Untitled

 avatar
unknown
plain_text
5 months ago
3.9 kB
4
Indexable
package it.polimi.TIW.controllers;

import java.io.BufferedReader;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Connection;
import java.sql.SQLException;

import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import org.json.JSONObject;

import it.polimi.TIW.DAO.UserDAO;
import it.polimi.TIW.beans.User;
import it.polimi.TIW.utilities.DBconnection;

@WebServlet("/login")
public class LoginServlet extends HttpServlet {
    private static final long serialVersionUID = 1L;

    public LoginServlet() {
        super();
    }

    protected void doGet(HttpServletRequest request, HttpServletResponse response) 
            throws ServletException, IOException {
        response.sendError(HttpServletResponse.SC_METHOD_NOT_ALLOWED, "GET method not allowed for login");
    }

    protected void doPost(HttpServletRequest request, HttpServletResponse response) 
            throws ServletException, IOException {
        
        request.setCharacterEncoding("UTF-8");
        response.setContentType("application/json;charset=UTF-8");
        PrintWriter out = response.getWriter();
        
        // Leggi il body della richiesta
        StringBuilder sb = new StringBuilder();
        BufferedReader reader = request.getReader();
        String line;
        while ((line = reader.readLine()) != null) {
            sb.append(line);
        }
        
        try {
            // Parse JSON request
            JSONObject reqJson = new JSONObject(sb.toString());
            String username = reqJson.getString("username");
            String password = reqJson.getString("password");
            
            // Risposta JSON
            JSONObject jsonResponse = new JSONObject();
            
            // Verifica credenziali
            try (Connection connection = DBconnection.getConnection()) {
                UserDAO userDAO = new UserDAO(connection);
                User user = userDAO.checkCredentials(username, password);
                
                if (user != null) {
                    // Crea sessione
                    HttpSession session = request.getSession();
                    session.setAttribute("userId", user.getUserId());
                    session.setAttribute("username", user.getUsername());
                    session.setAttribute("role", user.getRole());
                    
                    // Prepara risposta successo
                    jsonResponse.put("status", "success");
                    jsonResponse.put("role", user.getRole());
                } else {
                    // Prepara risposta errore credenziali
                    jsonResponse.put("status", "error");
                    jsonResponse.put("message", "Credenziali non valide");
                }
                
                out.print(jsonResponse.toString());
                
            } catch (SQLException e) {
                // Gestione errore database
                response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
                jsonResponse.put("status", "error");
                jsonResponse.put("message", "Errore durante il login");
                out.print(jsonResponse.toString());
                e.printStackTrace();
            }
            
        } catch (Exception e) {
            // Gestione errore parsing JSON
            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
            JSONObject jsonResponse = new JSONObject();
            jsonResponse.put("status", "error");
            jsonResponse.put("message", "Errore nel formato della richiesta");
            out.print(jsonResponse.toString());
            e.printStackTrace();
        } finally {
            out.flush();
        }
    }
}
Editor is loading...
Leave a Comment