@WebServlet("/login")public class LoginServlet extends HttpServlet { pr

1. @WebServlet("/login")
2. public class LoginServlet extends HttpServlet {
3.  
4. private static final long serialVersionUID = -8889013342089998973L;
5. private static final Logger l = Logger.getLogger(LoginServlet.class);
6.  
7. @Override
8. protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
9.  
10. HttpClient client = HttpClientBuilder.create().build();
11. HttpPost post = new HttpPost("https://www.google.com/recaptcha/api/siteverify");
12. List<NameValuePair> arguments = new ArrayList<>();
13. arguments.add(new BasicNameValuePair("secret", "6LedYjkUAAAAAAqUESIc9qslL2gVT0vltEUeztlA"));
14. arguments.add(new BasicNameValuePair("response", req.getParameter("g-recaptcha-response")));
15. try {
16. post.setEntity(new UrlEncodedFormEntity(arguments));
17. HttpResponse response = client.execute(post);
18. JsonElement je = new JsonParser().parse(EntityUtils.toString(response.getEntity()));
19. JsonObject jo = je.getAsJsonObject();
20. boolean success = jo.get("success").getAsBoolean();
21. if (!success) {
22. req.setAttribute("error", "Robots are not welcome.");
23. getServletContext().getRequestDispatcher("/logon.jsp").forward(req, resp);
24. return;
25. }
26. } catch (IOException e) {
27. e.printStackTrace();
28. req.setAttribute("error", "Robot checking is failed. Please try again.");
29. getServletContext().getRequestDispatcher("/logon.jsp").forward(req, resp);
30. return;
31. }
32.  
33. String email = req.getParameter("j_username");
34. String password = req.getParameter("j_password");
35.  
36. if (!email.matches("^[A-Za-z0-9]+@[a-z0-9]+(?:.[a-z]+[a-z]*)+$")) {
37. req.setAttribute("error", "Email must be valid.");
38. getServletContext().getRequestDispatcher("/logon.jsp").forward(req, resp);
39. return;
40. }
41.  
42. l.info("User " + email + " sent the password.");
43. boolean remember = "on".equals(req.getParameter("remember_me"));
44. l.info("Remember me mode is " + remember + ".");
45. try {
46.  
47. User user = new User();
48. try {
49. user.setPasswordRaw(password);
50. } catch (NoSuchAlgorithmException e) {
51. e.printStackTrace();
52. }
53. user.setEmail(email);
54. l.info("Signing in " + user.getEmail());
55. req.login(user.getEmail(), user.getPassword());
56. l.info("If user succeed with login for email " + email + " the random UUID is generated.");
57. String randomUUID = UUID.randomUUID().toString();
58. /*try {
59. if (remember) {
60. UserDAO.INSTANCE.setUUID(user.getEmail(), randomUUID);
61. l.info("For user " + email + " uuid is stored to db.");
62. Cookies.addCookie(req, resp, Cookies.COOKIE_NAME, randomUUID, Cookies.COOKIE_AGE);
63. l.info("For user " + email + " uuid cookie is added to the forwarded response.");
64. } else {
65. UserDAO.INSTANCE.deleteUUID(user.getEmail());
66. l.info("For user " + email + " uuid is cleared from the db");
67. Cookies.removeCookie(req, resp, Cookies.COOKIE_NAME);
68. l.info("For user " + email + " uuid cookie is removed i.e. set to 0 age in forwarded response");
69. }
70. } catch (SQLException e) {
71. l.error(e.getMessage());
72. l.error(e.getSQLState());
73. l.error(e.getLocalizedMessage());
74. }*/
75. } catch (ServletException e) {
76. String errorMessage = "Email or password is incorrect, please try again.";
77. l.info("Some error occurs for " + email + "; the error message is: " + e.getLocalizedMessage());
78. if (!e.getLocalizedMessage().equals("Login failed")) {
79. errorMessage = e.getLocalizedMessage();
80. }
81. req.setAttribute("error", errorMessage);
82. getServletContext().getRequestDispatcher("/logon.jsp").forward(req, resp);
83. return;
84. }
85. String redirectTo = req.getParameter("url");
86. l.info("For user " + email + " the page is redirected to " + "the initial url user tried to access.");
87. resp.sendRedirect(redirectTo);
88. }
89.  
90. }