Check for inactive accounts
Check for employee by access on /intern
This commit is contained in:
parent
da78ab4990
commit
ac79e1cf22
|
@ -46,11 +46,17 @@ public class RequestController {
|
||||||
return "login";
|
return "login";
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!user.get().validatePassword(password)) {
|
if (!user.get().validatePassword(password)) {
|
||||||
request.setAttribute("error", "Passwort falsch.");
|
request.setAttribute("error", "Passwort falsch.");
|
||||||
response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
|
response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
|
||||||
return "login";
|
return "login";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (!user.get().isActive) {
|
||||||
|
request.setAttribute("error", "User ist deaktiviert.");
|
||||||
|
response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
|
||||||
|
return "login";
|
||||||
|
}
|
||||||
|
|
||||||
session.setAttribute("userId", user.get().getId());
|
session.setAttribute("userId", user.get().getId());
|
||||||
|
|
||||||
|
|
|
@ -24,6 +24,7 @@ public class LoginIntercepter implements HandlerInterceptor {
|
||||||
|
|
||||||
HttpSession session = request.getSession();
|
HttpSession session = request.getSession();
|
||||||
Object userId = session.getAttribute("userId");
|
Object userId = session.getAttribute("userId");
|
||||||
|
Optional<User> user = null;
|
||||||
|
|
||||||
if (request.getRequestURI().startsWith("/user/")) {
|
if (request.getRequestURI().startsWith("/user/")) {
|
||||||
System.out.println("USER");
|
System.out.println("USER");
|
||||||
|
@ -43,10 +44,24 @@ public class LoginIntercepter implements HandlerInterceptor {
|
||||||
response.sendRedirect("/login");
|
response.sendRedirect("/login");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
user = userRepository.findById((Long) userId);
|
||||||
|
|
||||||
|
if(user.isPresent() && !user.get().isEmployee)
|
||||||
|
{
|
||||||
|
session.setAttribute("afterLogin", request.getRequestURI());
|
||||||
|
response.sendRedirect("/");
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!request.getRequestURI().startsWith("/login")) {
|
||||||
|
session.removeAttribute("afterLogin");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (userId != null) {
|
if (userId != null) {
|
||||||
Optional<User> user = userRepository.findById((Long) userId);
|
if (user == null)
|
||||||
|
user = userRepository.findById((Long) userId);
|
||||||
user.ifPresent(value -> request.setAttribute("user", value));
|
user.ifPresent(value -> request.setAttribute("user", value));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1,6 +1,5 @@
|
||||||
package org.hso.ecommerce.controller;
|
package org.hso.ecommerce.controller;
|
||||||
|
|
||||||
import org.hso.ecommerce.entities.booking.PaymentMethod;
|
|
||||||
import org.hso.ecommerce.entities.shop.Address;
|
import org.hso.ecommerce.entities.shop.Address;
|
||||||
import org.hso.ecommerce.entities.user.User;
|
import org.hso.ecommerce.entities.user.User;
|
||||||
import org.hso.ecommerce.repos.user.UserRepository;
|
import org.hso.ecommerce.repos.user.UserRepository;
|
||||||
|
@ -21,7 +20,7 @@ public class RegisterController {
|
||||||
private final UserRepository userRepository = null;
|
private final UserRepository userRepository = null;
|
||||||
|
|
||||||
@PostMapping("/register")
|
@PostMapping("/register")
|
||||||
public String register(
|
public String registerPost(
|
||||||
HttpServletRequest request,
|
HttpServletRequest request,
|
||||||
HttpServletResponse response,
|
HttpServletResponse response,
|
||||||
@RequestParam("username") String username,
|
@RequestParam("username") String username,
|
||||||
|
@ -37,7 +36,7 @@ public class RegisterController {
|
||||||
Optional<User> user = userRepository.findByEmail(username);
|
Optional<User> user = userRepository.findByEmail(username);
|
||||||
if (user.isPresent()) {
|
if (user.isPresent()) {
|
||||||
request.setAttribute("error", "Email Adresse existiert bereits!");
|
request.setAttribute("error", "Email Adresse existiert bereits!");
|
||||||
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
|
response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
|
||||||
return "register";
|
return "register";
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -52,10 +51,9 @@ public class RegisterController {
|
||||||
newUser.email = username;
|
newUser.email = username;
|
||||||
newUser.setPassword(password);
|
newUser.setPassword(password);
|
||||||
newUser.email = username;
|
newUser.email = username;
|
||||||
if (type.equals("bus"))
|
newUser.isEmployee = false;
|
||||||
newUser.isEmployee = true;
|
//TODO for salutation, type, ad are no attributes/fields in the class/database. Add when they are there.
|
||||||
else
|
|
||||||
newUser.isEmployee = false;
|
|
||||||
newUser.isActive = true;
|
newUser.isActive = true;
|
||||||
newUser.created = new java.sql.Timestamp(System.currentTimeMillis());
|
newUser.created = new java.sql.Timestamp(System.currentTimeMillis());
|
||||||
|
|
||||||
|
@ -64,9 +62,6 @@ public class RegisterController {
|
||||||
newAddress.addressString = address;
|
newAddress.addressString = address;
|
||||||
newUser.defaultDeliveryAddress = newAddress;
|
newUser.defaultDeliveryAddress = newAddress;
|
||||||
|
|
||||||
PaymentMethod defaultPaymentMethod = PaymentMethod.fromCreditCarNumber("123456");
|
|
||||||
newUser.defaultPayment = defaultPaymentMethod;
|
|
||||||
|
|
||||||
userRepository.save(newUser); // save newUser
|
userRepository.save(newUser); // save newUser
|
||||||
|
|
||||||
return "login";
|
return "login";
|
||||||
|
|
|
@ -1,11 +1,10 @@
|
||||||
package org.hso.ecommerce.entities.booking;
|
package org.hso.ecommerce.entities.booking;
|
||||||
|
|
||||||
import javax.persistence.Embeddable;
|
import javax.persistence.Embeddable;
|
||||||
import javax.validation.constraints.NotNull;
|
|
||||||
|
|
||||||
@Embeddable
|
@Embeddable
|
||||||
public class PaymentMethod {
|
public class PaymentMethod {
|
||||||
@NotNull
|
|
||||||
public String creditCardNumber;
|
public String creditCardNumber;
|
||||||
|
|
||||||
public static PaymentMethod fromCreditCarNumber(String cardnumber) {
|
public static PaymentMethod fromCreditCarNumber(String cardnumber) {
|
||||||
|
|
Reference in New Issue