| 2,10 → 2,10 |
|---|
| |
| import java.util.Map; |
| |
| import ch.ffhs.webE.dao.UserDAO; |
| import ch.ffhs.webE.dao.UserDAOImpl; |
| import ch.ffhs.webE.domain.User; |
| |
| import com.opensymphony.xwork2.Action; |
| import com.opensymphony.xwork2.ActionContext; |
| import com.opensymphony.xwork2.ActionSupport; |
| import com.opensymphony.xwork2.ModelDriven; |
| 13,115 → 13,125 |
|---|
| public class LoginAction extends ActionSupport implements ModelDriven<User> |
| { |
| |
| private static final long serialVersionUID = 1799753056277211344L; |
| private User user = new User(); |
| private UserDAO userDAO = new UserDAOImpl(); |
| private static final long serialVersionUID = 1799753056277211344L; |
| private final User user = new User(); |
| private final UserDAOImpl userDAO = new UserDAOImpl(); |
| |
| // Form fields |
| private String userName; |
| private String pw; |
| /* Form fields */ |
| private String userName; |
| private String pw; |
| |
| // Session Object |
| Map<String, Object> session = ActionContext.getContext().getSession(); |
| /** |
| * JSP session object |
| */ |
| Map<String, Object> session = ActionContext.getContext().getSession(); |
| |
| public LoginAction() |
| { |
| } |
| /** |
| * |
| */ |
| public LoginAction() |
| { |
| } |
| |
| public String doLogin() |
| public String doLogin() |
| { |
| |
| // If password or user name are empty, the login fails. |
| if ("".equals(this.getUserName()) || "".equals(this.getPw()) |
| || this.getUserName() == null || this.getPw() == null) |
| { |
| |
| // If password or user name are empty, the login fails. |
| if ("".equals(getUserName()) || "".equals(getPw()) |
| || getUserName() == null || getPw() == null) |
| { |
| addFieldError("userName", "Falscher Username oder Passwort"); |
| return ERROR; |
| } |
| |
| String verifiedUser = verifyUser(getUserName(), getPw()); |
| if (verifiedUser.equals("failed")) |
| { |
| addFieldError("userName", "Falscher Username oder Passwort"); |
| return ERROR; |
| } |
| else |
| { |
| |
| // Put user name, password into session |
| session.put("username", getUserName()); |
| session.put("pw", getPw()); |
| return verifiedUser; |
| } |
| this.addFieldError("userName", "Falscher Username oder Passwort"); |
| return Action.ERROR; |
| } |
| |
| /** |
| * Logout ausführen. Zerstört die Daten in der Session |
| * @return String |
| */ |
| public String doLogout() |
| String verifiedUser = this.verifyUser(this.getUserName(), this.getPw()); |
| if (verifiedUser.equals("failed")) |
| { |
| //Kill Session content |
| ActionContext.getContext().getSession().clear(); |
| return SUCCESS; |
| this.addFieldError("userName", "Falscher Username oder Passwort"); |
| return Action.ERROR; |
| } |
| |
| /** |
| * Verify user credentials |
| * |
| * @param String |
| * username: User name |
| * @param String |
| * password: Password (hashed) |
| * @return |
| */ |
| public String verifyUser(String username, String password) |
| else |
| { |
| // DB Query |
| User u = userDAO.searchUsername(username); |
| |
| // User does not exist |
| if (u == null) |
| return ERROR; |
| // Put user name, password into session |
| this.session.put("username", this.getUserName()); |
| this.session.put("pw", this.getPw()); |
| return verifiedUser; |
| } |
| } |
| |
| // User password does not match |
| if (!u.getPassword().equals(password)) |
| return ERROR; |
| /** |
| * Logout ausf�hren. Zerst�rt die Daten in der Session |
| * |
| * @return String |
| */ |
| public String doLogout() |
| { |
| // Kill Session content |
| ActionContext.getContext().getSession().clear(); |
| return Action.SUCCESS; |
| } |
| |
| // User credentials are fine, check for admin rights |
| if (u.isAdmin()) |
| { |
| return "admin"; |
| } |
| else |
| { |
| return "user"; |
| } |
| } |
| /** |
| * Verify user credentials |
| * |
| * @param String |
| * username: User name |
| * @param String |
| * password: Password (hashed) |
| * @return |
| */ |
| public String verifyUser(String username, String password) |
| { |
| // DB Query |
| User u = this.userDAO.searchUsername(username); |
| |
| public String getUserName() |
| // User does not exist |
| if (u == null) |
| { |
| return userName; |
| return Action.ERROR; |
| } |
| |
| public void setUserName(String userName) |
| // User password does not match |
| if (!u.getPassword().equals(password)) |
| { |
| this.userName = userName; |
| return Action.ERROR; |
| } |
| |
| public String getPw() |
| // User credentials are fine, check for admin rights |
| if (u.isAdmin()) |
| { |
| return pw; |
| return "admin"; |
| } |
| |
| public void setPw(String pw) |
| else |
| { |
| this.pw = pw; |
| return "user"; |
| } |
| } |
| |
| @Override |
| public User getModel() |
| { |
| return user; |
| } |
| public String getUserName() |
| { |
| return this.userName; |
| } |
| |
| public void setUserName(String userName) |
| { |
| this.userName = userName; |
| } |
| |
| public String getPw() |
| { |
| return this.pw; |
| } |
| |
| public void setPw(String pw) |
| { |
| this.pw = pw; |
| } |
| |
| @Override |
| public User getModel() |
| { |
| return this.user; |
| } |
| } |