Created
July 13, 2011 10:34
-
-
Save theresajayne/1080065 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public void doRequest(HttpServletRequest request, | |
| HttpServletResponse response) | |
| throws ServletException, | |
| IOException { | |
| //Check for the parameters being correct from the request. | |
| RequestHelper requestHelper = new RequestHelper(request); | |
| if ("".compareTo(requestHelper.getRequestParameter("username")) == 0) { | |
| //forward to the login.jsp page to allow logins | |
| LOGGER.error("No Form submitted so forward to login page\n"); | |
| response.sendRedirect("/InBrand-2/login.jsp"); | |
| } else { | |
| String username = requestHelper.getRequestParameter("username"); | |
| String password = requestHelper.getRequestParameter("password"); | |
| LOGGER.error("Received Username :" + username + " Password: " + password); | |
| UsersBase users = appservice.getUserRecord(username); | |
| if (users == null) { | |
| //We have no user so send them to the not logged in page with a message that their username or password is incorrect. | |
| LOGGER.error("User Not existing so send back to reload"); | |
| request.setAttribute("message","Invalid login Credentials, Please speak to your InBrand Champion"); | |
| RequestDispatcher dispatcher = request.getRequestDispatcher("login.jsp"); | |
| dispatcher.forward(request, response); | |
| } else { | |
| //now check password to see if we have a valid user | |
| LOGGER.error("Checking Password User is as follows:"); | |
| LOGGER.error(users.getUser_id()); | |
| LOGGER.error(users.getUser_name()); | |
| LOGGER.error(users.getUser_firstname()); | |
| LOGGER.error(users.getUser_lastname()); | |
| if (users.getUser_password().compareTo(password) != 0) { | |
| LOGGER.error("Passwords do not match - invalidating"); | |
| users = null; | |
| request.setAttribute("message", "Invalid login Credentials, Please speak to your InBrand Champion"); | |
| response.sendRedirect("/InBrand-2/login.jsp"); | |
| } | |
| if (users != null) { | |
| LOGGER.error("now get Licence for test"); | |
| if (users.getUser_licence() != null) { | |
| LOGGER.error("we have a licence on this user"); | |
| if (!appservice.isValidLicence(users.getUser_licence(), users.getUser_organisation())) { | |
| //they can now get lost as they are not logged in | |
| users = null; | |
| LOGGER.error("not valid licence"); | |
| request.setAttribute("message", "Invalid login Credentials, Please speak to your InBrand Champion"); | |
| response.sendRedirect("/InBrand-2/login.jsp"); | |
| } | |
| } else { | |
| LOGGER.error("This user doesnt have a valid licence and so cannot log in"); | |
| request.setAttribute("message", "Invalid login Credentials, Please speak to your InBrand Champion"); | |
| response.sendRedirect("/InBrand-2/login.jsp"); | |
| } | |
| if (users != null) { | |
| LOGGER.error("Check cookie monster"); | |
| String userCookie = requestHelper.getCookie(RequestHelper.USER_ID_COOKIE_NAME); | |
| if (userCookie == null) { | |
| LOGGER.error("Cookie monster is out on this client"); | |
| //no cookie here | |
| if (users != null) { | |
| LOGGER.error("Are they already logged in?"); | |
| //we need to check if they are logged in already though can't have more than one person logged in at the same time | |
| if(users.getUser_loggedin() == null){ | |
| users.setUser_loggedin(new Boolean("false")); | |
| } | |
| if(users.getUser_loggedin().booleanValue()){ | |
| LOGGER.error("Logged in so need to log them out from other instance"); | |
| //they are logged in so get the key and make sure this isnt just a reopened browser | |
| //then ask them if they want to be reset before logging them in | |
| response.sendRedirect("/InBrand-2/jsp/invalidate.jsp"); | |
| } else { | |
| LOGGER.error("Not logged in so log them in and redirect to the moduleController"); | |
| users.setUser_loggedin(true); | |
| users.setUser_lastlogged(new Date()); | |
| String userHash = MD5Utils.getMD5(String.valueOf(users.getUser_id())+users.getUser_lastlogged()+ request.getRemoteAddr(), LOGGER); | |
| appservice.saveUsers(users); | |
| //Set the cookie now | |
| Cookie myCookie = new Cookie("inbrand",userHash); | |
| myCookie.setMaxAge(60*60^24); | |
| response.addCookie(myCookie); | |
| response.sendRedirect("/InBrand-2/moduleController/main"); | |
| } | |
| } else { | |
| LOGGER.fatal("Why are we here"); | |
| //for some reason the user is null so send them back to login | |
| request.setAttribute("message", "Invalid login Credentials, Please speak to your InBrand Champion"); | |
| } | |
| } //ok are they just coming back or should we invalidate this cookie | |
| else { | |
| if (users.getUser_loggedin()) { | |
| LOGGER.error("User logged in already"); | |
| //ask invalidate | |
| //if key matches then leave as is or ask invalidate if not | |
| } else { | |
| LOGGER.error("Logging them in and setting cookies then redirect to moduleController"); | |
| //log in and set cookies | |
| users.setUser_loggedin(true); | |
| users.setUser_lastlogged(new Date()); | |
| String userHash = MD5Utils.getMD5(String.valueOf(users.getUser_id())+users.getUser_lastlogged()+ request.getRemoteAddr(), LOGGER); | |
| appservice.saveUsers(users); | |
| //Set the cookie now | |
| Cookie myCookie = new Cookie(requestHelper.USER_ID_COOKIE_NAME,userHash); | |
| myCookie.setMaxAge(60*60^24); | |
| response.addCookie(myCookie); | |
| response.sendRedirect("/InBrand-2/moduleController/main"); | |
| } | |
| } | |
| } | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment