diff --git a/src/main/java/com/roshka/proyectofinal/ProtectedResource.java b/src/main/java/com/roshka/proyectofinal/ProtectedResource.java
index 9c45921..eab9085 100644
--- a/src/main/java/com/roshka/proyectofinal/ProtectedResource.java
+++ b/src/main/java/com/roshka/proyectofinal/ProtectedResource.java
@@ -15,16 +15,22 @@ public class ProtectedResource extends HttpServlet {
HttpSession session = req.getSession(true);
// Does the session indicate this user already logged in?
- Object done = session.getValue("logon.isDone");
+ Object done = session.getAttribute("logon.isDone");
// marker object
if (done == null) {
- // No logon.isDone means he hasn't logged in. // Save the request URL as the true target and redirect to the login page
- session.putValue("login.target",
- HttpUtils.getRequestURL(req).toString()); res.sendRedirect(req.getScheme() + "://" + req.getServerName() + ":"
- + req.getServerPort() + "/login.html");
+ // No se encuentra loggeado // Guardamos donde trato de dirigirse y lo REDIRIGIMOS AL LOGGIN
+ session.setAttribute("login.target",
+ HttpUtils.getRequestURL(req).toString());
+ res.sendRedirect(req.getScheme() + "://" + req.getServerName() + ":"
+ + req.getServerPort() + "/login.jsp");
return;
}
- // If we get here, the user has logged in and can see the goods
- out.println("Unpublished O'Reilly book manuscripts await you!");
+ // El usuario se loggeo y puede ver el recurso
+ out.println("PUEDES ACCEDER AL RECURSO - ESTAS LOGGEADO");
+
+
+
+
+
}
}
\ No newline at end of file
diff --git a/src/main/java/com/roshka/proyectofinal/entity/LoginBean.java b/src/main/java/com/roshka/proyectofinal/entity/LoginBean.java
index 9b2ad7e..21a9de6 100644
--- a/src/main/java/com/roshka/proyectofinal/entity/LoginBean.java
+++ b/src/main/java/com/roshka/proyectofinal/entity/LoginBean.java
@@ -3,6 +3,7 @@ package com.roshka.proyectofinal.entity;
public class LoginBean {
private String username;
private String password;
+ private String correo;
public String getUsername() {
return username;
@@ -19,4 +20,12 @@ public class LoginBean {
public void setPassword(String password) {
this.password = password;
}
+
+ public void setCorreo(String correo) {
+ this.correo = correo;
+ }
+
+ public String getCorreo() {
+ return correo;
+ }
}
diff --git a/src/main/java/com/roshka/proyectofinal/entity/Usuario.java b/src/main/java/com/roshka/proyectofinal/entity/Usuario.java
index d307639..961768b 100644
--- a/src/main/java/com/roshka/proyectofinal/entity/Usuario.java
+++ b/src/main/java/com/roshka/proyectofinal/entity/Usuario.java
@@ -4,6 +4,7 @@ public class Usuario {
private int id;
private String nombre,apellido,correo,contrasena;
+
public Usuario() {
}
diff --git a/src/main/java/com/roshka/proyectofinal/login/LoginDao.java b/src/main/java/com/roshka/proyectofinal/login/LoginDao.java
index 8ab20f8..3605cbb 100644
--- a/src/main/java/com/roshka/proyectofinal/login/LoginDao.java
+++ b/src/main/java/com/roshka/proyectofinal/login/LoginDao.java
@@ -6,27 +6,27 @@ import com.roshka.proyectofinal.entity.LoginBean;
import java.sql.Connection;
import java.sql.PreparedStatement;
+import java.sql.ResultSet;
public class LoginDao {
public boolean validate (LoginBean loginBean) {
- int status = 0;
+ boolean status = false;
try {
Connection con = DataBase.getConnection();
PreparedStatement ps=con.prepareStatement(
- "select * from usuarios where username=? and password = ?");
- ps.setString(1,loginBean.getUsername());
+ "select * from usuario where correo=? and contrasena = ?");
+ ps.setString(1,loginBean.getCorreo());
ps.setString(2, loginBean.getPassword());
- status=ps.executeUpdate();
-
+ ResultSet rs = ps.executeQuery();
+ status = rs.next();
con.close();
} catch (Exception ex) {
ex.printStackTrace();
}
- if (status > 0) return true ;
- else return false ;
+ return status ;
}
diff --git a/src/main/java/com/roshka/proyectofinal/login/LoginServlet.java b/src/main/java/com/roshka/proyectofinal/login/LoginServlet.java
