From 1e02ad373c9d81a2cbe050f576a7e44473f5dd6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luc=C3=A0s?= Date: Thu, 21 Mar 2024 14:56:37 +0100 Subject: [PATCH] fix(DevWeb): Correct redirection from login --- .../uppa/project/servlet/LoginServlet.java | 80 -------------- .../servlet/api/auth/AuthLoginServlet.java | 104 ++++++++++++++++++ .../main/webapp/WEB-INF/static/js/login.js | 5 +- .../src/main/webapp/WEB-INF/views/login.jsp | 5 +- 4 files changed, 110 insertions(+), 84 deletions(-) create mode 100644 S2/DevWeb/Projet/src/main/java/uppa/project/servlet/api/auth/AuthLoginServlet.java diff --git a/S2/DevWeb/Projet/src/main/java/uppa/project/servlet/LoginServlet.java b/S2/DevWeb/Projet/src/main/java/uppa/project/servlet/LoginServlet.java index c3c2919..9adf8ed 100644 --- a/S2/DevWeb/Projet/src/main/java/uppa/project/servlet/LoginServlet.java +++ b/S2/DevWeb/Projet/src/main/java/uppa/project/servlet/LoginServlet.java @@ -7,29 +7,16 @@ package uppa.project.servlet; import com.google.gson.Gson; -import com.google.gson.JsonElement; -import com.google.gson.JsonObject; -import com.google.gson.JsonParser; import jakarta.servlet.ServletException; import jakarta.servlet.annotation.WebServlet; import jakarta.servlet.http.HttpServlet; import jakarta.servlet.http.HttpServletRequest; import jakarta.servlet.http.HttpServletResponse; import java.io.IOException; -import java.io.PrintWriter; -import uppa.project.dao.DAO; -import uppa.project.dao.DAOException; -import uppa.project.dao.jpa.Game_JPA_DAO_Factory; -import uppa.project.pojo.json.ErrorResponse; -import uppa.project.pojo.User; -import uppa.project.pojo.json.LoginResponse; -import uppa.project.utils.HttpRequestUtils; @WebServlet(name = "loginServlet", value = "/login") public class LoginServlet extends HttpServlet { - private final Gson gson = new Gson(); - public void init() { } @@ -42,73 +29,6 @@ public class LoginServlet extends HttpServlet { request.getRequestDispatcher("/WEB-INF/views/login.jsp").forward(request, response); } - public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { - response.setContentType("application/json"); - response.setCharacterEncoding("UTF-8"); - PrintWriter out = response.getWriter(); - - // Convert the string to a JSON object - JsonObject jsonBody; - try { - String requestBody = HttpRequestUtils.getRequestBody(request); - jsonBody = JsonParser.parseString(requestBody).getAsJsonObject(); - } catch (Exception e) { - int STATUS = 400; - - ErrorResponse error = new ErrorResponse(STATUS, "Bad Request", "Invalid JSON"); - response.setStatus(STATUS); - out.println(gson.toJson(error)); - return; - } - - // Check if the username and password are present - JsonElement username = jsonBody.get("username"); - JsonElement password = jsonBody.get("password"); - if (username == null || password == null) { - int STATUS = 400; - - ErrorResponse error = new ErrorResponse(STATUS, "Bad Request", "Username and password are required"); - response.setStatus(STATUS); - out.println(gson.toJson(error)); - return; - } - - // Get User from database matching the username and password - User user = LoginServlet.loginUser(username.getAsString(), password.getAsString()); - if (user == null) { - int STATUS = 401; - ErrorResponse error = new ErrorResponse(STATUS, "Unauthorized", "Invalid username or password"); - - response.setStatus(STATUS); - out.println(gson.toJson(error)); - return; - } - - // Set the user in the session - request.getSession().setAttribute("user", user); - - // Return the user as JSON - LoginResponse loginResponse = new LoginResponse(200, user, request.getContextPath() + "/main-menu"); - String json = gson.toJson(loginResponse); - out.println(json); - out.flush(); - } - - private static User loginUser(String username, String password) { - Game_JPA_DAO_Factory factory = new Game_JPA_DAO_Factory(); - try { - DAO userDao = factory.getDAOUser(); - User[] users = userDao.findByField("username", username); - - for (User user : users) { - if (user.verifyPassword(password)) return user; - } - } catch (DAOException e) { - throw new RuntimeException(e); - } - return null; - } - public void destroy() { } } \ No newline at end of file diff --git a/S2/DevWeb/Projet/src/main/java/uppa/project/servlet/api/auth/AuthLoginServlet.java b/S2/DevWeb/Projet/src/main/java/uppa/project/servlet/api/auth/AuthLoginServlet.java new file mode 100644 index 0000000..1264377 --- /dev/null +++ b/S2/DevWeb/Projet/src/main/java/uppa/project/servlet/api/auth/AuthLoginServlet.java @@ -0,0 +1,104 @@ +/* + * LoginServlet.java, 20/03/2024 + * UPPA M1 TI 2023-2024 + * Pas de copyright, aucun droits + */ + +package uppa.project.servlet.api.auth; + +import com.google.gson.Gson; +import com.google.gson.JsonElement; +import com.google.gson.JsonObject; +import com.google.gson.JsonParser; +import jakarta.servlet.annotation.WebServlet; +import jakarta.servlet.http.HttpServlet; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; +import java.io.IOException; +import java.io.PrintWriter; +import uppa.project.dao.DAO; +import uppa.project.dao.DAOException; +import uppa.project.dao.jpa.Game_JPA_DAO_Factory; +import uppa.project.pojo.User; +import uppa.project.pojo.json.ErrorResponse; +import uppa.project.pojo.json.LoginResponse; +import uppa.project.utils.HttpRequestUtils; + +@WebServlet(name = "authLoginServlet", value = "/api/auth/login") +public class AuthLoginServlet extends HttpServlet { + + private final Gson gson = new Gson(); + + public void init() { + } + + public void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException { + response.setContentType("application/json"); + response.setCharacterEncoding("UTF-8"); + PrintWriter out = response.getWriter(); + + // Convert the string to a JSON object + JsonObject jsonBody; + try { + String requestBody = HttpRequestUtils.getRequestBody(request); + jsonBody = JsonParser.parseString(requestBody).getAsJsonObject(); + } catch (Exception e) { + int STATUS = 400; + + ErrorResponse error = new ErrorResponse(STATUS, "Bad Request", "Invalid JSON"); + response.setStatus(STATUS); + out.println(gson.toJson(error)); + return; + } + + // Check if the username and password are present + JsonElement username = jsonBody.get("username"); + JsonElement password = jsonBody.get("password"); + if (username == null || password == null) { + int STATUS = 400; + + ErrorResponse error = new ErrorResponse(STATUS, "Bad Request", "Username and password are required"); + response.setStatus(STATUS); + out.println(gson.toJson(error)); + return; + } + + // Get User from database matching the username and password + User user = AuthLoginServlet.loginUser(username.getAsString(), password.getAsString()); + if (user == null) { + int STATUS = 401; + ErrorResponse error = new ErrorResponse(STATUS, "Unauthorized", "Invalid username or password"); + + response.setStatus(STATUS); + out.println(gson.toJson(error)); + return; + } + + // Set the user in the session + request.getSession().setAttribute("user", user); + + // Return the user as JSON + LoginResponse loginResponse = new LoginResponse(200, user, request.getContextPath() + "/main-menu"); + String json = gson.toJson(loginResponse); + out.println(json); + out.flush(); + } + + private static User loginUser(String username, String password) { + Game_JPA_DAO_Factory factory = new Game_JPA_DAO_Factory(); + try { + DAO userDao = factory.getDAOUser(); + User[] users = userDao.findByField("username", username); + + for (User user : users) { + if (user.verifyPassword(password)) return user; + } + } catch (DAOException e) { + throw new RuntimeException(e); + } + return null; + } + + public void destroy() { + } +} \ No newline at end of file diff --git a/S2/DevWeb/Projet/src/main/webapp/WEB-INF/static/js/login.js b/S2/DevWeb/Projet/src/main/webapp/WEB-INF/static/js/login.js index 1294c34..71db118 100644 --- a/S2/DevWeb/Projet/src/main/webapp/WEB-INF/static/js/login.js +++ b/S2/DevWeb/Projet/src/main/webapp/WEB-INF/static/js/login.js @@ -1,7 +1,8 @@ -const loginForm = document.getElementById("loginForm"); +const loginForm = document.getElementById("login-form"); loginForm.addEventListener("submit", (event) => { event.preventDefault(); + const formData = new FormData(loginForm); const data = {}; formData.forEach((value, key) => data[key] = value); @@ -17,7 +18,7 @@ loginForm.addEventListener("submit", (event) => { .then(res => res.json()) .then(data => { console.log(data); - if (data.status === 200) window.location.href = data.redirect; + // if (data.status === 200) window.location.href = data.redirect; }) .catch(error => console.error("Error:", error)) ; diff --git a/S2/DevWeb/Projet/src/main/webapp/WEB-INF/views/login.jsp b/S2/DevWeb/Projet/src/main/webapp/WEB-INF/views/login.jsp index f75789b..3085814 100644 --- a/S2/DevWeb/Projet/src/main/webapp/WEB-INF/views/login.jsp +++ b/S2/DevWeb/Projet/src/main/webapp/WEB-INF/views/login.jsp @@ -3,7 +3,6 @@ Login - @@ -15,7 +14,7 @@