public JSONObject loginUser(
      HttpServletRequest request, HttpServletResponse response, JSONRPC2Request jsonReq)
      throws Exception {
    // define new json for the result
    JSONObject jsonLogin = new JSONObject();
    // get user info
    Map<String, Object> params = jsonReq.getNamedParams();
    NamedParamsRetriever np = new NamedParamsRetriever(params);

    String password = PassEncript.PassHash(np.getString("password"));
    System.out.println("input pass " + password);

    String email = np.getString("email");

    // establish connection

    MySQLDAO dao = new MySQLDAO();

    // get user by email
    User u = new User();
    u = dao.loadUser(email);

    if (!(u.getEmail().equals(email))) {
      throw new Exception("incorrect email");
    } else {
      // check if password is correct
      if (u.getPassword().equals(password)) {
        // create sesssion and cookies
        HttpSession session = request.getSession();
        session.setAttribute("pass", TimeEncrpyt.TimeHash());
        System.out.println("session pass: "******"pass").toString());
        session.setAttribute("user", email);
        System.out.println("session user: "******"user").toString());
        session.setMaxInactiveInterval(30 * 60);
        Cookie pass = new Cookie("pass", TimeEncrpyt.TimeHash());
        System.out.println("cookie pass: "******"user", u.toJSONObject());
        return jsonLogin;
      } else {
        throw new Exception("password missmatch");
      }
    }
  }
  public JSONObject logoutUser(HttpServletRequest request) {
    // get session time stamp
    HttpSession session = request.getSession();
    String sessionPass = (String) session.getAttribute("pass");
    // get cookies
    Cookie[] cookies = request.getCookies();
    // search cookies for match and delete cookie if found
    if (cookies != null) {
      for (Cookie cookie : cookies) {
        if (cookie.getValue().equals(sessionPass)) {
          cookie.setMaxAge(0);
        }
      }
    }
    // invalidate session
    request.getSession().invalidate();

    // send result

    User u = getCurrentUser(request);
    JSONObject jsonLogout = new JSONObject();
    jsonLogout.put("user", u.toJSONObject());
    return jsonLogout;
  }
  public JSONObject registerUser(JSONRPC2Request request, JSONRPC2Response response)
      throws Exception {

    @SuppressWarnings("unused")
    JSONRPC2ParamsType paramsType = request.getParamsType();
    Map<String, Object> params = request.getNamedParams();
    NamedParamsRetriever np = new NamedParamsRetriever(params);
    JSONObject jsonRegistration = new JSONObject();
    // create new user
    User u = new User();

    // set params
    u.setName(np.getString("name"));
    u.setEmail(np.getString("email"));
    u.setPassword(PassEncript.PassHash(np.getString("password")));

    // add user
    MySQLDAO dao = new MySQLDAO();
    dao.insertUser(u);

    jsonRegistration.put("user", u.toJSONObject());

    return jsonRegistration;
  }