Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <head>
- <!-- more scripts / google api js are here -->
- <script type="text/javascript">
- function get_action(form) {
- var v = grecaptcha.getResponse();
- if(v.length === 0) {
- document.getElementById('captcha').innerHTML="Login failed: Empty captcha";
- return false;
- } else {
- return true;
- }
- }
- </script>
- </head>
- <body>
- <form action="login" method="post" onsubmit="return get_action(this);">
- <input type="text" id="email" value="${fn:escapeXml(param.email)}" required>
- <input type="text" id="password" value="${fn:escapeXml(param.password)}" required>
- <div class="g-recaptcha" data-sitekey="xxx"></div>
- <input class="submit_button" type="submit" name="submit" value="Submit" />
- <span class="error"${error.invalid}</span>
- <div id="captcha" class="captchaError"></div>
- </form>
- </body>
- </html>
- @WebServlet("/login")
- public class LoginServlet extends HttpServlet {
- private LoginDAO loginDAO;
- @Override
- protected void doGet(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- request.getRequestDispatcher("login.jsp").forward(request,response);
- }
- @Override
- protected void doPost(HttpServletRequest request, HttpServletResponse response)
- throws ServletException, IOException {
- Map<String, String> error = new HashMap<String,String>();
- request.setAttribute("error",error);
- String email = request.getParameter("email");
- String password = request.getParameter("password");
- // Verify re-captcha
- String gRecaptchaResponse = request.getParameter("captcha");
- boolean verify = VerifyRecaptcha.verify(gRecaptchaResponse);
- if(!verify) {
- error.put("captcha","You seem to be a robot. Try to use the captcha again");
- }
- if(error.isEmpty()) {
- loginDAO = new LoginDAO();
- try {
- List<Customer> customer = new ArrayList<Customer>();
- customer = loginDAO.validate(email,password);
- if(customer.isEmpty()) {
- error.put("invalid","Invalid email or password");
- }
- if(error.isEmpty()) { // no errors, proceed
- HttpSession session = request.getSession(true);
- Customer user = customer.get(0);
- session.setAttribute("user",user);
- response.sendRedirect("main");
- return;
- }
- request.getRequestDispatcher("login").forward(request,response);
- } catch(SQLException e) {
- throw new ServletException("Could not check login",e);
- }
- loginDAO.closeLoginDAO();
- }
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement