public User getCurrentUser(HttpServletRequest request) { // get session user HttpSession session = request.getSession(); String userMail = (String) session.getAttribute("user"); try { MySQLDAO dao = new MySQLDAO(); User u = new User(); u = dao.loadUser(userMail); return u; } catch (Exception e) { // TODO: handle exception e.printStackTrace(); } return null; }
public JSONObject loginUser( HttpServletRequest request, HttpServletResponse response, JSONRPC2Request jsonReq) throws Exception { // define new json for the result JSONObject jsonLogin = new JSONObject(); // get user info Map<String, Object> params = jsonReq.getNamedParams(); NamedParamsRetriever np = new NamedParamsRetriever(params); String password = PassEncript.PassHash(np.getString("password")); System.out.println("input pass " + password); String email = np.getString("email"); // establish connection MySQLDAO dao = new MySQLDAO(); // get user by email User u = new User(); u = dao.loadUser(email); if (!(u.getEmail().equals(email))) { throw new Exception("incorrect email"); } else { // check if password is correct if (u.getPassword().equals(password)) { // create sesssion and cookies HttpSession session = request.getSession(); session.setAttribute("pass", TimeEncrpyt.TimeHash()); System.out.println("session pass: "******"pass").toString()); session.setAttribute("user", email); System.out.println("session user: "******"user").toString()); session.setMaxInactiveInterval(30 * 60); Cookie pass = new Cookie("pass", TimeEncrpyt.TimeHash()); System.out.println("cookie pass: "******"user", u.toJSONObject()); return jsonLogin; } else { throw new Exception("password missmatch"); } } }