Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public Customer validateCustomer(Customer customer) {
- //get the customer from the database
- Query q = em.createQuery("SELECT c from Customer c WHERE c.login = :username");
- q.setParameter("username", customer.getLogin());
- List<Customer> results = q.getResultList();
- //check if user exsists
- if(!results.isEmpty()){
- Customer fromDb = results.get(0);
- //check if user provided correct password
- if (!fromDb.getPassword().equals(customer.getPassword())) {
- return null;
- } else {
- //create the session token and save it to the database
- Random random = new SecureRandom();
- String token = new BigInteger(130, random).toString(32);
- tx.begin();
- int executeUpdate = em.createQuery("UPDATE Customer c SET c.token = :token WHERE c.id = :id")
- .setParameter("token", token)
- .setParameter("id", fromDb.getId())
- .executeUpdate();
- tx.commit();
- em.close();
- //update previously pulled customer with the token
- fromDb.setToken(token);
- //return the customer
- return fromDb;
- }
- } else {
- return null;
- }
- }
- public Response login (Customer customer){
- Customer c = customerService.validateCustomer(customer);
- if (c != null){
- return Response.status(Response.Status.OK).entity(c).build();
- //System.out.println(c);
- } else {
- return Response.status(Response.Status.FORBIDDEN).entity("Incorrect username or password.").build();
- }
- }
- Customer c = new Customer();
- c.setEmail(fromDb.getEmail());
- c.setLogin(fromDb.getLogin());
- c.setToken(token);
- c.setId(fromDb.getId());
Add Comment
Please, Sign In to add comment
