1
2
3
4
5
6
7 package net.sf.mindoro.web;
8
9 import java.util.Date;
10 import java.util.Hashtable;
11 import java.util.Map;
12
13 import javax.servlet.http.HttpServletRequest;
14 import javax.servlet.http.HttpServletResponse;
15
16 import net.sf.mindoro.commons.util.Sha256Util;
17 import net.sf.mindoro.domain.SecurityFacade;
18 import net.sf.mindoro.model.SystemUser;
19
20 import org.springframework.validation.BindException;
21 import org.springframework.validation.Errors;
22 import org.springframework.validation.Validator;
23 import org.springframework.web.servlet.ModelAndView;
24 import org.springframework.web.servlet.mvc.SimpleFormController;
25
26
27 /***
28 * TODO change the description of LoginFormController
29 *
30 * @author aisrael
31 */
32 public final class LoginFormController extends SimpleFormController {
33
34 /***
35 * LoginFormValidator
36 *
37 * @author aisrael
38 */
39 class LoginFormValidator implements Validator {
40
41 /***
42 * (non-Javadoc)
43 *
44 * @see org.springframework.validation.Validator#supports(java.lang.Class)
45 */
46 public boolean supports(final Class c) {
47 return (LoginForm.class == c);
48 }
49
50 /***
51 * (non-Javadoc)
52 *
53 * @see org.springframework.validation.Validator#validate(java.lang.Object,
54 * org.springframework.validation.Errors)
55 */
56 public void validate(final Object o, final Errors errors) {
57 final LoginForm loginForm = (LoginForm) o;
58 if (null == loginForm.getUsername() || loginForm.getUsername().trim().length() == 0) {
59 errors.rejectValue("username", "error.login.usernameRequired");
60 }
61 if (null == loginForm.getPassword() || loginForm.getPassword().trim().length() == 0) {
62 errors.rejectValue("password", "error.login.passwordRequired");
63 }
64 }
65
66 }
67
68 private final LoginFormValidator loginFormValidator = new LoginFormValidator();
69
70 private final SecurityFacade securityFacade;
71
72 /***
73 * @param securityFacade
74 * SecurityFacade
75 */
76 public LoginFormController(final SecurityFacade securityFacade) {
77 setCommandClass(LoginForm.class);
78 setValidateOnBinding(true);
79 setValidator(this.loginFormValidator);
80 this.securityFacade = securityFacade;
81 }
82
83 /***
84 * (non-Javadoc)
85 *
86 * @see org.springframework.web.servlet.mvc.SimpleFormController#onSubmit(javax.servlet.http.HttpServletRequest,
87 * javax.servlet.http.HttpServletResponse, java.lang.Object,
88 * org.springframework.validation.BindException)
89 */
90 protected ModelAndView onSubmit(final HttpServletRequest request, final HttpServletResponse response,
91 final Object command, final BindException errors) throws Exception {
92 final LoginForm loginForm = (LoginForm) command;
93 final ModelAndView result;
94 final SystemUser user = new SystemUser(null, loginForm.getUsername(), Sha256Util.hash(loginForm.getPassword()));
95 if (null != securityFacade.authenticate(user)) {
96 errors.reject("error.login.invalidLogin");
97 result = showForm(request, response, errors);
98 } else {
99 final Map map = new Hashtable();
100 map.put("now", new Date());
101 map.put("loggedInUser", loginForm.getUsername());
102 map.put("properties", WebUtil.getRequestProperties(request));
103 result = new ModelAndView(getSuccessView(), map);
104 }
105 return result;
106 }
107 }