public static Token generateToken( String email, String password, String ip_address, String user_agent) { Token token = new Token(); // Check if email and password match DBConnection dbc = new DBConnection(); PreparedStatement stmt = dbc.getDBStmt(); Connection conn = dbc.getConn(); try { String sql = "SELECT * FROM user " + "WHERE email = ? AND password = MD5(?)"; stmt = conn.prepareStatement(sql); stmt.setString(1, email); stmt.setString(2, password); ResultSet rs = stmt.executeQuery(); if (rs.next()) { int user_id = rs.getInt("id_user"); token.access_token = getRandomToken(); java.util.Date dt = new java.util.Date(); java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); String currentTime = sdf.format(dt); Calendar c = Calendar.getInstance(); c.setTime(sdf.parse(currentTime)); c.add(Calendar.DATE, 2); dt.setTime(dt.getTime() + (2 * 24 * 3600 * 1000)); // 2 hari String cookieExpire = "expires=" + dt.toGMTString(); token.expire = cookieExpire; System.out.println("expired on: " + token.expire); while (!(isTokenUnique(token))) { token.access_token = getRandomToken(); } sql = "DELETE FROM token WHERE id_user = ? AND IP_Address = ? AND user_agent = ?"; stmt = conn.prepareStatement(sql); stmt.setInt(1, user_id); stmt.setString(2, ip_address); stmt.setString(3, user_agent); stmt.executeUpdate(); sql = "INSERT INTO token(access_token,id_user,timestamp,IP_Address,user_agent) " + "VALUES(?,?,?,?,?);"; stmt = conn.prepareStatement(sql); stmt.setString(1, token.access_token); stmt.setInt(2, user_id); stmt.setString(3, currentTime); stmt.setString(4, ip_address); stmt.setString(5, user_agent); stmt.executeUpdate(); } stmt.close(); conn.close(); } catch (SQLException se) { // Handle errors for JDBC se.printStackTrace(); } catch (Exception e) { // Handle errors for Class.forName e.printStackTrace(); } finally { try { if (stmt != null) stmt.close(); } catch (SQLException se2) { } try { if (conn != null) conn.close(); } catch (SQLException se) { se.printStackTrace(); } } return token; }
public static Token generateToken(String access_token) { Token token = new Token(); // Check if email and password match DBConnection dbc = new DBConnection(); PreparedStatement stmt = dbc.getDBStmt(); Connection conn = dbc.getConn(); String[] token_data = access_token.split("#"); String token_code = token_data[0]; String user_agent = token_data[1]; String ip_address = token_data[2]; try { String sql = "SELECT * FROM token " + "WHERE access_token = ? AND IP_Address = ? AND user_agent = ?"; stmt = conn.prepareStatement(sql); stmt.setString(1, token_code); stmt.setString(2, ip_address); stmt.setString(3, user_agent); System.out.println(stmt); ResultSet rs = stmt.executeQuery(); if (rs.next()) { int user_id = rs.getInt("id_user"); token.access_token = getRandomToken(); java.util.Date dt = new java.util.Date(); java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat("yyyy-MM-dd HH:mm:ss"); String currentTime = sdf.format(dt); Calendar c = Calendar.getInstance(); c.setTime(sdf.parse(currentTime)); c.add(Calendar.DATE, 2); dt.setTime(dt.getTime() + (2 * 60 * 1000)); // 2 hari String cookieExpire = "expires=" + dt.toGMTString(); token.expire = cookieExpire; System.out.println(token.expire); while (!(isTokenUnique(token))) { token = generateToken(access_token); } sql = "UPDATE token SET access_token = ?, timestamp = ? WHERE access_token = ?"; stmt = conn.prepareStatement(sql); stmt.setString(1, token.access_token); stmt.setString(2, currentTime); stmt.setString(3, token_code); stmt.executeUpdate(); System.out.println("OK"); } stmt.close(); conn.close(); } catch (SQLException se) { // Handle errors for JDBC se.printStackTrace(); } catch (Exception e) { // Handle errors for Class.forName e.printStackTrace(); } finally { try { if (stmt != null) stmt.close(); } catch (SQLException se2) { } try { if (conn != null) conn.close(); } catch (SQLException se) { se.printStackTrace(); } } return token; }