equals("failed")) {
40
                        return "failed";
41
                } else {
42
 
43
                        //Put user name, password into session 
44
                        session.put("username", getUserName());
45
                        session.put("pw", getPw());
46
                        return verifiedUser;
47
                }
48
        }
49
 
50
        public String doLogout() {
51
                //TODO: Kill session content for logout 
52
                return SUCCESS;
53
        }
54
 
55
        /**
56
         * Verify user credentials
57
         * @param String username: User name
58
         * @param String password: Password (hashed)
59
         * @return
60
         */
61
        public String verifyUser(String username, String password) {
62
                //DB Query
63
                User u = userDAO.searchUsername(username);
19 moos 64
 
20 moos 65
                //User does not exist
19 moos 66
                if(u == null)
67
                        return "failed";
68
 
20 moos 69
                //User password does not match
70
                if(!u.getPassword().equals(password))
19 moos 71
                        return "failed";
72
 
20 moos 73
                //User credentials are fine, check for admin rights
19 moos 74
                if(u.isAdmin()) {
75
                        return "admin";
18 moos 76
                } else {
19 moos 77
                        return "user";
18 moos 78
                }
79
        }
80
 
81
        public String getUserName() {
82
                return userName;
83
        }
84
 
85
        public void setUserName(String userName) {
86
                this.userName = userName;
87
        }
19 moos 88
 
89
        public String getPw() {
90
                return pw;
91
        }
18 moos 92
 
19 moos 93
        public void setPw(String pw) {
94
                this.pw = pw;
18 moos 95
        }
19 moos 96
 
97
        @Override
98
        public User getModel() {
99
                return user;
18 moos 100
        }
101
 
102
 
103
 
104
 
105
}