1 53 54 106 107 package com.Yasna.forum.database; 108 109 import com.Yasna.forum.Authorization; 110 import com.Yasna.forum.AuthorizationFactory; 111 import com.Yasna.forum.UnauthorizedException; 112 import com.Yasna.forum.Exceptions.UserNotActivatedException; 113 import com.Yasna.util.StringUtils; 114 115 import java.sql.*; 116 import java.util.Calendar ; 117 118 135 public class DbAuthorizationFactory extends AuthorizationFactory { 136 137 138 private static final String AUTHORIZE = 139 "SELECT "+SystemProperty.getProperty("User.Column.UserID")+" FROM "+ 140 SystemProperty.getProperty("User.Table") 141 +" WHERE "+SystemProperty.getProperty("User.Column.Username") 142 +"=? AND "+SystemProperty.getProperty("User.Column.PasswordHash")+"=?"; 143 private static final String CHECKLOGIN="select * from yazdUserProp where userID=? and name=?"; 144 private static final String INSERTLOGIN="insert into yazdUserProp(userID,name,propValue) values (?,?,?)"; 145 private static final String UPDATELOGIN = 146 "update yazdUserProp set propValue=? WHERE userID=? and name=?"; 147 148 151 private static final Authorization anonymousAuth = new DbAuthorization(-1); 152 153 163 public Authorization createAuthorization(String username, String password) 164 throws UnauthorizedException 165 { 166 if (username == null || password == null) { 167 throw new UnauthorizedException(); 168 } 169 password = StringUtils.hash(password); 172 int userID = 0; 173 Connection con = null; 174 PreparedStatement pstmt = null; 175 try { 176 con = DbConnectionManager.getConnection(); 177 pstmt = con.prepareStatement(AUTHORIZE); 178 pstmt.setString(1, username); 179 pstmt.setString(2, password); 180 181 ResultSet rs = pstmt.executeQuery(); 182 if (!rs.next()) { 185 throw new UnauthorizedException(); 186 } 187 userID = rs.getInt(1); 188 189 pstmt = con.prepareStatement(CHECKLOGIN); 190 pstmt.setInt(1,userID); 191 pstmt.setString(2,"notactive"); 192 rs = pstmt.executeQuery(); 193 if(rs.next()){ 194 throw new UserNotActivatedException("User not yet activated"); 196 } 197 pstmt.setString(2,"lastlogin"); 199 rs = pstmt.executeQuery(); 200 if (!rs.next()) { 202 pstmt = con.prepareStatement(INSERTLOGIN); 203 pstmt.setInt(1,userID); 204 pstmt.setString(2,"lastlogin"); 205 pstmt.setString(3,Long.toString(Calendar.getInstance().getTimeInMillis())); 206 pstmt.executeUpdate(); 207 }else{ 208 pstmt = con.prepareStatement(UPDATELOGIN); 209 pstmt.setString(1,Long.toString(Calendar.getInstance().getTimeInMillis())); 210 pstmt.setInt(2,userID); 211 pstmt.setString(3,"lastlogin"); 212 pstmt.executeUpdate(); 213 } 214 215 } 216 catch( SQLException sqle ) { 217 System.err.println("Exception in DbAuthorizationFactory:" + sqle); 218 sqle.printStackTrace(); 219 throw new UnauthorizedException(); 220 } 221 finally { 222 try { pstmt.close(); } 223 catch (Exception e) { e.printStackTrace(); } 224 try { con.close(); } 225 catch (Exception e) { e.printStackTrace(); } 226 } 227 return new DbAuthorization(userID); 229 } 230 231 236 public Authorization createAnonymousAuthorization() { 237 return anonymousAuth; 238 } 239 } 240 | Popular Tags |