logger.log(Level.INFO, "Begin POST body parsing <" + postString + ">");
String[] credentials = parsePost(postString); // [0] - username, [1] - password
logger.log(Level.INFO, "End POST body parsing <" + postString + ">");
// attempt to retrieve the User from the Manager layer
ManagerLayer manager = ManagerLayer.getInstance();
User[] u;
try {
System.out.println("DEBUG: Retrieve Login User");
logger.log(Level.INFO, "Attempting to retrieve User...");
u = manager.getUsers().getEntity(credentials[0]);
} catch (NotFoundException e) {
logger.log(Level.WARNING, "Login attempted with non-existant user <" + credentials[0] + ">");
throw new AuthenticationException("The user \"" + credentials[0] + "\" could not be found. Please check if the username was spelled correctly.");
}
User user = u[0];
// check password
System.out.println("DEBUG: Authenticate Password");
// password security
logger.log(Level.INFO, "Authenticating password for User <" + credentials[0] + ">...");
String hashedPassword = this.passwordHash.generateHash(credentials[1]);
if(!user.matchPassword(hashedPassword))
{
logger.log(Level.WARNING, "Login attempted with bad password for User <" + credentials[0] + ">");
throw new AuthenticationException("An invalid password was given. Please check the password and try again.");
}
logger.log(Level.INFO, "Password authentication Success! <" + credentials[0] + ">");
// create a Session mapping in the ManagerLayer
SessionManager sessions = manager.getSessions();
String ssid = sessions.createSession(user);
Session userSession = sessions.getSession(ssid);
System.out.println("DEBUG: Create Session");