X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FGigi.java;h=6ca25d7d9e49a373f20ce38b6de866dd71f9e6d3;hb=e11f39ada6c4a32e6cd77a47bb876666a2918db9;hp=29ed65c4a829b3ed275327303eb6dfec9ab4600f;hpb=d0b9305527ebb160decee391df1d189988b09655;p=gigi.git diff --git a/src/org/cacert/gigi/Gigi.java b/src/org/cacert/gigi/Gigi.java index 29ed65c4..6ca25d7d 100644 --- a/src/org/cacert/gigi/Gigi.java +++ b/src/org/cacert/gigi/Gigi.java @@ -22,6 +22,7 @@ import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.pages.LoginPage; import org.cacert.gigi.pages.MainPage; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.pages.main.RegisterPage; import org.cacert.gigi.util.PasswordHash; import org.eclipse.jetty.util.log.Log; @@ -36,6 +37,7 @@ public class Gigi extends HttpServlet { public void init() throws ServletException { pages.put("/login", new LoginPage("CACert - Login")); pages.put("/", new MainPage("CACert - Home")); + pages.put(RegisterPage.PATH, new RegisterPage()); String templ = ""; try { BufferedReader reader = new BufferedReader(new InputStreamReader( @@ -57,14 +59,14 @@ public class Gigi extends HttpServlet { throws ServletException, IOException { X509Certificate[] cert = (X509Certificate[]) req .getAttribute("javax.servlet.request.X509Certificate"); - HttpSession hs = req.getSession(false); - if (hs == null || !((Boolean) hs.getAttribute(LOGGEDIN))) { + HttpSession hs = req.getSession(); + if (hs.getAttribute(LOGGEDIN) == null) { if (cert != null) { tryAuthWithCertificate(req, cert[0]); - hs = req.getSession(false); + hs = req.getSession(); } } - if (hs != null && ((Boolean) hs.getAttribute("loggedin")) + if (hs.getAttribute("loggedin") != null && req.getPathInfo().equals("/login")) { resp.sendRedirect("/"); return; @@ -77,14 +79,14 @@ public class Gigi extends HttpServlet { } if (req.getPathInfo() != null && req.getPathInfo().equals("/logout")) { if (hs != null) { - hs.setAttribute(LOGGEDIN, false); + hs.setAttribute(LOGGEDIN, null); hs.invalidate(); } resp.sendRedirect("/"); return; } - if ((hs == null || !((Boolean) hs.getAttribute("loggedin"))) + if (hs.getAttribute("loggedin") == null && !"/login".equals(req.getPathInfo())) { System.out.println(req.getPathInfo()); resp.sendRedirect("/login"); @@ -94,9 +96,17 @@ public class Gigi extends HttpServlet { String b0 = baseTemplate[0]; Page p = pages.get(req.getPathInfo()); b0 = makeDynTempl(b0, p); - resp.setContentType("text/html"); + resp.setContentType("text/html; charset=utf-8"); resp.getWriter().print(b0); - p.doGet(req, resp); + if (hs != null && hs.getAttribute(LOGGEDIN) != null) { + resp.getWriter().println( + "Hi " + ((User) hs.getAttribute(USER)).getFname()); + } + if (req.getMethod().equals("POST")) { + p.doPost(req, resp); + } else { + p.doGet(req, resp); + } String b1 = baseTemplate[1]; b1 = makeDynTempl(b1, p); resp.getWriter().print(b1); @@ -105,7 +115,6 @@ public class Gigi extends HttpServlet { } } - private String makeDynTempl(String in, Page p) { int year = Calendar.getInstance().get(Calendar.YEAR); in = in.replaceAll("\\$title\\$", p.getTitle()); @@ -134,8 +143,24 @@ public class Gigi extends HttpServlet { } private void tryAuthWithCertificate(HttpServletRequest req, X509Certificate x509Certificate) { - // TODO ckeck if certificate is valid - HttpSession hs = req.getSession(); - hs.setAttribute(LOGGEDIN, true); + String serial = x509Certificate.getSerialNumber().toString(16) + .toUpperCase(); + try { + PreparedStatement ps = DatabaseConnection + .getInstance() + .prepare( + "SELECT `memid` FROM `emailcerts` WHERE `serial`=? AND `disablelogin`='0' AND `revoked` = " + + "'0000-00-00 00:00:00'"); + ps.setString(1, serial); + ResultSet rs = ps.executeQuery(); + if (rs.next()) { + HttpSession hs = req.getSession(); + hs.setAttribute(LOGGEDIN, true); + hs.setAttribute(USER, new User(rs.getInt(1))); + } + rs.close(); + } catch (SQLException e) { + e.printStackTrace(); + } } }