index c251007..5791d80 100644
--- a/src/main/java/com/roshka/proyectofinal/login/LoginServlet.java
+++ b/src/main/java/com/roshka/proyectofinal/login/LoginServlet.java
@@ -2,6 +2,9 @@ package com.roshka.proyectofinal.login;
import java.io.IOException;
+import java.io.PrintWriter;
+import java.security.NoSuchAlgorithmException;
+
import jakarta.servlet.ServletException;
import jakarta.servlet.annotation.WebServlet;
import jakarta.servlet.http.HttpServlet;
@@ -9,6 +12,11 @@ import jakarta.servlet.http.HttpServletRequest;
import jakarta.servlet.http.HttpServletResponse;
import com.roshka.proyectofinal.entity.LoginBean;
+import com.roshka.proyectofinal.login.md5JavaHash;
+import jakarta.servlet.http.HttpSession;
+
+import static java.lang.System.out;
+
/**
* Servlet implementation class LoginServlet
@@ -38,24 +46,58 @@ public class LoginServlet extends HttpServlet {
*/
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
LoginDao loginDao = new LoginDao();
+ md5JavaHash passEncrip = new md5JavaHash();
+ String passwordMD5 = "";
+ PrintWriter out = response.getWriter();
String username = request.getParameter("username");
+ String correo = request.getParameter("correo");
String password = request.getParameter("password");
LoginBean loginBean = new LoginBean();
loginBean.setUsername(username);
- loginBean.setPassword(password);
+ try {
+ passwordMD5 = passEncrip.getHashPass(password);
+ } catch (NoSuchAlgorithmException e) {
+ e.printStackTrace();
+ }
+ out.println(passwordMD5);
+ loginBean.setPassword(passwordMD5);
+ loginBean.setCorreo(correo);
+ out.println("EL pass encriptado es: " +passwordMD5);
if (loginDao.validate(loginBean))
{
- response.sendRedirect("loginSuccess.jsp");
+ HttpSession session = request.getSession(true); //incluir nota de sesion valida
+ session.setAttribute("logon.isDone", username);
- }
- else {
- //HttpSession session = request.getSession();
- response.sendRedirect("login.jsp");
- }
+
+ // Tratar de re-dirigir a la pagina que el usuario quiso acceder
+ try {
+ String target = (String) session.getAttribute("login.target");
+ response.sendRedirect("loginSuccess.jsp");
+ if (target != null)
+ response.sendRedirect(target);
+ return;
+ }
+ catch (Exception ignored) { }
+
+ // Si no es posible redireccionar a la pagina solicitada, llevar a la main page
+ //response.sendRedirect(request.getScheme() + "://" +
+ // request.getServerName() + ":" + request.getServerPort());
+ System.out.println("redirigir al index.html");
+
+ } else {
+
+ //si no es un user valido - mandar error y redireccionar al inicio de sesion
+
+ out.println(" You may want to try again
");
+// request.getRequestDispatcher("login.jsp").include(request, response);
+// response.sendRedirect("login.jsp");
+ }
}
-}
\ No newline at end of file
+
+
+}
diff --git a/src/main/java/com/roshka/proyectofinal/login/md5JavaHash.java b/src/main/java/com/roshka/proyectofinal/login/md5JavaHash.java
new file mode 100644
index 0000000..b314c66
--- /dev/null
+++ b/src/main/java/com/roshka/proyectofinal/login/md5JavaHash.java
@@ -0,0 +1,34 @@
+package com.roshka.proyectofinal.login;
+import java.security.*;
+
+
+public class md5JavaHash {
+
+ private String hashpass="";
+
+ public String getHashPass(String password) throws
+ NoSuchAlgorithmException{
+
+ String plainText = password;
+ MessageDigest mdAlgorithm = MessageDigest.getInstance("MD5");
+ mdAlgorithm.update(plainText.getBytes());
+
+ byte[] digest = mdAlgorithm.digest();
+ StringBuffer hexString = new StringBuffer();
+
+ for (int i = 0; i < digest.length; i++) {
+ plainText = Integer.toHexString(0xFF & digest[i]);
+
+ if (plainText.length() < 2) {
+ plainText = "0" + plainText;
+ }
+
+ hexString.append(plainText);
+ }
+ hashpass = hexString.toString();
+
+ return hashpass;
+ }
+
+
+}
diff --git a/src/main/webapp/login.jsp b/src/main/webapp/login.jsp
index 1f1dadf..7f1d2ed 100644
--- a/src/main/webapp/login.jsp
+++ b/src/main/webapp/login.jsp
@@ -8,11 +8,11 @@