form eliminado

abdfd63a · Emanuel Lugo · 07bbf7a0 · a87e6390 · abdfd63a · abdfd63a
Commit abdfd63a authored May 13, 2022 by Emanuel Lugo
7 changed files
--- a/src/main/java/com/roshka/proyectofinal/ProtectedResource.java
+++ b/src/main/java/com/roshka/proyectofinal/ProtectedResource.java
@@ -15,16 +15,22 @@ public class ProtectedResource extends HttpServlet {
 			HttpSession session = req.getSession(true);
 			// Does the session indicate this user already logged in?
-			Object done = session.getValue("logon.isDone");
+			Object done = session.getAttribute("logon.isDone");
 			// marker object
 			if (done == null) {
-				// No logon.isDone means he hasn't logged in. // Save the request URL as the true target and redirect to the login page
+				// No se encuentra loggeado // Guardamos donde trato de dirigirse y lo REDIRIGIMOS AL LOGGIN
-				session.putValue("login.target",
+				session.setAttribute("login.target",
-						HttpUtils.getRequestURL(req).toString()); res.sendRedirect(req.getScheme() + "://" + req.getServerName() + ":"
+						HttpUtils.getRequestURL(req).toString());
-							+ req.getServerPort() + "/login.html");
+				res.sendRedirect(req.getScheme() + "://" + req.getServerName() + ":"
+							+ req.getServerPort() + "/login.jsp");
 				return;
 			}
-			// If we get here, the user has logged in and can see the goods
+			// El usuario se loggeo y puede ver el recurso
-			out.println("Unpublished O'Reilly book manuscripts await you!");
+			out.println("PUEDES ACCEDER AL RECURSO - ESTAS LOGGEADO");
 		}
 	 }
\ No newline at end of file
--- a/src/main/java/com/roshka/proyectofinal/entity/LoginBean.java
+++ b/src/main/java/com/roshka/proyectofinal/entity/LoginBean.java
@@ -3,6 +3,7 @@ package com.roshka.proyectofinal.entity;
 public class LoginBean {
    private String username;
    private String password;
+    private String correo;
    public String getUsername() {
        return username;
@@ -19,4 +20,12 @@ public class LoginBean {
    public void setPassword(String password) {
        this.password = password;
    }
+    public void setCorreo(String correo) {
+        this.correo = correo;
+    }
+    public String getCorreo() {
+        return correo;
+    }
 }
--- a/src/main/java/com/roshka/proyectofinal/entity/Usuario.java
+++ b/src/main/java/com/roshka/proyectofinal/entity/Usuario.java
@@ -4,6 +4,7 @@ public class Usuario {
    private int id;
    private String nombre,apellido,correo,contrasena;
    public Usuario() {
    }

--- a/src/main/java/com/roshka/proyectofinal/login/LoginDao.java
+++ b/src/main/java/com/roshka/proyectofinal/login/LoginDao.java
@@ -6,27 +6,27 @@ import com.roshka.proyectofinal.entity.LoginBean;
 import java.sql.Connection;
 import java.sql.PreparedStatement;
+import java.sql.ResultSet;
 public class LoginDao {
    public boolean validate (LoginBean loginBean) {
-        int status = 0;
+        boolean status = false;
        try {
            Connection con = DataBase.getConnection();
            PreparedStatement ps=con.prepareStatement(
-                    "select * from usuarios where username=? and password = ?");
+                    "select * from usuario where correo=? and contrasena = ?");
-            ps.setString(1,loginBean.getUsername());
+            ps.setString(1,loginBean.getCorreo());
            ps.setString(2, loginBean.getPassword());
-            status=ps.executeUpdate();
+            ResultSet rs = ps.executeQuery();
+            status = rs.next();
            con.close();
        } catch (Exception ex) {
            ex.printStackTrace();
        }
-        if (status > 0) return true ;
+            return status ;
-        else return false ;
    }

