2,10 → 2,10 |
|
import java.util.Map; |
|
import ch.ffhs.webE.dao.UserDAO; |
import ch.ffhs.webE.dao.UserDAOImpl; |
import ch.ffhs.webE.domain.User; |
|
import com.opensymphony.xwork2.Action; |
import com.opensymphony.xwork2.ActionContext; |
import com.opensymphony.xwork2.ActionSupport; |
import com.opensymphony.xwork2.ModelDriven; |
13,115 → 13,125 |
public class LoginAction extends ActionSupport implements ModelDriven<User> |
{ |
|
private static final long serialVersionUID = 1799753056277211344L; |
private User user = new User(); |
private UserDAO userDAO = new UserDAOImpl(); |
private static final long serialVersionUID = 1799753056277211344L; |
private final User user = new User(); |
private final UserDAOImpl userDAO = new UserDAOImpl(); |
|
// Form fields |
private String userName; |
private String pw; |
/* Form fields */ |
private String userName; |
private String pw; |
|
// Session Object |
Map<String, Object> session = ActionContext.getContext().getSession(); |
/** |
* JSP session object |
*/ |
Map<String, Object> session = ActionContext.getContext().getSession(); |
|
public LoginAction() |
{ |
} |
/** |
* |
*/ |
public LoginAction() |
{ |
} |
|
public String doLogin() |
public String doLogin() |
{ |
|
// If password or user name are empty, the login fails. |
if ("".equals(this.getUserName()) || "".equals(this.getPw()) |
|| this.getUserName() == null || this.getPw() == null) |
{ |
|
// If password or user name are empty, the login fails. |
if ("".equals(getUserName()) || "".equals(getPw()) |
|| getUserName() == null || getPw() == null) |
{ |
addFieldError("userName", "Falscher Username oder Passwort"); |
return ERROR; |
} |
|
String verifiedUser = verifyUser(getUserName(), getPw()); |
if (verifiedUser.equals("failed")) |
{ |
addFieldError("userName", "Falscher Username oder Passwort"); |
return ERROR; |
} |
else |
{ |
|
// Put user name, password into session |
session.put("username", getUserName()); |
session.put("pw", getPw()); |
return verifiedUser; |
} |
this.addFieldError("userName", "Falscher Username oder Passwort"); |
return Action.ERROR; |
} |
|
/** |
* Logout ausführen. Zerstört die Daten in der Session |
* @return String |
*/ |
public String doLogout() |
String verifiedUser = this.verifyUser(this.getUserName(), this.getPw()); |
if (verifiedUser.equals("failed")) |
{ |
//Kill Session content |
ActionContext.getContext().getSession().clear(); |
return SUCCESS; |
this.addFieldError("userName", "Falscher Username oder Passwort"); |
return Action.ERROR; |
} |
|
/** |
* Verify user credentials |
* |
* @param String |
* username: User name |
* @param String |
* password: Password (hashed) |
* @return |
*/ |
public String verifyUser(String username, String password) |
else |
{ |
// DB Query |
User u = userDAO.searchUsername(username); |
|
// User does not exist |
if (u == null) |
return ERROR; |
// Put user name, password into session |
this.session.put("username", this.getUserName()); |
this.session.put("pw", this.getPw()); |
return verifiedUser; |
} |
} |
|
// User password does not match |
if (!u.getPassword().equals(password)) |
return ERROR; |
/** |
* Logout ausf�hren. Zerst�rt die Daten in der Session |
* |
* @return String |
*/ |
public String doLogout() |
{ |
// Kill Session content |
ActionContext.getContext().getSession().clear(); |
return Action.SUCCESS; |
} |
|
// User credentials are fine, check for admin rights |
if (u.isAdmin()) |
{ |
return "admin"; |
} |
else |
{ |
return "user"; |
} |
} |
/** |
* Verify user credentials |
* |
* @param String |
* username: User name |
* @param String |
* password: Password (hashed) |
* @return |
*/ |
public String verifyUser(String username, String password) |
{ |
// DB Query |
User u = this.userDAO.searchUsername(username); |
|
public String getUserName() |
// User does not exist |
if (u == null) |
{ |
return userName; |
return Action.ERROR; |
} |
|
public void setUserName(String userName) |
// User password does not match |
if (!u.getPassword().equals(password)) |
{ |
this.userName = userName; |
return Action.ERROR; |
} |
|
public String getPw() |
// User credentials are fine, check for admin rights |
if (u.isAdmin()) |
{ |
return pw; |
return "admin"; |
} |
|
public void setPw(String pw) |
else |
{ |
this.pw = pw; |
return "user"; |
} |
} |
|
@Override |
public User getModel() |
{ |
return user; |
} |
public String getUserName() |
{ |
return this.userName; |
} |
|
public void setUserName(String userName) |
{ |
this.userName = userName; |
} |
|
public String getPw() |
{ |
return this.pw; |
} |
|
public void setPw(String pw) |
{ |
this.pw = pw; |
} |
|
@Override |
public User getModel() |
{ |
return this.user; |
} |
} |