From cecb556bde4f186d50627c2df005d739eb4701aa Mon Sep 17 00:00:00 2001 From: irynamatveieva Date: Fri, 14 Jul 2023 18:22:08 +0300 Subject: [PATCH] implemented authentication service using filter --- .../java/taxi/controller/LoginController.java | 42 +++++++++++++++++++ .../taxi/controller/LogoutController.java | 18 ++++++++ .../driver/AddDriverController.java | 4 +- .../driver/GetMyCurrentCarsController.java | 29 +++++++++++++ src/main/java/taxi/dao/CarDaoImpl.java | 4 ++ src/main/java/taxi/dao/DriverDao.java | 2 + src/main/java/taxi/dao/DriverDaoImpl.java | 27 +++++++++++- .../exception/AuthenticationException.java | 7 ++++ .../taxi/filter/AuthenticationFilter.java | 42 +++++++++++++++++++ src/main/java/taxi/model/Driver.java | 25 +++++++++++ .../taxi/service/AuthenticationService.java | 8 ++++ .../service/AuthenticationServiceImpl.java | 25 +++++++++++ src/main/java/taxi/service/DriverService.java | 2 + .../java/taxi/service/DriverServiceImpl.java | 6 +++ src/main/java/taxi/util/ConnectionUtil.java | 8 ++-- src/main/resources/init_db.sql | 2 + src/main/webapp/WEB-INF/views/drivers/add.jsp | 8 ++++ src/main/webapp/WEB-INF/views/drivers/all.jsp | 1 + src/main/webapp/WEB-INF/views/header.jsp | 9 ++++ src/main/webapp/WEB-INF/views/index.jsp | 1 + src/main/webapp/WEB-INF/views/login.jsp | 15 +++++++ src/main/webapp/web.xml | 9 ++++ 22 files changed, 287 insertions(+), 7 deletions(-) create mode 100644 src/main/java/taxi/controller/LoginController.java create mode 100644 src/main/java/taxi/controller/LogoutController.java create mode 100644 src/main/java/taxi/controller/driver/GetMyCurrentCarsController.java create mode 100644 src/main/java/taxi/exception/AuthenticationException.java create mode 100644 src/main/java/taxi/filter/AuthenticationFilter.java create mode 100644 src/main/java/taxi/service/AuthenticationService.java create mode 100644 src/main/java/taxi/service/AuthenticationServiceImpl.java create mode 100644 src/main/webapp/WEB-INF/views/header.jsp create mode 100644 src/main/webapp/WEB-INF/views/login.jsp diff --git a/src/main/java/taxi/controller/LoginController.java b/src/main/java/taxi/controller/LoginController.java new file mode 100644 index 000000000..e3cec1600 --- /dev/null +++ b/src/main/java/taxi/controller/LoginController.java @@ -0,0 +1,42 @@ +package taxi.controller; + +import java.io.IOException; +import javax.servlet.ServletException; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import taxi.exception.AuthenticationException; +import taxi.lib.Injector; +import taxi.model.Driver; +import taxi.service.AuthenticationService; + +@WebServlet(urlPatterns = "/login") +public class LoginController extends HttpServlet { + private static final Injector injector = Injector.getInstance("taxi"); + private final AuthenticationService authenticationService = (AuthenticationService) injector + .getInstance(AuthenticationService.class); + + @Override + public void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + req.getRequestDispatcher("/WEB-INF/views/login.jsp").forward(req, resp); + } + + @Override + public void doPost(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + String login = req.getParameter("login"); + String password = req.getParameter("password"); + try { + Driver driver = authenticationService.login(login, password); + HttpSession session = req.getSession(); + session.setAttribute("driver_id", driver.getId()); + resp.sendRedirect(req.getContextPath() + "/index"); + } catch (AuthenticationException e) { + req.setAttribute("errorMsg", e.getMessage()); + req.getRequestDispatcher("/WEB-INF/views/login.jsp").forward(req, resp); + } + } +} diff --git a/src/main/java/taxi/controller/LogoutController.java b/src/main/java/taxi/controller/LogoutController.java new file mode 100644 index 000000000..02d4b2cec --- /dev/null +++ b/src/main/java/taxi/controller/LogoutController.java @@ -0,0 +1,18 @@ +package taxi.controller; + +import java.io.IOException; +import javax.servlet.ServletException; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +@WebServlet(urlPatterns = "/logout") +public class LogoutController extends HttpServlet { + @Override + public void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + req.getSession().invalidate(); + resp.sendRedirect(req.getContextPath() + "/index"); + } +} diff --git a/src/main/java/taxi/controller/driver/AddDriverController.java b/src/main/java/taxi/controller/driver/AddDriverController.java index 1db67730b..e6da4dd22 100644 --- a/src/main/java/taxi/controller/driver/AddDriverController.java +++ b/src/main/java/taxi/controller/driver/AddDriverController.java @@ -24,7 +24,9 @@ public void doGet(HttpServletRequest req, HttpServletResponse resp) public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { String name = req.getParameter("name"); String licenseNumber = req.getParameter("license_number"); - Driver driver = new Driver(name, licenseNumber); + String login = req.getParameter("login"); + String password = req.getParameter("password"); + Driver driver = new Driver(name, licenseNumber, login, password); driverService.create(driver); resp.sendRedirect(req.getContextPath() + "/drivers/add"); } diff --git a/src/main/java/taxi/controller/driver/GetMyCurrentCarsController.java b/src/main/java/taxi/controller/driver/GetMyCurrentCarsController.java new file mode 100644 index 000000000..de39932a4 --- /dev/null +++ b/src/main/java/taxi/controller/driver/GetMyCurrentCarsController.java @@ -0,0 +1,29 @@ +package taxi.controller.driver; + +import java.io.IOException; +import java.util.List; +import javax.servlet.ServletException; +import javax.servlet.annotation.WebServlet; +import javax.servlet.http.HttpServlet; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; +import taxi.lib.Injector; +import taxi.model.Car; +import taxi.service.CarService; + +@WebServlet(urlPatterns = "/cars/all") +public class GetMyCurrentCarsController extends HttpServlet { + private static final Injector injector = Injector.getInstance("taxi"); + private final CarService carService = (CarService) injector.getInstance(CarService.class); + + @Override + protected void doGet(HttpServletRequest req, HttpServletResponse resp) + throws ServletException, IOException { + HttpSession session = req.getSession(); + Long driverId = (Long) session.getAttribute("driver_id"); + List carsByDriver = carService.getAllByDriver(driverId); + req.setAttribute("car.drivers", carsByDriver); + req.getRequestDispatcher("/WEB-INF/views/cars/all.jsp").forward(req, resp); + } +} diff --git a/src/main/java/taxi/dao/CarDaoImpl.java b/src/main/java/taxi/dao/CarDaoImpl.java index 586ccb595..622ef69db 100644 --- a/src/main/java/taxi/dao/CarDaoImpl.java +++ b/src/main/java/taxi/dao/CarDaoImpl.java @@ -211,10 +211,14 @@ private Driver parseDriverFromResultSet(ResultSet resultSet) throws SQLException Long driverId = resultSet.getObject("id", Long.class); String name = resultSet.getString("name"); String licenseNumber = resultSet.getString("license_number"); + String login = resultSet.getString("login"); + String password = resultSet.getString("password"); Driver driver = new Driver(); driver.setId(driverId); driver.setName(name); driver.setLicenseNumber(licenseNumber); + driver.setLogin(login); + driver.setPassword(password); return driver; } diff --git a/src/main/java/taxi/dao/DriverDao.java b/src/main/java/taxi/dao/DriverDao.java index 83440d530..e9c38d2a5 100644 --- a/src/main/java/taxi/dao/DriverDao.java +++ b/src/main/java/taxi/dao/DriverDao.java @@ -1,6 +1,8 @@ package taxi.dao; +import java.util.Optional; import taxi.model.Driver; public interface DriverDao extends GenericDao { + Optional findByLogin(String login); } diff --git a/src/main/java/taxi/dao/DriverDaoImpl.java b/src/main/java/taxi/dao/DriverDaoImpl.java index f5e18f2a2..f9926c3cb 100644 --- a/src/main/java/taxi/dao/DriverDaoImpl.java +++ b/src/main/java/taxi/dao/DriverDaoImpl.java @@ -17,13 +17,15 @@ public class DriverDaoImpl implements DriverDao { @Override public Driver create(Driver driver) { - String query = "INSERT INTO drivers (name, license_number) " - + "VALUES (?, ?)"; + String query = "INSERT INTO drivers (name, license_number, login, password) " + + "VALUES (?, ?, ?, ?)"; try (Connection connection = ConnectionUtil.getConnection(); PreparedStatement statement = connection.prepareStatement(query, Statement.RETURN_GENERATED_KEYS)) { statement.setString(1, driver.getName()); statement.setString(2, driver.getLicenseNumber()); + statement.setString(3, driver.getLogin()); + statement.setString(4, driver.getPassword()); statement.executeUpdate(); ResultSet resultSet = statement.getGeneratedKeys(); if (resultSet.next()) { @@ -98,14 +100,35 @@ public boolean delete(Long id) { } } + @Override + public Optional findByLogin(String login) { + String query = "SELECT * FROM drivers WHERE login = ? AND is_deleted = FALSE"; + try (Connection connection = ConnectionUtil.getConnection(); + PreparedStatement statement = connection.prepareStatement(query)) { + statement.setString(1, login); + ResultSet resultSet = statement.executeQuery(); + Driver driver = null; + if (resultSet.next()) { + driver = parseDriverFromResultSet(resultSet); + } + return Optional.ofNullable(driver); + } catch (SQLException e) { + throw new DataProcessingException("Can't find driver", e); + } + } + private Driver parseDriverFromResultSet(ResultSet resultSet) throws SQLException { Long id = resultSet.getObject("id", Long.class); String name = resultSet.getString("name"); String licenseNumber = resultSet.getString("license_number"); + String login = resultSet.getString("login"); + String password = resultSet.getString("password"); Driver driver = new Driver(); driver.setId(id); driver.setName(name); driver.setLicenseNumber(licenseNumber); + driver.setLogin(login); + driver.setPassword(password); return driver; } } diff --git