Subversion Repositories WebE

Compare Revisions

Last modification

Ignore whitespace Rev 25 → Rev 26

/trunk/src/ch/ffhs/webE/action/LoginAction.java
1,6 → 1,5
package ch.ffhs.webE.action;
 
 
import java.util.Map;
 
import ch.ffhs.webE.dao.UserDAO;
11,91 → 10,111
import com.opensymphony.xwork2.ActionSupport;
import com.opensymphony.xwork2.ModelDriven;
 
public class LoginAction extends ActionSupport implements ModelDriven<User>{
private static final long serialVersionUID = 1799753056277211344L;
private User user = new User();
private UserDAO userDAO = new UserDAOImpl();
//Form fields
private String userName ;
private String pw;
//Session Object
Map<String, Object> session = ActionContext.getContext().getSession();
public class LoginAction extends ActionSupport implements ModelDriven<User>
{
 
public LoginAction() {
}
public String doLogin() {
//If password or user name are empty, the login fails.
if("".equals(getUserName()) || "".equals(getPw()) || getUserName() == null || getPw() == null) {
return ERROR;
}
String verifiedUser = verifyUser(getUserName(), getPw());
if(verifiedUser.equals("failed")) {
return ERROR;
} else {
//Put user name, password into session
session.put("username", getUserName());
session.put("pw", getPw());
return verifiedUser;
}
}
public String doLogout() {
//TODO: Kill session content for logout
return SUCCESS;
}
/**
* Verify user credentials
* @param String username: User name
* @param String password: Password (hashed)
* @return
*/
public String verifyUser(String username, String password) {
//DB Query
User u = userDAO.searchUsername(username);
//User does not exist
if(u == null)
return ERROR;
//User password does not match
if(!u.getPassword().equals(password))
return ERROR;
//User credentials are fine, check for admin rights
if(u.isAdmin()) {
return "admin";
} else {
return "user";
}
}
public String getUserName() {
return userName;
}
private static final long serialVersionUID = 1799753056277211344L;
private User user = new User();
private UserDAO userDAO = new UserDAOImpl();
 
public void setUserName(String userName) {
this.userName = userName;
}
public String getPw() {
return pw;
}
// Form fields
private String userName;
private String pw;
 
public void setPw(String pw) {
this.pw = pw;
}
// Session Object
Map<String, Object> session = ActionContext.getContext().getSession();
 
@Override
public User getModel() {
return user;
}
public LoginAction()
{
}
 
public String doLogin()
{
 
// If password or user name are empty, the login fails.
if ("".equals(getUserName()) || "".equals(getPw())
|| getUserName() == null || getPw() == null)
{
return ERROR;
}
 
String verifiedUser = verifyUser(getUserName(), getPw());
if (verifiedUser.equals("failed"))
{
return ERROR;
}
else
{
 
// Put user name, password into session
session.put("username", getUserName());
session.put("pw", getPw());
return verifiedUser;
}
}
 
public String doLogout()
{
// TODO: Kill session content for logout
return SUCCESS;
}
 
/**
* Verify user credentials
*
* @param String
* username: User name
* @param String
* password: Password (hashed)
* @return
*/
public String verifyUser(String username, String password)
{
// DB Query
User u = userDAO.searchUsername(username);
 
// User does not exist
if (u == null)
return ERROR;
 
// User password does not match
if (!u.getPassword().equals(password))
return ERROR;
 
// User credentials are fine, check for admin rights
if (u.isAdmin())
{
return "admin";
}
else
{
return "user";
}
}
 
public String getUserName()
{
return userName;
}
 
public void setUserName(String userName)
{
this.userName = userName;
}
 
public String getPw()
{
return pw;
}
 
public void setPw(String pw)
{
this.pw = pw;
}
 
@Override
public User getModel()
{
return user;
}
}