/*
* To change this template, choose Tools | Templates
* and open the template in the editor.
*/
package net.octal.supinbank.servlet;
import com.google.common.hash.HashCode;
import com.google.common.hash.HashFunction;
import java.io.IOException;
import java.io.PrintWriter;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Formatter;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.ejb.EJB;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import net.octal.supinbank.dao.PersonDao;
import net.octal.supinbank.entity.Person;
import net.octal.supinbank.entity.UserRole;
import com.google.common.hash.Hashing;
/**
*
* @author octal
*/
@WebServlet(name = "LoginServlet", urlPatterns = {"/login"})
public class LoginServlet extends HttpServlet {
@EJB
private PersonDao personDao;
// <editor-fold defaultstate="collapsed" desc="HttpServlet methods. Click on the + sign on the left to edit the code.">
/**
* Handles the HTTP
* <code>GET</code> method.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
request.getRequestDispatcher("index.jsp").forward(request, response);
}
/**
* Handles the HTTP
* <code>POST</code> method.
*
* @param request servlet request
* @param response servlet response
* @throws ServletException if a servlet-specific error occurs
* @throws IOException if an I/O error occurs
*/
@Override
protected void doPost(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
final String email = request.getParameter("mail");
final String password = request.getParameter("password");
HashFunction hf = Hashing.sha1();
HashCode hc = hf.newHasher()
.putString(password)
.hash();
final String hashedPassword = hc.toString();
final Person p = personDao.findUserByMail(email);
if (p == null) {
doGet(request, response);
}
else
{
if (p.getPassword().equals(hashedPassword)) {
final HttpSession session = request.getSession();
session.setAttribute("user", String.format("%s %s", p.getFirstName(), p.getLastName()));
if (p.getRole() == UserRole.Advisor) {
session.setAttribute("role", "advisor");
response.sendRedirect(getServletContext().getContextPath() + "/auth/admin/advisor");
}
else
{
session.setAttribute("role", "customer");
session.setAttribute("customer", p);
response.sendRedirect(getServletContext().getContextPath() + "/auth/customer");
}
}
else
{
doGet(request, response);
}
}
}
/**
* Returns a short description of the servlet.
*
* @return a String containing servlet description
*/
@Override
public String getServletInfo() {
return "Short description";
}// </editor-fold>
}