source: trunk/greenstone3-extensions/gsdl-as/src/org/greenstone/gsdlas/users/UserManager.java@ 8738

Last change on this file since 8738 was 8738, checked in by schweer, 19 years ago

user authentication works; user information and subscriptions/predicates are stored to thedatabase
  • Property svn:keywords set to Author Date Id Revision
File size: 3.9 KB
Line 
1/*
2 * Created on Dec 1, 2004
3 * Copyright (C) Andrea Schweer, 2004
4 *
5 * This file is part of the Greenstone Alerting Service.
6 * Refer to the COPYING file in the base directory of this package
7 * for licensing information.
8 */
9package org.greenstone.gsdlas.users;
10
11import java.sql.*;
12import java.util.Map;
13
14import javax.servlet.http.HttpSession;
15
16import org.greenstone.gsdlas.database.DatabaseManager;
17
18/**
19 * @author andrea
20 *
21 * TODO To change the template for this generated type comment go to
22 * Window - Preferences - Java - Code Style - Code Templates
23 */
24public class UserManager {
25 private static UserManager instance;
26
27 private UserManager() {
28 // hide constructor
29 }
30
31 static public UserManager getInstance() {
32 if (instance == null) {
33 instance = new UserManager();
34 }
35 return instance;
36 }
37
38 /**
39 * @param session
40 * @return
41 */
42 public boolean isLoggedIn(HttpSession session) {
43 if (session.getCreationTime() - session.getLastAccessedTime() > session.getMaxInactiveInterval())
44 return false;
45 return session.getAttribute("username") != null;
46 }
47
48 /**
49 * @param arguments
50 * @param session
51 * @throws PasswordMismatchException
52 * @throws UserManagementException
53 */
54 public void createUser(Map arguments, HttpSession session) throws PasswordMismatchException, UserManagementException {
55 if (!arguments.get("password").equals(arguments.get("password2"))) {
56 throw new PasswordMismatchException("The passwords don't match");
57 }
58 String username = (String) arguments.get("username");
59
60 byte[] password = ((String) arguments.get("password")).getBytes();
61
62 byte[] pwdHash = password;
63// try {
64// pwdHash = MessageDigest.getInstance("MD5").digest(password);
65// } catch (NoSuchAlgorithmException e) {
66// e.printStackTrace();
67// throw new UserManagementException("could not create user", e);
68// }
69
70 try {
71 Connection conn = DatabaseManager.getInstance().getDatabaseConnection();
72 Statement statement = conn.createStatement();
73 statement.executeUpdate("INSERT INTO users (username, password) " +
74 "VALUES ('" + username + "','" + new String(pwdHash) + "')");
75 } catch (Exception e) {
76 e.printStackTrace();
77 throw new UserManagementException("could not create user", e);
78 }
79
80 }
81
82 /**
83 * @param arguments
84 * @param session
85 * @throws UserManagementException
86 */
87 public void loginUser(Map arguments, HttpSession session) throws UserManagementException {
88 String username = (String) arguments.get("username");
89
90 if (isLoggedIn(session) && session.getAttribute("username").equals(username)) {
91 return; // already logged in
92 }
93
94 byte[] password = ((String) arguments.get("password")).getBytes();
95
96 byte[] pwdHash = password;
97 try {
98// pwdHash = MessageDigest.getInstance("MD5").digest(password);
99
100 Connection conn = DatabaseManager.getInstance().getDatabaseConnection();
101 Statement statement = conn.createStatement();
102 ResultSet results = statement.executeQuery("SELECT password " +
103 "FROM users WHERE username like '" + username + "';");
104 String pwdFromDB = "";
105 if(results.next()) {
106 pwdFromDB = results.getString("password");
107 }
108 if (!pwdFromDB.equals(new String(pwdHash))) {
109 throw new PasswordMismatchException("user " + username
110 + " is unknown, or the passwords don't match");
111 }
112 session.setAttribute("username", username);
113 } catch (Exception e) {
114 e.printStackTrace();
115 throw new UserManagementException("could not login user", e);
116 }
117
118 }
119
120
121}
Note: See TracBrowser for help on using the repository browser.