示例#1
0
  @POST
  @Path("/signout")
  @Produces(MediaType.APPLICATION_JSON)
  @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
  public void signOut(@FormParam("access_token") String access_token) {
    DBConnection dbc = new DBConnection();
    PreparedStatement stmt = dbc.getDBStmt();
    Connection conn = dbc.getConn();
    String[] tokenData = access_token.split("#");
    try {
      String sql = "DELETE FROM token WHERE access_token = ? ";
      stmt = conn.prepareStatement(sql);
      stmt.setString(1, tokenData[0]);
      stmt.executeUpdate();
      stmt.close();
      conn.close();
    } catch (SQLException se) {
      // Handle errors for JDBC
      se.printStackTrace();
    } catch (Exception e) {
      // Handle errors for Class.forName
      e.printStackTrace();
    } finally {
      try {
        if (stmt != null) stmt.close();
      } catch (SQLException se2) {

      }
      try {
        if (conn != null) conn.close();
      } catch (SQLException se) {
        se.printStackTrace();
      }
    }
  }
示例#2
0
  public static boolean isTokenUnique(Token token) {
    boolean unique = true;
    DBConnection dbc = new DBConnection();
    PreparedStatement stmt = dbc.getDBStmt();
    Connection conn = dbc.getConn();
    try {
      String sql = "SELECT access_token FROM token " + "WHERE access_token = ?";
      stmt = conn.prepareStatement(sql);
      stmt.setString(1, token.access_token);
      ResultSet rs = stmt.executeQuery();

      if (rs.next()) {
        unique = false;
      }
      stmt.close();
      conn.close();
    } catch (SQLException se) {
      // Handle errors for JDBC
      se.printStackTrace();
    } catch (Exception e) {
      // Handle errors for Class.forName
      e.printStackTrace();
    } finally {
      try {
        if (stmt != null) stmt.close();
      } catch (SQLException se2) {

      }
      try {
        if (conn != null) conn.close();
      } catch (SQLException se) {
        se.printStackTrace();
      }
    }
    return unique;
  }
示例#3
0
  public static Token generateToken(
      String email, String password, String ip_address, String user_agent) {
    Token token = new Token();
    // Check if email and password match
    DBConnection dbc = new DBConnection();
    PreparedStatement stmt = dbc.getDBStmt();
    Connection conn = dbc.getConn();
    try {
      String sql = "SELECT * FROM user " + "WHERE email = ? AND password = MD5(?)";
      stmt = conn.prepareStatement(sql);
      stmt.setString(1, email);
      stmt.setString(2, password);
      ResultSet rs = stmt.executeQuery();
      if (rs.next()) {
        int user_id = rs.getInt("id_user");
        token.access_token = getRandomToken();

        java.util.Date dt = new java.util.Date();
        java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
        String currentTime = sdf.format(dt);

        Calendar c = Calendar.getInstance();
        c.setTime(sdf.parse(currentTime));
        c.add(Calendar.DATE, 2);

        dt.setTime(dt.getTime() + (2 * 24 * 3600 * 1000)); // 2 hari

        String cookieExpire = "expires=" + dt.toGMTString();
        token.expire = cookieExpire;
        System.out.println("expired on: " + token.expire);
        while (!(isTokenUnique(token))) {
          token.access_token = getRandomToken();
        }

        sql = "DELETE FROM token WHERE id_user = ? AND IP_Address = ? AND user_agent = ?";
        stmt = conn.prepareStatement(sql);
        stmt.setInt(1, user_id);
        stmt.setString(2, ip_address);
        stmt.setString(3, user_agent);
        stmt.executeUpdate();

        sql =
            "INSERT INTO token(access_token,id_user,timestamp,IP_Address,user_agent) "
                + "VALUES(?,?,?,?,?);";
        stmt = conn.prepareStatement(sql);
        stmt.setString(1, token.access_token);
        stmt.setInt(2, user_id);
        stmt.setString(3, currentTime);
        stmt.setString(4, ip_address);
        stmt.setString(5, user_agent);
        stmt.executeUpdate();
      }
      stmt.close();
      conn.close();
    } catch (SQLException se) {
      // Handle errors for JDBC
      se.printStackTrace();
    } catch (Exception e) {
      // Handle errors for Class.forName
      e.printStackTrace();
    } finally {
      try {
        if (stmt != null) stmt.close();
      } catch (SQLException se2) {

      }
      try {
        if (conn != null) conn.close();
      } catch (SQLException se) {
        se.printStackTrace();
      }
    }
    return token;
  }
示例#4
0
  public static Token generateToken(String access_token) {
    Token token = new Token();
    // Check if email and password match
    DBConnection dbc = new DBConnection();
    PreparedStatement stmt = dbc.getDBStmt();
    Connection conn = dbc.getConn();
    String[] token_data = access_token.split("#");
    String token_code = token_data[0];
    String user_agent = token_data[1];
    String ip_address = token_data[2];
    try {
      String sql =
          "SELECT * FROM token " + "WHERE access_token = ? AND IP_Address = ? AND user_agent = ?";
      stmt = conn.prepareStatement(sql);
      stmt.setString(1, token_code);
      stmt.setString(2, ip_address);
      stmt.setString(3, user_agent);
      System.out.println(stmt);
      ResultSet rs = stmt.executeQuery();
      if (rs.next()) {

        int user_id = rs.getInt("id_user");

        token.access_token = getRandomToken();

        java.util.Date dt = new java.util.Date();
        java.text.SimpleDateFormat sdf = new java.text.SimpleDateFormat("yyyy-MM-dd HH:mm:ss");
        String currentTime = sdf.format(dt);

        Calendar c = Calendar.getInstance();
        c.setTime(sdf.parse(currentTime));
        c.add(Calendar.DATE, 2);

        dt.setTime(dt.getTime() + (2 * 60 * 1000)); // 2 hari

        String cookieExpire = "expires=" + dt.toGMTString();
        token.expire = cookieExpire;
        System.out.println(token.expire);
        while (!(isTokenUnique(token))) {
          token = generateToken(access_token);
        }
        sql = "UPDATE token SET access_token = ?, timestamp = ? WHERE access_token = ?";
        stmt = conn.prepareStatement(sql);
        stmt.setString(1, token.access_token);
        stmt.setString(2, currentTime);
        stmt.setString(3, token_code);
        stmt.executeUpdate();
        System.out.println("OK");
      }
      stmt.close();
      conn.close();
    } catch (SQLException se) {
      // Handle errors for JDBC
      se.printStackTrace();
    } catch (Exception e) {
      // Handle errors for Class.forName
      e.printStackTrace();
    } finally {
      try {
        if (stmt != null) stmt.close();
      } catch (SQLException se2) {

      }
      try {
        if (conn != null) conn.close();
      } catch (SQLException se) {
        se.printStackTrace();
      }
    }
    return token;
  }