public static void authenticate(String username, String password) {
Logger.info("Attempting to authenticate with " + username + ":" + password);
Admin admin = Admin.findByUsername(username);
if ((admin != null) && (admin.checkPassword(password) == true)) {
Logger.info("Successfull authentication of " + admin.username);
/**
* wanted to put an extra value in session - logged_in_adminid to distinguish an admin, as a
* user could be logged in and type the route for admin URLs and get into the restricted
* access areas. By putting a new value in session, it can only be set if an admin is logged
* in.
*/
session.put("logged_in_adminid", admin.id);
/**
* if login successful, communicate back to AJAX call in adminlogin.js and that will handle
* the next screen
*/
JSONObject obj = new JSONObject();
String value = "correct";
obj.put("inputdata", value);
renderJSON(obj);
} else {
/**
* if login unsuccessful, communicate back to AJAX call in adminlogin.js and that will
* redisplay login.html with error
*/
Logger.info("Authentication failed");
JSONObject obj = new JSONObject();
String value = "Error: Incorrect Email/Password entered.";
obj.put("inputdata", value);
renderJSON(obj);
}
}
