private void handleLogin( HttpServletRequest request, HttpServletResponse response, HttpSession session) throws UnsupportedEncodingException, IOException { Boolean isAuthorized; String username = request.getParameter("login-username"); String password = request.getParameter("login-password"); if (Security.isSafeUsername(username) && Security.isSafePassword(password)) { session.setAttribute(Attribute.IS_SAFE.toString(), true); isAuthorized = DatabaseApi.isAuthorized(username, password); session.setAttribute(Attribute.IS_AUTHORIZED.toString(), isAuthorized); if (isAuthorized) { // Take the user to the projects page. int accountId = DatabaseApi.getAccountId(username); session.setAttribute( Attribute.USERNAME.toString(), DatabaseApi.getAccountUsername(accountId)); session.setAttribute(Attribute.PASSWORD.toString(), password); session.setAttribute(Attribute.EMAIL.toString(), DatabaseApi.getAccountEmail(accountId)); session.setAttribute(Attribute.NAME.toString(), DatabaseApi.getAccountName(accountId)); session.setAttribute(Attribute.IS_FIRST_SIGN_IN.toString(), false); session.removeAttribute( Attribute.IS_SAFE.toString()); // Cleared so as to not interfere with any other form. response.sendRedirect("projects.jsp"); } else { response.sendRedirect("index.jsp"); // Keep the user on the same page. } } else { session.setAttribute(Attribute.IS_SAFE.toString(), false); session.setAttribute(Attribute.IS_AUTHORIZED.toString(), false); response.sendRedirect("index.jsp"); } }
private void handleEditUserNameEmail( HttpServletRequest request, HttpServletResponse response, HttpSession session) throws UnsupportedEncodingException, IOException { String username = (String) session.getAttribute(Attribute.USERNAME.toString()); String newName = request.getParameter("new-name"); String newEmail = request.getParameter("new-email"); if (Security.isSafeName(newName) && Security.isSafeEmail(newEmail)) { User updateUser = new User(username, "", newName, newEmail, "", ""); Boolean editSuccessfully = DatabaseApi.editAccount(updateUser); session.setAttribute(Attribute.EDIT_NAME_SUCCESSFULLY.toString(), editSuccessfully); session.setAttribute(Attribute.EMAIL.toString(), newEmail); session.setAttribute(Attribute.NAME.toString(), newName); } else { session.setAttribute(Attribute.EDIT_NAME_SUCCESSFULLY.toString(), false); } response.sendRedirect("account.jsp"); }