package org.xadoop.servlet.actions;
import java.util.HashMap;
import javax.servlet.ServletContext;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import org.xadoop.SessionAttrs;
import org.xadoop.XadoopConfig;
import org.xadoop.XadoopConstants;
import org.xadoop.servlet.actions.results.AbstractResult;
import org.xadoop.servlet.actions.results.Failure;
import org.xadoop.servlet.actions.results.Success;
import org.xadoop.servlet.pages.LoginPage;
import org.xadoop.servlet.utils.PostRequest;
/**
* An action to login.
*
* @author Lukas Blunschi
*/
public class LoginAction extends AbstractAction {
public static final String ACTIONNAME = "login";
public AbstractResult execute(HttpServletRequest req) {
// get required parameters
PostRequest postReq = new PostRequest();
try {
postReq.parse(req, null, false);
} catch (Exception e) {
return new Failure(e.getMessage());
}
String username = postReq.getFormField(LoginPage.USERNAME);
String enteredPw = postReq.getFormField(LoginPage.PASSWORD);
if (username == null) {
return new Failure("No username given.");
}
if (username.length() > 40) {
return new Failure("Too long username entered.");
}
if (enteredPw == null) {
return new Failure("No password given.");
}
// lookup user
HttpSession session = req.getSession();
ServletContext ctx = session.getServletContext();
XadoopConfig config = (XadoopConfig) ctx.getAttribute(XadoopConstants.CTX_CONFIG);
HashMap<String, String> userMap = config.getUserMap();
String storedPw = userMap.get(username);
if (storedPw != null) {
if (storedPw.equals(enteredPw)) {
// store login in session and return success (null)
session.setAttribute(SessionAttrs.USERNAME, username);
return new Success("");
} else {
return new Failure("Wrong password for user " + username + " entered.");
}
} else {
return new Failure("Username does not exist.");
}
}
}