@RequestMapping(value = "/submitLogin", method = RequestMethod.POST)
public View submitLogin(
@Valid LoginForm loginForm, BindingResult bindingResult, HttpServletRequest request) {
forumSession.setLoginForm(null);
if (!request.getScheme().equals("https")) {
throw new HttpReturnCode404NotFound();
}
if (!bindingResult.hasErrors()) {
User user = getUser(loginForm);
if (user.isRegistered()) {
forumSession.setCurrentUser(user);
if (loginForm.isFromLoginPage()) {
return new RedirectView(forumSession.getLoginRedirectURL());
} else {
return new RedirectView(request.getHeader("Referer"));
}
}
}
if (!loginForm.isFromLoginPage()) {
forumSession.setLoginRedirectURL(request.getHeader("Referer"));
}
loginForm.setPassword(null);
forumSession.setLoginForm(loginForm);
return new RedirectView("/login", true);
}
public User getUser(LoginForm loginForm) {
User user = userRepository.findByUsername(loginForm.getUsername());
user.setRole(permissions.getRole(user.getRoleId()));
if (user != null) {
if (!user.getPassword().equals(loginForm.getPassword())) {
user = SessionData.UNREGISTERED_USER;
}
} else if (!loginForm.getUsername().equals("root")) {
user = SessionData.UNREGISTERED_USER;
} else if (loginForm.getPassword().equals(forumProperties.rootPassword)) {
user = SessionData.ROOT_USER;
}
return user;
}