Check for inactive accounts
Check for employee by access on /intern
This commit is contained in:
parent
da78ab4990
commit
ac79e1cf22
|
@ -46,11 +46,17 @@ public class RequestController {
|
|||
return "login";
|
||||
}
|
||||
|
||||
if (!user.get().validatePassword(password)) {
|
||||
if (!user.get().validatePassword(password)) {
|
||||
request.setAttribute("error", "Passwort falsch.");
|
||||
response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
|
||||
return "login";
|
||||
}
|
||||
|
||||
if (!user.get().isActive) {
|
||||
request.setAttribute("error", "User ist deaktiviert.");
|
||||
response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
|
||||
return "login";
|
||||
}
|
||||
|
||||
session.setAttribute("userId", user.get().getId());
|
||||
|
||||
|
|
|
@ -24,6 +24,7 @@ public class LoginIntercepter implements HandlerInterceptor {
|
|||
|
||||
HttpSession session = request.getSession();
|
||||
Object userId = session.getAttribute("userId");
|
||||
Optional<User> user = null;
|
||||
|
||||
if (request.getRequestURI().startsWith("/user/")) {
|
||||
System.out.println("USER");
|
||||
|
@ -43,10 +44,24 @@ public class LoginIntercepter implements HandlerInterceptor {
|
|||
response.sendRedirect("/login");
|
||||
return false;
|
||||
}
|
||||
|
||||
user = userRepository.findById((Long) userId);
|
||||
|
||||
if(user.isPresent() && !user.get().isEmployee)
|
||||
{
|
||||
session.setAttribute("afterLogin", request.getRequestURI());
|
||||
response.sendRedirect("/");
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
if (!request.getRequestURI().startsWith("/login")) {
|
||||
session.removeAttribute("afterLogin");
|
||||
}
|
||||
|
||||
if (userId != null) {
|
||||
Optional<User> user = userRepository.findById((Long) userId);
|
||||
if (user == null)
|
||||
user = userRepository.findById((Long) userId);
|
||||
user.ifPresent(value -> request.setAttribute("user", value));
|
||||
}
|
||||
|
||||
|
|
|
@ -1,6 +1,5 @@
|
|||
package org.hso.ecommerce.controller;
|
||||
|
||||
import org.hso.ecommerce.entities.booking.PaymentMethod;
|
||||
import org.hso.ecommerce.entities.shop.Address;
|
||||
import org.hso.ecommerce.entities.user.User;
|
||||
import org.hso.ecommerce.repos.user.UserRepository;
|
||||
|
@ -21,7 +20,7 @@ public class RegisterController {
|
|||
private final UserRepository userRepository = null;
|
||||
|
||||
@PostMapping("/register")
|
||||
public String register(
|
||||
public String registerPost(
|
||||
HttpServletRequest request,
|
||||
HttpServletResponse response,
|
||||
@RequestParam("username") String username,
|
||||
|
@ -37,7 +36,7 @@ public class RegisterController {
|
|||
Optional<User> user = userRepository.findByEmail(username);
|
||||
if (user.isPresent()) {
|
||||
request.setAttribute("error", "Email Adresse existiert bereits!");
|
||||
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
|
||||
response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
|
||||
return "register";
|
||||
}
|
||||
|
||||
|
@ -52,10 +51,9 @@ public class RegisterController {
|
|||
newUser.email = username;
|
||||
newUser.setPassword(password);
|
||||
newUser.email = username;
|
||||
if (type.equals("bus"))
|
||||
newUser.isEmployee = true;
|
||||
else
|
||||
newUser.isEmployee = false;
|
||||
newUser.isEmployee = false;
|
||||
//TODO for salutation, type, ad are no attributes/fields in the class/database. Add when they are there.
|
||||
|
||||
newUser.isActive = true;
|
||||
newUser.created = new java.sql.Timestamp(System.currentTimeMillis());
|
||||
|
||||
|
@ -64,9 +62,6 @@ public class RegisterController {
|
|||
newAddress.addressString = address;
|
||||
newUser.defaultDeliveryAddress = newAddress;
|
||||
|
||||
PaymentMethod defaultPaymentMethod = PaymentMethod.fromCreditCarNumber("123456");
|
||||
newUser.defaultPayment = defaultPaymentMethod;
|
||||
|
||||
userRepository.save(newUser); // save newUser
|
||||
|
||||
return "login";
|
||||
|
|
|
@ -1,11 +1,10 @@
|
|||
package org.hso.ecommerce.entities.booking;
|
||||
|
||||
import javax.persistence.Embeddable;
|
||||
import javax.validation.constraints.NotNull;
|
||||
|
||||
@Embeddable
|
||||
public class PaymentMethod {
|
||||
@NotNull
|
||||
|
||||
public String creditCardNumber;
|
||||
|
||||
public static PaymentMethod fromCreditCarNumber(String cardnumber) {
|
||||
|
|
Reference in New Issue