SHOW:
|
|
- or go back to the newest paste.
| 1 | package startupdemo.controller; | |
| 2 | ||
| 3 | import java.sql.Connection; | |
| 4 | import java.sql.ResultSet; | |
| 5 | import java.sql.Statement; | |
| 6 | ||
| 7 | import javax.annotation.Resource; | |
| 8 | ||
| 9 | import java.util.concurrent.locks.ReentrantLock; | |
| 10 | ||
| 11 | import org.jboss.logging.Logger; | |
| 12 | import org.springframework.ui.Model; | |
| 13 | import org.springframework.web.bind.annotation.RequestMapping; | |
| 14 | import org.springframework.web.bind.annotation.RequestMethod; | |
| 15 | import org.springframework.web.bind.annotation.RequestParam; | |
| 16 | import org.springframework.web.bind.annotation.RestController; | |
| 17 | import org.springframework.web.servlet.mvc.support.RedirectAttributes; | |
| 18 | ||
| 19 | import startupdemo.service.MysqlService; | |
| 20 | import startupdemo.service.UserService; | |
| 21 | ||
| 22 | ||
| 23 | @RestController | |
| 24 | @RequestMapping("/login")
| |
| 25 | public class LoginController | |
| 26 | {
| |
| 27 | private static Logger LOG = Logger.getLogger(LoginController.class); | |
| 28 | ||
| 29 | private static String REDIRECT_PREFIX = "redirect:"; | |
| 30 | ||
| 31 | @Resource(name = "userService") | |
| 32 | private UserService userService; | |
| 33 | ||
| 34 | @Resource(name = "mysqlService") | |
| 35 | private MysqlService mysqlService; | |
| 36 | ||
| 37 | private final ReentrantLock lock = new ReentrantLock(); | |
| 38 | ||
| 39 | private String firstname; | |
| 40 | ||
| 41 | @RequestMapping(method = RequestMethod.GET) | |
| 42 | public String getLoginPage() | |
| 43 | {
| |
| 44 | return "login"; | |
| 45 | } | |
| 46 | ||
| 47 | @RequestMapping(method = RequestMethod.POST) | |
| 48 | public String loginUser(@RequestParam(value = "username", required = true) final String username, | |
| 49 | @RequestParam(value = "password", required = true) final String password, | |
| 50 | final Model model, final RedirectAttributes redirectAttributes) | |
| 51 | {
| |
| 52 | final boolean loginsuccess = authenticateUser(username, password); | |
| 53 | if (loginsuccess) | |
| 54 | {
| |
| 55 | // SUD-14 add customer greeting | |
| 56 | redirectAttributes.addFlashAttribute("message", "Welcome to startupdemo, " + firstname + "!");
| |
| 57 | ||
| 58 | LOG.info("Login successful. Redirecting user to main application.");
| |
| 59 | return REDIRECT_PREFIX + "/startupdemo"; | |
| 60 | } | |
| 61 | ||
| 62 | LOG.info("Login failed.");
| |
| 63 | model.addAttribute("errorMessage", "Could not login user " + username + ". Invalid username or password.");
| |
| 64 | return "login"; | |
| 65 | } | |
| 66 | ||
| 67 | private boolean authenticateUser(final String username, final String password) | |
| 68 | {
| |
| 69 | boolean result = false; | |
| 70 | try | |
| 71 | {
| |
| 72 | lock.lock(); | |
| 73 | final Connection connection = mysqlService.openMysqlConnection(); | |
| 74 | ||
| 75 | final Statement s = connection.createStatement(); | |
| 76 | final String q = "SELECT * FROM users WHERE username = '" + username + "' AND password = '" + password + "'"; | |
| 77 | final ResultSet rs = s.executeQuery(q); | |
| 78 | if (rs.next()) | |
| 79 | {
| |
| 80 | result = true; | |
| 81 | userService.setCurrentUser(username); | |
| 82 | firstname = rs.getString("firstname");
| |
| 83 | } | |
| 84 | rs.close(); | |
| 85 | s.close(); | |
| 86 | ||
| 87 | mysqlService.closeMysqlConnection(); | |
| 88 | ||
| 89 | lock.unlock(); | |
| 90 | } | |
| 91 | catch (final Exception e) | |
| 92 | {
| |
| 93 | LOG.error("Error happened while authenticating user.");
| |
| 94 | } | |
| 95 | return result; | |
| 96 | } | |
| 97 | ||
| 98 | } |
