Example 1 with UserSessionDAO
use of net.jforum.dao.UserSessionDAO in project jforum2 by rafaelsteil.
the class UserAction method validateLogin.
public void validateLogin() {
String password;
String username;
if (parseBasicAuthentication()) {
username = (String) this.request.getAttribute("username");
password = (String) this.request.getAttribute("password");
} else {
username = this.request.getParameter("username");
password = this.request.getParameter("password");
}
boolean validInfo = false;
if (password.length() > 0) {
User user = this.validateLogin(username, password);
if (user != null) {
// Note: here we only want to set the redirect location if it hasn't already been
// set. This will give the LoginAuthenticator a chance to set the redirect location.
this.buildSucessfulLoginRedirect();
SessionFacade.makeLogged();
String sessionId = SessionFacade.isUserInSession(user.getId());
UserSession userSession = new UserSession(SessionFacade.getUserSession());
// Remove the "guest" session
SessionFacade.remove(userSession.getSessionId());
userSession.dataToUser(user);
UserSession currentUs = SessionFacade.getUserSession(sessionId);
// Check if the user is returning to the system
// before its last session has expired ( hypothesis )
UserSession tmpUs;
if (sessionId != null && currentUs != null) {
// Write its old session data
SessionFacade.storeSessionData(sessionId, JForumExecutionContext.getConnection());
tmpUs = new UserSession(currentUs);
SessionFacade.remove(sessionId);
} else {
UserSessionDAO sm = DataAccessDriver.getInstance().newUserSessionDAO();
tmpUs = sm.selectById(userSession, JForumExecutionContext.getConnection());
}
I18n.load(user.getLang());
// Autologin
if (this.request.getParameter("autologin") != null && SystemGlobals.getBoolValue(ConfigKeys.AUTO_LOGIN_ENABLED)) {
userSession.setAutoLogin(true);
// Generate the user-specific hash
String systemHash = MD5.crypt(SystemGlobals.getValue(ConfigKeys.USER_HASH_SEQUENCE) + user.getId());
String userHash = MD5.crypt(System.currentTimeMillis() + systemHash);
// Persist the user hash
UserDAO dao = DataAccessDriver.getInstance().newUserDAO();
dao.saveUserAuthHash(user.getId(), userHash);
systemHash = MD5.crypt(userHash);
ControllerUtils.addCookie(SystemGlobals.getValue(ConfigKeys.COOKIE_AUTO_LOGIN), "1");
ControllerUtils.addCookie(SystemGlobals.getValue(ConfigKeys.COOKIE_USER_HASH), systemHash);
} else {
// Remove cookies for safety
ControllerUtils.addCookie(SystemGlobals.getValue(ConfigKeys.COOKIE_USER_HASH), null);
ControllerUtils.addCookie(SystemGlobals.getValue(ConfigKeys.COOKIE_AUTO_LOGIN), null);
}
if (tmpUs == null) {
userSession.setLastVisit(new Date(System.currentTimeMillis()));
} else {
// Update last visit and session start time
userSession.setLastVisit(new Date(tmpUs.getStartTime().getTime() + tmpUs.getSessionTime()));
}
SessionFacade.add(userSession);
SessionFacade.setAttribute(ConfigKeys.TOPICS_READ_TIME, new HashMap());
ControllerUtils.addCookie(SystemGlobals.getValue(ConfigKeys.COOKIE_NAME_DATA), Integer.toString(user.getId()));
SecurityRepository.load(user.getId(), true);
validInfo = true;
}
}
// Invalid login
if (!validInfo) {
this.context.put("invalidLogin", "1");
this.setTemplateName(TemplateKeys.USER_VALIDATE_LOGIN);
if (this.request.getParameter("returnPath") != null) {
this.context.put("returnPath", this.request.getParameter("returnPath"));
}
} else if (this.request.getParameter("returnPath") != null) {
JForumExecutionContext.setRedirect(this.request.getParameter("returnPath"));
}
}
Also used :
User(net.jforum.entities.User)
UserDAO(net.jforum.dao.UserDAO)
HashMap(java.util.HashMap)
UserSession(net.jforum.entities.UserSession)
UserSessionDAO(net.jforum.dao.UserSessionDAO)
Date(java.util.Date)
Example 2 with UserSessionDAO
use of net.jforum.dao.UserSessionDAO in project jforum2 by rafaelsteil.
the class ControllerUtils method configureUserSession.
/**
* Setup optios and values for the user's session if authentication was ok.
*
* @param userSession The UserSession instance of the user
* @param user The User instance of the authenticated user
*/
protected void configureUserSession(UserSession userSession, User user) {
userSession.dataToUser(user);
// As an user may come back to the forum before its
// last visit's session expires, we should check for
// existent user information and then, if found, store
// it to the database before getting his information back.
String sessionId = SessionFacade.isUserInSession(user.getId());
UserSession tmpUs;
if (sessionId != null) {
SessionFacade.storeSessionData(sessionId, JForumExecutionContext.getConnection());
tmpUs = SessionFacade.getUserSession(sessionId);
SessionFacade.remove(sessionId);
} else {
UserSessionDAO sm = DataAccessDriver.getInstance().newUserSessionDAO();
tmpUs = sm.selectById(userSession, JForumExecutionContext.getConnection());
}
if (tmpUs == null) {
userSession.setLastVisit(new Date(System.currentTimeMillis()));
} else {
// Update last visit and session start time
userSession.setLastVisit(new Date(tmpUs.getStartTime().getTime() + tmpUs.getSessionTime()));
}
// If the execution point gets here, then the user
// has chosen "autoLogin"
userSession.setAutoLogin(true);
SessionFacade.makeLogged();
I18n.load(user.getLang());
}
Also used :
UserSession(net.jforum.entities.UserSession)
UserSessionDAO(net.jforum.dao.UserSessionDAO)
Date(java.util.Date)
Aggregations
Date (java.util.Date)2
UserSessionDAO (net.jforum.dao.UserSessionDAO)2
UserSession (net.jforum.entities.UserSession)2
HashMap (java.util.HashMap)1
UserDAO (net.jforum.dao.UserDAO)1
User (net.jforum.entities.User)1
