public static void authenticate(String username, String password) { Logger.info("Attempting to authenticate with " + username + ":" + password); Admin admin = Admin.findByUsername(username); if ((admin != null) && (admin.checkPassword(password) == true)) { Logger.info("Successfull authentication of " + admin.username); /** * wanted to put an extra value in session - logged_in_adminid to distinguish an admin, as a * user could be logged in and type the route for admin URLs and get into the restricted * access areas. By putting a new value in session, it can only be set if an admin is logged * in. */ session.put("logged_in_adminid", admin.id); /** * if login successful, communicate back to AJAX call in adminlogin.js and that will handle * the next screen */ JSONObject obj = new JSONObject(); String value = "correct"; obj.put("inputdata", value); renderJSON(obj); } else { /** * if login unsuccessful, communicate back to AJAX call in adminlogin.js and that will * redisplay login.html with error */ Logger.info("Authentication failed"); JSONObject obj = new JSONObject(); String value = "Error: Incorrect Email/Password entered."; obj.put("inputdata", value); renderJSON(obj); } }