package ch.ffhs.webE.action; import java.util.Map; import ch.ffhs.webE.dao.UserDAO; import ch.ffhs.webE.dao.UserDAOImpl; import ch.ffhs.webE.domain.User; import com.opensymphony.xwork2.ActionContext; import com.opensymphony.xwork2.ActionSupport; import com.opensymphony.xwork2.ModelDriven; public class LoginAction extends ActionSupport implements ModelDriven{ private static final long serialVersionUID = 1799753056277211344L; private User user = new User(); private UserDAO userDAO = new UserDAOImpl(); //Form fields private String userName ; private String pw; //Session Object Map session = ActionContext.getContext().getSession(); public LoginAction() { } public String doLogin() { //If password or user name are empty, the login fails. if("".equals(getUserName()) || "".equals(getPw()) || getUserName() == null || getPw() == null) { return "failed"; } String verifiedUser = verifyUser(getUserName(), getPw()); if(verifiedUser.equals("failed")) { return "failed"; } else { //Put user name, password into session session.put("username", getUserName()); session.put("pw", getPw()); return verifiedUser; } } public String doLogout() { //TODO: Kill session content for logout return SUCCESS; } /** * Verify user credentials * @param String username: User name * @param String password: Password (hashed) * @return */ public String verifyUser(String username, String password) { //DB Query User u = userDAO.searchUsername(username); //User does not exist if(u == null) return "failed"; //User password does not match if(!u.getPassword().equals(password)) return "failed"; //User credentials are fine, check for admin rights if(u.isAdmin()) { return "admin"; } else { return "user"; } } public String getUserName() { return userName; } public void setUserName(String userName) { this.userName = userName; } public String getPw() { return pw; } public void setPw(String pw) { this.pw = pw; } @Override public User getModel() { return user; } }