/* * Juick * Copyright (C) 2008-2011, Ugnich Anton * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License as * published by the Free Software Foundation, either version 3 of the * License, or (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see . */ package com.juick.www; import org.springframework.jdbc.core.JdbcTemplate; import java.io.IOException; import java.io.PrintWriter; import javax.servlet.ServletException; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; /** * * @author Ugnich Anton */ public class Login { protected void doGetLoginForm(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { com.juick.User visitor = Utils.getVisitorUser(sql, request, response); if (visitor.getUid() > 0) { Utils.sendTemporaryRedirect(response, "/"); return; } response.setContentType("text/html; charset=UTF-8"); try (PrintWriter out = response.getWriter()) { out.println(""); out.println(""); out.println(""); out.println("Juick"); out.println(""); out.println(""); out.println(""); out.println(""); out.println(""); out.println(""); out.println("
juick.com © 2008-2014   Контакты · Помощь
"); out.println("
"); out.println(" Зарегистрироваться:"); out.println(" "); out.println(" "); out.println("
XMPP"); out.println("
Отправьте LOGIN на juick@juick.com
"); out.println("
"); out.println("
"); out.println("
Уже зарегистрированы?"); out.println("
"); out.println(""); out.println(""); out.println(""); out.println("
"); out.println("
"); out.println(""); out.println(""); } } protected void doGetLogin(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String hash = request.getQueryString(); if (hash.length() > 32) { response.sendError(HttpServletResponse.SC_BAD_REQUEST); return; } if (com.juick.server.UserQueries.getUIDbyHash(sql, hash) > 0) { Cookie c = new Cookie("hash", hash); c.setMaxAge(365 * 24 * 60 * 60); response.addCookie(c); response.sendRedirect("/"); } else { response.sendError(HttpServletResponse.SC_FORBIDDEN); } } protected void doPostLogin(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String username = request.getParameter("username"); String password = request.getParameter("password"); if (username == null || password == null || username.length() > 32 || password.isEmpty()) { response.sendError(HttpServletResponse.SC_BAD_REQUEST); return; } int uid = com.juick.server.UserQueries.checkPassword(sql, username, password); if (uid > 0) { String hash = com.juick.server.UserQueries.getHashByUID(sql, uid); Cookie c = new Cookie("hash", hash); c.setMaxAge(365 * 24 * 60 * 60); response.addCookie(c); String referer = request.getHeader("Referer"); if (referer != null && referer.startsWith("http://juick.com/") && !referer.equals("http://juick.com/login")) { response.sendRedirect(referer); } else { response.sendRedirect("/"); } } else { response.sendError(HttpServletResponse.SC_FORBIDDEN); } } protected void doGetLogout(JdbcTemplate sql, HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { com.juick.User visitor = Utils.getVisitorUser(sql, request, response); if (visitor.getUid() > 0) { sql.update("DELETE FROM logins WHERE user_id=?", visitor.getUid()); } Cookie c = new Cookie("hash", "-"); c.setDomain(".juick.com"); c.setMaxAge(0); response.addCookie(c); Cookie c2 = new Cookie("hash", "-"); c2.setMaxAge(0); response.addCookie(c2); response.sendRedirect("/"); } }