login.java example

Explorer

EnterpriseGym-master
- eGym
  - src
    - main
      - java
        Lib
        AeSimpleSHA256.java
        Convertors.java
        ResetPasswordEmail.java
        Models
        AttendanceModel.java
        CarouselImageModel.java
        EventsCommentModel.java
        EventsModel.java
        NewsCommentModel.java
        NewsModel.java
        UserModel.java
        Stores
        ActivityType.java
        BasicUser.java
        CarouselImageStore.java
        EventStore.java
        LoggedIn.java
        QuestionStore.java
        QuizStore.java
        UserStatusTypes.java
        UserStore.java
        UserTypes.java
        com
        egym
        CreateNewQuiz.java
        CreateQuizQuestions.java
        DeleteAllPoints.java
        DeleteUserAccount.java
        EditEvent.java
        EditNews.java
        EventItem.java
        EventSignUp.java
        GetAllUsers.java
        GetAttendees.java
        GetCarouselImages.java
        GetCarouselInformation.java
        GetQuizzes.java
        GetUserTypes.java
        NewsItem.java
        PostEventsComments.java
        PostMultipleUsers.java
        PostNewsComments.java
        QuickRegisterUser.java
        RegisterAttendee.java
        RegisterNewUser.java
        ResetPassword.java
        UpdateUserAccountType.java
        UserApproved.java
        approveUsers.java
        createActivity.java
        createNews.java
        editUserDetails.java
        events.java
        eventsComments.java
        getQuizQuestions.java
        getUserDetails.java
        homePage.java
        login.java
        logout.java
        news.java
        newsComments.java
        overallLeaderboard.java
        profile.java
        register.java
        resetUserPassword.java
        test2.java
        testServlet.java
        updateCarouselItem.java
        updateQuizAttempts.java
        userAnonymous.java

/*
 * To change this license header, choose License Headers in Project Properties.
 * To change this template file, choose Tools | Templates
 * and open the template in the editor.
 */
package com.egym;

import Lib.AeSimpleSHA256;
import Stores.LoggedIn;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.NoSuchAlgorithmException;
import java.security.spec.InvalidKeySpecException;
import java.sql.CallableStatement;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

/**
 *
 * @author Tom
 */
@WebServlet(name = "login", urlPatterns = {"/login"})
public class login extends HttpServlet {
    
    Connection con = null;
    static final String JDBC_DRIVER ="com.mysql.jdbc.Driver";  
    String url = "jdbc:mysql://46.101.32.81:3306/EGAlexander";
    String user = "root";
    String password = "teameight";

    /**
     * Processes requests for both HTTP <code>GET</code> and <code>POST</code>
     * methods.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    protected void processRequest(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        
    }

    // <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
    /**
     * Handles the HTTP <code>GET</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doGet(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        response.sendRedirect("login.jsp");
    }

    /**
     * Handles the HTTP <code>POST</code> method.
     *
     * @param request servlet request
     * @param response servlet response
     * @throws ServletException if a servlet-specific error occurs
     * @throws IOException if an I/O error occurs
     */
    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response)
            throws ServletException, IOException {
        try {
            String username = request.getParameter("username");
            String passwordAttempt = request.getParameter("password");
            
            Class.forName("com.mysql.jdbc.Driver").newInstance();
            con = DriverManager.getConnection(url, user, password);
            
            CallableStatement cs = this.con.prepareCall("{call login_users(?)}");
            cs.setString(1, username);
            ResultSet rs = cs.executeQuery();
            
            if (rs.next()) { // found an account for the given username
                int approved = rs.getInt("Approved");
                
                if (approved == 1) { // is an approved account
                    int userType = rs.getInt("UserTypes_idUserTypes");

                    String storedPassword = rs.getString("password");
                    String hexSalt = rs.getString("salt");
                    byte[] salt = AeSimpleSHA256.fromHex(hexSalt);

                    cs.close();
                    con.close();

                    String encodedPasswordAttempt = null;
                    try
                    {
                        encodedPasswordAttempt = AeSimpleSHA256.getHash(passwordAttempt, salt);

                        if (encodedPasswordAttempt.equals(storedPassword)) { // login success
                            LoggedIn lg = new LoggedIn(true, username, userType);

                            HttpSession session = request.getSession();
                            session.setAttribute("LoggedIn", lg);

                            response.sendRedirect("/eGym/homePage");
                        } else { // incorrect password
                            response.sendRedirect("/eGym/login");
                        }
                    }
                    catch (UnsupportedEncodingException | NoSuchAlgorithmException et)
                    {
                        response.sendRedirect("/eGym/login");
                    } catch (InvalidKeySpecException ex) {
                        Logger.getLogger(login.class.getName()).log(Level.SEVERE, null, ex);
                    }
                } else { // is an unnapproved user
                    con.close();
                    response.sendRedirect("/eGym/login");
                }
            } else { // no account for the given username
                con.close();
                response.sendRedirect("/eGym/login");
            }
        } catch (ClassNotFoundException | SQLException | InstantiationException | IllegalAccessException ex) {
            Logger.getLogger(RegisterNewUser.class.getName()).log(Level.SEVERE, null, ex);
        }
    }

    /**
     * Returns a short description of the servlet.
     *
     * @return a String containing servlet description
     */
    @Override
    public String getServletInfo() {
        return "Short description";
    }// </editor-fold>

}