@WebFilter("/") public class Filter implements javax.servlet.Filter {@Overrid

1. @WebFilter("/")
2. public class Filter implements javax.servlet.Filter {
3.  
4. @Override
5. public void init(FilterConfig filterConfig) throws ServletException {
6. }
7.  
8. @Override
9. public void doFilter(final ServletRequest request,
10. final ServletResponse response,
11. final FilterChain filterChain)
12.  
13. throws IOException, ServletException {
14.  
15. final HttpServletRequest req = (HttpServletRequest) request;
16. final HttpServletResponse resp = (HttpServletResponse) response;
17.  
18. @SuppressWarnings("unchecked")
19. final AtomicReference<UserDAO> dao = (AtomicReference<UserDAO>) req.getServletContext().getAttribute("dao");
20.  
21. final String username = req.getParameter("username");
22. final String password = req.getParameter("password");
23. final String action = req.getParameter("action");
24. final String remember = req.getParameter("remember");
25.  
26. //Just in case
27. final String path = req.getRequestURI().substring(req.getContextPath().length());
28.  
29. if (path.startsWith("/resources/")) {
30. filterChain.doFilter(request, response); // Goes to default servlet.
31. }
32.  
33. final Cookie[] cookies = req.getCookies();
34.  
35. if (cookies != null) {
36. for (Cookie cookie : cookies) {
37.  
38. if (dao.get().checkUserById(cookie.getName()) &&
39. !cookie.getValue().isEmpty())
40. {
41. req.setAttribute("username", dao.get().getUsernameById(cookie.getName()));
42. req.getRequestDispatcher("/WEB-INF/view/home.jsp").forward(req, resp);
43. }
44. }
45. }
46.  
47. if ((username != null) && (password != null) && (action != null)) {
48.  
49. req.setAttribute("username", username);
50.  
51. if (action.equals("registration")) {
52.  
53. if (!dao.get().checkUserByUsername(username)) {
54.  
55. final String id = Integer.toString(dao.get().getSize() + 1);
56. final User user = new User(id, username, password);
57.  
58. dao.get().add(user);
59.  
60. if (remember != null && remember.equals("on")) {
61. Cookie cookie = getRememberMeCookie(id, username, password);
62. resp.addCookie(cookie);
63. }
64.  
65. req.getRequestDispatcher("/WEB-INF/view/home.jsp").forward(req, resp);
66.  
67. } else {
68. req.getRequestDispatcher("/WEB-INF/view/login-form.jsp?registration").forward(req, resp);
69. }
70.  
71. } else if (action.equals("login")) {
72.  
73. if (dao.get().checkUserByUsernameAndPassword(username, password)) {
74.  
75. String id = dao.get().getIdByUsername(username);
76.  
77. if (remember != null && remember.equals("on")) {
78. Cookie cookie = getRememberMeCookie(id, username, password);
79. resp.addCookie(cookie);
80. }
81.  
82. req.getRequestDispatcher("/WEB-INF/view/home.jsp").forward(req, resp);
83.  
84. } else {
85. req.getRequestDispatcher("/WEB-INF/view/login-form.jsp?login").forward(req, resp);
86. }
87. }
88.  
89. } else {
90. req.getRequestDispatcher("/WEB-INF/view/login-form.jsp").forward(req, resp);
91. }
92. }
93.  
94. @Override
95. public void destroy() {
96. }
97.  
98. private String md5Hash(String username, String password) throws NoSuchAlgorithmException {
99.  
100. String entryData = username + "md5Cookie" + password;
101. MessageDigest m = MessageDigest.getInstance("MD5");
102.  
103. byte[] data = entryData.getBytes();
104. m.update(data,0,data.length);
105. BigInteger i = new BigInteger(1,m.digest());
106.  
107. return String.format("%1$032X", i);
108. }
109.  
110. private Cookie getRememberMeCookie(String id, String username, String password) {
111.  
112. String md5CookieValue = null;
113.  
114. try {
115. md5CookieValue = md5Hash(username, password);
116. } catch (NoSuchAlgorithmException e) {
117. e.printStackTrace();
118. }
119.  
120. final Cookie cookie = new Cookie(id, md5CookieValue);
121. cookie.setMaxAge(60 * 60 * 24 * 15);
122.  
123. return cookie;
124. }