return af;
}
public ActionForward login(ActionMapping mapping, ActionForm lf, HttpServletRequest request,
HttpServletResponse response) throws Exception {
LoginForm form = (LoginForm) lf;
/**
* referrer can be used to have diferent login forms in diferent pages
* so referer has to be set (as a hidden input) in the login form page to return there in case of an error or
* success (the sucess url can be overriden by setting the session REDIRECT_AFTER_LOGIN property in the login form as well)
*/
String referrer = null;
if (request.getAttribute("referrer") != null && !request.getAttribute("referrer").toString().equalsIgnoreCase(""))
{
referrer = (String)request.getAttribute("referrer");
}
else if (request.getParameter("referrer") != null && !request.getParameter("referrer").toString().equalsIgnoreCase(""))
{
referrer = SecurityUtils.stripReferer(request, (String)request.getParameter("referrer"));
}
try {
if (LoginFactory.doLogin(form, request, response)) {
if(!UtilMethods.isSet(referrer))
referrer = "/";
User u = (User) request.getSession().getAttribute(WebKeys.CMS_USER);
List<Role> userRoles = com.dotmarketing.business.APILocator.getRoleAPI().loadRolesForUser(u.getUserId());
Role defaultRole = com.dotmarketing.business.APILocator.getRoleAPI().loadRoleByKey(Config.getStringProperty("CMS_VIEWER_ROLE"));
if (!userRoles.contains(defaultRole)) {
com.dotmarketing.business.APILocator.getRoleAPI().addRoleToUser(defaultRole.getId(), u);
}
UserProxy userproxy = com.dotmarketing.business.APILocator.getUserProxyAPI().getUserProxy(u,APILocator.getUserAPI().getSystemUser(), false);
if (UtilMethods.isSet(userproxy.getLongLivedCookie())) {
//reset cookie in request
Cookie cookie = UtilMethods.getCookie(request.getCookies(), WebKeys.LONG_LIVED_DOTCMS_ID_COOKIE);
if (cookie != null) {
cookie.setMaxAge(-1);
cookie.setPath("/");
response.addCookie(cookie);
}
}
else {
String _dotCMSID = "";
if(!UtilMethods.isSet(UtilMethods.getCookieValue(request.getCookies(),
com.dotmarketing.util.WebKeys.LONG_LIVED_DOTCMS_ID_COOKIE))) {
Cookie idCookie = CookieUtil.createCookie();
}
_dotCMSID = UtilMethods.getCookieValue(request.getCookies(),
com.dotmarketing.util.WebKeys.LONG_LIVED_DOTCMS_ID_COOKIE);
userproxy.setLongLivedCookie(_dotCMSID);
}
request.getSession().removeAttribute(WebKeys.PENDING_ALERT_SEEN);
if (request.getSession().getAttribute(WebKeys.REDIRECT_AFTER_LOGIN) != null) {
String redir = (String) request.getSession().getAttribute(WebKeys.REDIRECT_AFTER_LOGIN);
request.removeAttribute(WebKeys.REDIRECT_AFTER_LOGIN);
Logger.debug(this.getClass(), "redirecting after account creation: " + redir);
ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, redir));
af.setRedirect(true);
return af;
}
ActionMessages msg = new ActionMessages();
msg.add(Globals.MESSAGE_KEY, new ActionMessage("message.Login.Successful"));
request.setAttribute(Globals.MESSAGE_KEY, msg);
ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, referrer));
af.setRedirect(true);
return af;
}
else if (isUserInactive(form, request)) {
return mapping.findForward("resendActivationPage");
}
Logger.debug(this, "Failed login redirecting to: " + referrer);
ActionErrors errors = new ActionErrors();
errors.add(Globals.ERROR_KEY, new ActionMessage("errors.password.mismatch"));
request.getSession().setAttribute(Globals.ERROR_KEY, errors);
if(referrer != null && !referrer.equals("/")) {
ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, referrer));
af.setRedirect(true);
return af;
} else {
if (!Config.getBooleanProperty("USE_CHALLENGE_QUESTION")) {
if(referrer != null && !referrer.equals("/")) {
ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, referrer));
af.setRedirect(true);
return af;
} else
return mapping.findForward("loginPage");
} else {
User user = null;
Company company = PublicCompanyFactory.getDefaultCompany();
if (company.getAuthType().equals(Company.AUTH_TYPE_EA)) {
user = APILocator.getUserAPI().loadByUserByEmail(form.getUserName().toLowerCase(), APILocator.getUserAPI().getSystemUser(), false);
} else {
user = APILocator.getUserAPI().loadUserById(form.getUserName().toLowerCase(),APILocator.getUserAPI().getSystemUser(),false);
}
ActionForward af = new ActionForward(SecurityUtils.stripReferer(request, mapping.findForward("challengeQuestionPage").getPath() + "?emailAddress=" + user.getEmailAddress()));
return af;
}