package net.mindoverflow.comments.webapp.controllers; import net.mindoverflow.comments.utils.SecurityUtil; import net.mindoverflow.comments.webapp.WebServer; import ro.pippo.controller.Controller; import ro.pippo.controller.GET; import ro.pippo.controller.POST; import ro.pippo.controller.Path; import ro.pippo.controller.extractor.Param; import java.util.HashMap; import java.util.Map; @Path("/login") public class LoginController extends Controller { @GET public void getLogin() { getRouteContext().render("login"); } @POST public void handleLogin( @Param("loginbtn") String loginbtn, @Param("username") String username, @Param("password") String password) { Map model = new HashMap<>(); if(username == null || username.isEmpty()) { model.put("message", "Empty username!"); } else if (password == null || password.isEmpty()) { model.put("message", "Empty password!"); } else if(loginbtn != null) { System.out.println(loginbtn); if(!WebServer.userAndPassword.containsKey(username)) { model.put("message", "Unknown user!"); } else { String gottenPass = WebServer.userAndPassword.get(username); if(!gottenPass.equals(password)) { model.put("message", "Wrong password!"); } else { model.put("message", "Valid data!"); // generate JWT String jwt = SecurityUtil.generateJWT("username", username); // set JWT as cookie getResponse().cookie("session", jwt, SecurityUtil.JWT_EXPIRY_MINUTES * 60 /* in seconds */); // store JWT in RAM WebServer.jwtAndUser.put(jwt, username); } } } System.out.println("User: " + username); System.out.println("Pass: " + password); getRouteContext().render("login", model); } }