| 1,10 → 1,13 |
|---|
| package ch.ffhs.webE.action; |
| |
| |
| import java.util.Map; |
| |
| import ch.ffhs.webE.dao.UserDAO; |
| import ch.ffhs.webE.dao.UserDAOImpl; |
| import ch.ffhs.webE.domain.User; |
| |
| import com.opensymphony.xwork2.ActionContext; |
| import com.opensymphony.xwork2.ActionSupport; |
| import com.opensymphony.xwork2.ModelDriven; |
| |
| 14,28 → 17,60 |
|---|
| private User user = new User(); |
| private UserDAO userDAO = new UserDAOImpl(); |
| |
| |
| //Form fields |
| private String userName ; |
| private String pw; |
| |
| //Session Object |
| Map<String, Object> session = ActionContext.getContext().getSession(); |
| |
| |
| public LoginAction() { |
| } |
| |
| public String verifyUser() { |
| public String doLogin() { |
| |
| //If password or user name are empty, the login fails. |
| if("".equals(getUserName()) || "".equals(getPw()) || getUserName() == null || getPw() == null) { |
| return "failed"; |
| } |
| } |
| |
| User u = userDAO.searchUsername(getUserName()); |
| String verifiedUser = verifyUser(getUserName(), getPw()); |
| if(verifiedUser.equals("failed")) { |
| return "failed"; |
| } else { |
| |
| //Put user name, password into session |
| session.put("username", getUserName()); |
| session.put("pw", getPw()); |
| return verifiedUser; |
| } |
| } |
| |
| public String doLogout() { |
| //TODO: Kill session content for logout |
| return SUCCESS; |
| } |
| |
| /** |
| * Verify user credentials |
| * @param String username: User name |
| * @param String password: Password (hashed) |
| * @return |
| */ |
| public String verifyUser(String username, String password) { |
| //DB Query |
| User u = userDAO.searchUsername(username); |
| |
| //User does not exist |
| if(u == null) |
| return "failed"; |
| |
| if(!u.getPassword().equals(getPw())) |
| //User password does not match |
| if(!u.getPassword().equals(password)) |
| return "failed"; |
| |
| //User credentials are fine, check for admin rights |
| if(u.isAdmin()) { |
| return "admin"; |
| } else { |