Exemplo n.º 1
0
  /**
   * Initialize the SQL connection if not already done
   *
   * @param pseudo
   * @param password
   */
  public ManageSQLRequest(String pseudo, String password) {
    this.pseudo = pseudo;
    this.password = password;

    // We initialize the connection
    try {
      Class.forName("com.mysql.jdbc.Driver");
      this.conn = DriverManager.getConnection(DB_URL, DB_USER, DB_PASS);
      this.preparedStatement = this.conn.prepareStatement(REQUETE);
    } catch (Exception e) {
      LOGGER.error("Impossible d'initialiser la connexion à la base de donnée", e);
      Loki.setStatus(false);
    }
  }
Exemplo n.º 2
0
  /**
   * Check an user to see if he can connect to the server Only existing user with correct group can
   * login
   *
   * @return the response, send it to the client
   */
  public String checkAuth() {
    String authResult = new String();

    // Get user informations from database
    ResultSet result;
    try {
      this.preparedStatement.setString(1, this.pseudo);
      result = this.preparedStatement.executeQuery();
    } catch (Exception e) {
      authResult = "DATABASE_ERROR";
      LOGGER.error("Impossible de communiquer avec la base de donnée", e);
      Loki.setStatus(false);
      try {
        this.preparedStatement.close();
        this.conn.close();
      } catch (SQLException e1) {
        LOGGER.fatal("Impossible de fermer correctement la connexion avec MySQL", e1);
      }
      return authResult;
    }

    // We split hash and group id
    int groupId;
    String passwordHash;
    try {
      // No user ?
      if (!result.next()) {
        authResult = "BAD_PSEUDO";
        return authResult;
      }

      groupId = result.getInt(1);
      passwordHash = result.getString(2);
      result.close();
    } catch (Exception e) {
      authResult = "UNKNOW_ERROR";
      LOGGER.error("Erreur inconnue durant la vérification du login", e);
      try {
        this.preparedStatement.close();
        this.conn.close();
      } catch (SQLException e1) {
        LOGGER.fatal("Impossible de fermer correctement la connexion avec MySQL", e1);
      }
      return authResult;
    }

    // We check the groupId
    if (!checkGroup(groupId)) {
      authResult = "BAD_GROUP";
      return authResult;
    }

    // We check login
    // The hash use an unsupported algo, must re-login on the forum
    if (!passwordHash.contains("$2a$")) {
      authResult = "PASSWORD_ERROR";
      // We test if the password is correct
    } else if (BCrypt.checkpw(this.password, passwordHash)) {
      authResult = "OK";
    } else {
      authResult = "BAD_PASSWORD";
    }

    try {
      this.preparedStatement.close();
      this.conn.close();
    } catch (SQLException e) {
      LOGGER.fatal("Impossible de fermer correctement la connexion avec MySQL", e);
    }

    return authResult;
  }