--- a/src/main/java/com/roshka/proyectofinal/login/LoginServlet.java
+++ b/src/main/java/com/roshka/proyectofinal/login/LoginServlet.java
@@ -2,6 +2,9 @@ package com.roshka.proyectofinal.login;
 import java.io.IOException;
+import java.io.PrintWriter;
+import java.security.NoSuchAlgorithmException;
 import jakarta.servlet.ServletException;
 import jakarta.servlet.annotation.WebServlet;
 import jakarta.servlet.http.HttpServlet;
@@ -9,6 +12,11 @@ import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
 import com.roshka.proyectofinal.entity.LoginBean;
+import com.roshka.proyectofinal.login.md5JavaHash;
+import jakarta.servlet.http.HttpSession;
+import static java.lang.System.out;
 /**
 * Servlet implementation class LoginServlet
@@ -38,24 +46,58 @@ public class LoginServlet extends HttpServlet {
     */
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        LoginDao loginDao = new LoginDao();
+        md5JavaHash passEncrip = new md5JavaHash();
+        String passwordMD5 = "";
+        PrintWriter out = response.getWriter();
        String username = request.getParameter("username");
+        String correo = request.getParameter("correo");
        String password = request.getParameter("password");
        LoginBean loginBean = new LoginBean();
        loginBean.setUsername(username);
-        loginBean.setPassword(password);
+        try {
+            passwordMD5 = passEncrip.getHashPass(password);
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        }
+        out.println(passwordMD5);
+        loginBean.setPassword(passwordMD5);
+        loginBean.setCorreo(correo);
+        out.println("EL pass encriptado es: " +passwordMD5);
        if (loginDao.validate(loginBean))
        {
-            response.sendRedirect("loginSuccess.jsp");
+                HttpSession session = request.getSession(true); //incluir nota de sesion valida
+                session.setAttribute("logon.isDone", username);
-        }
-        else {
-            //HttpSession session = request.getSession();
-            response.sendRedirect("login.jsp");
-        }
+                // Tratar de re-dirigir a la pagina que el usuario quiso acceder
+                try {
+                    String target = (String) session.getAttribute("login.target");
+                    response.sendRedirect("loginSuccess.jsp");
+                    if (target != null)
+                        response.sendRedirect(target);
+                    return;
+                }
+                catch (Exception ignored) { }
+                // Si no es posible redireccionar a la pagina solicitada, llevar a la main page
+                //response.sendRedirect(request.getScheme() + "://" +
+                       // request.getServerName() + ":" + request.getServerPort());
+                System.out.println("redirigir al index.html");
+        } else {
+            //si no es un user valido - mandar error y redireccionar al inicio de sesion
+            out.println("<p> You may want to <a href='/login.jsp'> try again </a> </p>");
+//            request.getRequestDispatcher("login.jsp").include(request, response);
+//            response.sendRedirect("login.jsp");
+            }
    }
-}
\ No newline at end of file
+}
--- a/src/main/java/com/roshka/proyectofinal/login/md5JavaHash.java
+++ b/src/main/java/com/roshka/proyectofinal/login/md5JavaHash.java
+package com.roshka.proyectofinal.login;
+import java.security.*;
+public class md5JavaHash {
+    private String hashpass="";
+    public String getHashPass(String password) throws
+            NoSuchAlgorithmException{
+        String plainText = password;
+        MessageDigest mdAlgorithm = MessageDigest.getInstance("MD5");
+        mdAlgorithm.update(plainText.getBytes());
+        byte[] digest = mdAlgorithm.digest();
+        StringBuffer hexString = new StringBuffer();
+        for (int i = 0; i < digest.length; i++) {
+            plainText = Integer.toHexString(0xFF & digest[i]);
+            if (plainText.length() < 2) {
+                plainText = "0" + plainText;
+            }
+            hexString.append(plainText);
+        }
+        hashpass = hexString.toString();
+        return hashpass;
+    }
+}
--- a/src/main/webapp/login.jsp
+++ b/src/main/webapp/login.jsp
@@ -8,11 +8,11 @@
    <div align=" center">
    <h1>User Login Form</h1>
    <form action="login" method="post">
-        <table>
+        <table align = "center">
-            <tr><td>User Name:</td> <td><input type="text" name = "username"></td></tr>
+            <tr><td>Correo:</td> <td><input type="text" name = "correo"></td></tr>
            <tr><td>Password:</td><td><input type="password" name="password"></td></tr>
-            <tr><td><input type="submit" value="Login"/></td></tr>
+            <tr><td><input type="submit" value="Login"/></td></tr>
        </table>
    </form>    
    </div>