SHOW:
|
|
- or go back to the newest paste.
1 | package startupdemo.controller; | |
2 | ||
3 | import java.sql.Connection; | |
4 | import java.sql.ResultSet; | |
5 | import java.sql.Statement; | |
6 | ||
7 | import javax.annotation.Resource; | |
8 | ||
9 | import java.util.concurrent.locks.ReentrantLock; | |
10 | ||
11 | import org.jboss.logging.Logger; | |
12 | import org.springframework.ui.Model; | |
13 | import org.springframework.web.bind.annotation.RequestMapping; | |
14 | import org.springframework.web.bind.annotation.RequestMethod; | |
15 | import org.springframework.web.bind.annotation.RequestParam; | |
16 | import org.springframework.web.bind.annotation.RestController; | |
17 | import org.springframework.web.servlet.mvc.support.RedirectAttributes; | |
18 | ||
19 | import startupdemo.service.MysqlService; | |
20 | import startupdemo.service.UserService; | |
21 | ||
22 | ||
23 | @RestController | |
24 | @RequestMapping("/login") | |
25 | public class LoginController | |
26 | { | |
27 | private static Logger LOG = Logger.getLogger(LoginController.class); | |
28 | ||
29 | private static String REDIRECT_PREFIX = "redirect:"; | |
30 | ||
31 | @Resource(name = "userService") | |
32 | private UserService userService; | |
33 | ||
34 | @Resource(name = "mysqlService") | |
35 | private MysqlService mysqlService; | |
36 | ||
37 | private final ReentrantLock lock = new ReentrantLock(); | |
38 | ||
39 | private String firstname; | |
40 | ||
41 | @RequestMapping(method = RequestMethod.GET) | |
42 | public String getLoginPage() | |
43 | { | |
44 | return "login"; | |
45 | } | |
46 | ||
47 | @RequestMapping(method = RequestMethod.POST) | |
48 | public String loginUser(@RequestParam(value = "username", required = true) final String username, | |
49 | @RequestParam(value = "password", required = true) final String password, | |
50 | final Model model, final RedirectAttributes redirectAttributes) | |
51 | { | |
52 | final boolean loginsuccess = authenticateUser(username, password); | |
53 | if (loginsuccess) | |
54 | { | |
55 | // SUD-14 add customer greeting | |
56 | redirectAttributes.addFlashAttribute("message", "Welcome to startupdemo, " + firstname + "!"); | |
57 | ||
58 | LOG.info("Login successful. Redirecting user to main application."); | |
59 | return REDIRECT_PREFIX + "/startupdemo"; | |
60 | } | |
61 | ||
62 | LOG.info("Login failed."); | |
63 | model.addAttribute("errorMessage", "Could not login user " + username + ". Invalid username or password."); | |
64 | return "login"; | |
65 | } | |
66 | ||
67 | private boolean authenticateUser(final String username, final String password) | |
68 | { | |
69 | boolean result = false; | |
70 | try | |
71 | { | |
72 | lock.lock(); | |
73 | final Connection connection = mysqlService.openMysqlConnection(); | |
74 | ||
75 | final Statement s = connection.createStatement(); | |
76 | final String q = "SELECT * FROM users WHERE username = '" + username + "' AND password = '" + password + "'"; | |
77 | final ResultSet rs = s.executeQuery(q); | |
78 | if (rs.next()) | |
79 | { | |
80 | result = true; | |
81 | userService.setCurrentUser(username); | |
82 | firstname = rs.getString("firstname"); | |
83 | } | |
84 | rs.close(); | |
85 | s.close(); | |
86 | ||
87 | mysqlService.closeMysqlConnection(); | |
88 | ||
89 | lock.unlock(); | |
90 | } | |
91 | catch (final Exception e) | |
92 | { | |
93 | LOG.error("Error happened while authenticating user."); | |
94 | } | |
95 | return result; | |
96 | } | |
97 | ||
98 | } |