private void handleCreateProject( HttpServletRequest request, HttpServletResponse response, HttpSession session, String json) throws IOException { response.setContentType("text/plain"); PrintWriter out = response.getWriter(); int accountId = getAccountIdFromSessionAttributes(session); CreateProjectRequest createProjectRequest = new Gson().fromJson(json, CreateProjectRequest.class); String projectName = createProjectRequest.arguments.project; if (Security.isSafeProjectName(projectName) && Security.isUniqueProjectName(projectName, accountId) && Security.projectFits(DatabaseApi.getNumberOfProjects(accountId))) { session.setAttribute(Attribute.IS_SAFE.toString(), true); String icon = "/olive/images/Ponkan_folder_opened_64.png"; Project project = new Project(projectName, accountId, icon, -1); Boolean added = DatabaseApi.addProject(project); if (!added) { session.setAttribute(Attribute.ADD_SUCCESSFULLY.toString(), false); } else { session.setAttribute(Attribute.ADD_SUCCESSFULLY.toString(), true); session.setAttribute(Attribute.IS_FIRST_SIGN_IN.toString(), false); out.println(createProjectRequest.arguments.project + " created successfully."); } } else { session.setAttribute(Attribute.IS_SAFE.toString(), false); } out.flush(); out.close(); }
private void handleLogin( HttpServletRequest request, HttpServletResponse response, HttpSession session) throws UnsupportedEncodingException, IOException { Boolean isAuthorized; String username = request.getParameter("login-username"); String password = request.getParameter("login-password"); if (Security.isSafeUsername(username) && Security.isSafePassword(password)) { session.setAttribute(Attribute.IS_SAFE.toString(), true); isAuthorized = DatabaseApi.isAuthorized(username, password); session.setAttribute(Attribute.IS_AUTHORIZED.toString(), isAuthorized); if (isAuthorized) { // Take the user to the projects page. int accountId = DatabaseApi.getAccountId(username); session.setAttribute( Attribute.USERNAME.toString(), DatabaseApi.getAccountUsername(accountId)); session.setAttribute(Attribute.PASSWORD.toString(), password); session.setAttribute(Attribute.EMAIL.toString(), DatabaseApi.getAccountEmail(accountId)); session.setAttribute(Attribute.NAME.toString(), DatabaseApi.getAccountName(accountId)); session.setAttribute(Attribute.IS_FIRST_SIGN_IN.toString(), false); session.removeAttribute( Attribute.IS_SAFE.toString()); // Cleared so as to not interfere with any other form. response.sendRedirect("projects.jsp"); } else { response.sendRedirect("index.jsp"); // Keep the user on the same page. } } else { session.setAttribute(Attribute.IS_SAFE.toString(), false); session.setAttribute(Attribute.IS_AUTHORIZED.toString(), false); response.sendRedirect("index.jsp"); } }
private void handleIsFirstSignIn( HttpServletRequest request, HttpServletResponse response, HttpSession session, String json) throws IOException { response.setContentType("application/json; charset=utf-8"); PrintWriter out = response.getWriter(); out.println( new Gson().toJson((Boolean) session.getAttribute(Attribute.IS_FIRST_SIGN_IN.toString()))); out.flush(); out.close(); }
private void handleCreateAccount( HttpServletRequest request, HttpServletResponse response, HttpSession session, String json) throws IOException { CreateAccountRequest createAccountRequest = new Gson().fromJson(json, CreateAccountRequest.class); response.setContentType("text/plain"); PrintWriter out = response.getWriter(); String username = createAccountRequest.arguments.username; String email = createAccountRequest.arguments.email; String password = createAccountRequest.arguments.password; String confirmPassword = createAccountRequest.arguments.confirmPassword; String name = "Enter your name"; if (Security.isSafeUsername(username) && Security.isSafeEmail(email) && Security.isSafePassword(password) && Security.isSafePassword(confirmPassword) && password.equals(confirmPassword) && Security.isSafeName(name)) { // Short-circuitry User newUser = new User(username, password, name, email); boolean addedSuccessfully = DatabaseApi.AddAccount(newUser); if (addedSuccessfully) { session.setAttribute(Attribute.IS_AUTHORIZED.toString(), true); session.setAttribute(Attribute.USERNAME.toString(), username); session.setAttribute(Attribute.EMAIL.toString(), email); session.setAttribute(Attribute.PASSWORD.toString(), password); session.setAttribute(Attribute.IS_FIRST_SIGN_IN.toString(), true); out.println(username + " created successfully."); } else { // TODO Add error message here } } else { response.setStatus(HttpServletResponse.SC_BAD_REQUEST); } out.flush(); out.close(); }