1,10 → 1,13 |
package ch.ffhs.webE.action; |
|
|
import java.util.Map; |
|
import ch.ffhs.webE.dao.UserDAO; |
import ch.ffhs.webE.dao.UserDAOImpl; |
import ch.ffhs.webE.domain.User; |
|
import com.opensymphony.xwork2.ActionContext; |
import com.opensymphony.xwork2.ActionSupport; |
import com.opensymphony.xwork2.ModelDriven; |
|
14,28 → 17,60 |
private User user = new User(); |
private UserDAO userDAO = new UserDAOImpl(); |
|
|
//Form fields |
private String userName ; |
private String pw; |
|
//Session Object |
Map<String, Object> session = ActionContext.getContext().getSession(); |
|
|
public LoginAction() { |
} |
|
public String verifyUser() { |
public String doLogin() { |
|
//If password or user name are empty, the login fails. |
if("".equals(getUserName()) || "".equals(getPw()) || getUserName() == null || getPw() == null) { |
return "failed"; |
} |
} |
|
User u = userDAO.searchUsername(getUserName()); |
String verifiedUser = verifyUser(getUserName(), getPw()); |
if(verifiedUser.equals("failed")) { |
return "failed"; |
} else { |
|
//Put user name, password into session |
session.put("username", getUserName()); |
session.put("pw", getPw()); |
return verifiedUser; |
} |
} |
|
public String doLogout() { |
//TODO: Kill session content for logout |
return SUCCESS; |
} |
|
/** |
* Verify user credentials |
* @param String username: User name |
* @param String password: Password (hashed) |
* @return |
*/ |
public String verifyUser(String username, String password) { |
//DB Query |
User u = userDAO.searchUsername(username); |
|
//User does not exist |
if(u == null) |
return "failed"; |
|
if(!u.getPassword().equals(getPw())) |
//User password does not match |
if(!u.getPassword().equals(password)) |
return "failed"; |
|
//User credentials are fine, check for admin rights |
if(u.isAdmin()) { |
return "admin"; |
} else { |