a/src/main/java/taxi/exception/AuthenticationException.java b/src/main/java/taxi/exception/AuthenticationException.java new file mode 100644 index 000000000..a80dfd9e9 --- /dev/null +++ b/src/main/java/taxi/exception/AuthenticationException.java @@ -0,0 +1,7 @@ +package taxi.exception; + +public class AuthenticationException extends Exception { + public AuthenticationException(String message) { + super(message); + } +} diff --git a/src/main/java/taxi/filter/AuthenticationFilter.java b/src/main/java/taxi/filter/AuthenticationFilter.java new file mode 100644 index 000000000..c1087212d --- /dev/null +++ b/src/main/java/taxi/filter/AuthenticationFilter.java @@ -0,0 +1,42 @@ +package taxi.filter; + +import java.io.IOException; +import java.util.HashSet; +import java.util.Set; +import javax.servlet.Filter; +import javax.servlet.FilterChain; +import javax.servlet.FilterConfig; +import javax.servlet.ServletException; +import javax.servlet.ServletRequest; +import javax.servlet.ServletResponse; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import javax.servlet.http.HttpSession; + +public class AuthenticationFilter implements Filter { + private Set allowedUrls = new HashSet<>(); + + @Override + public void init(FilterConfig filterConfig) throws ServletException { + allowedUrls.add("/login"); + allowedUrls.add("/drivers/add"); + } + + @Override + public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, + FilterChain filterChain) throws IOException, ServletException { + HttpServletRequest req = (HttpServletRequest) servletRequest; + HttpServletResponse resp = (HttpServletResponse) servletResponse; + HttpSession session = req.getSession(); + Long driverId = (Long) session.getAttribute("driver_id"); + if (driverId == null && allowedUrls.contains(req.getServletPath())) { + filterChain.doFilter(req, resp); + return; + } + if (driverId == null) { + resp.sendRedirect(req.getContextPath() + "/login"); + return; + } + filterChain.doFilter(req, resp); + } +} diff --git a/src/main/java/taxi/model/Driver.java b/src/main/java/taxi/model/Driver.java index 9c375f94c..4acf2f78a 100644 --- a/src/main/java/taxi/model/Driver.java +++ b/src/main/java/taxi/model/Driver.java @@ -6,6 +6,8 @@ public class Driver { private Long id; private String name; private String licenseNumber; + private String login; + private String password; public Driver() { } @@ -15,6 +17,13 @@ public Driver(String name, String licenseNumber) { this.licenseNumber = licenseNumber; } + public Driver(String name, String licenseNumber, String login, String password) { + this.name = name; + this.licenseNumber = licenseNumber; + this.login = login; + this.password = password; + } + public Long getId() { return id; } @@ -39,6 +48,22 @@ public void setLicenseNumber(String licenseNumber) { this.licenseNumber = licenseNumber; } + public String getLogin() { + return login; + } + + public void setLogin(String login) { + this.login = login; + } + + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } + @Override public boolean equals(Object o) { if (this == o) { diff --git a/src/main/java/taxi/service/AuthenticationService.java b/src/main/java/taxi/service/AuthenticationService.java new file mode 100644 index 000000000..e9ffa0eea --- /dev/null +++ b/src/main/java/taxi/service/AuthenticationService.java @@ -0,0 +1,8 @@ +package taxi.service; + +import taxi.exception.AuthenticationException; +import taxi.model.Driver; + +public interface AuthenticationService { + Driver login(String login, String password) throws AuthenticationException; +} diff --git a/src/main/java/taxi/service/AuthenticationServiceImpl.java b/src/main/java/taxi/service/AuthenticationServiceImpl.java new file mode 100644 index 000000000..f90e70d15 --- /dev/null +++ b/src/main/java/taxi/service/AuthenticationServiceImpl.java @@ -0,0 +1,25 @@ +package taxi.service; + +import java.util.Optional; +import taxi.exception.AuthenticationException; +import taxi.lib.Inject; +import taxi.lib.Service; +import taxi.model.Driver; + +@Service +public class AuthenticationServiceImpl implements AuthenticationService { + @Inject + private DriverService driverService; + + @Override + public Driver login(String login, String password) throws AuthenticationException { + Optional driver = driverService.findByLogin(login); + if (driver.isEmpty()) { + throw new AuthenticationException("Login or password was incorrect"); + } + if (driver.get().getPassword().equals(password)) { + return driver.get(); + } + throw new AuthenticationException("Login or password was incorrect"); + } +} diff --git a/src/main/java/taxi/service/DriverService.java b/src/main/java/taxi/service/DriverService.java index faddf81b3..3dbdfe2f3 100644 --- a/src/main/java/taxi/service/DriverService.java +++ b/src/main/java/taxi/service/DriverService.java @@ -1,6 +1,8 @@ package taxi.service; +import java.util.Optional; import taxi.model.Driver; public interface DriverService extends GenericService { + Optional findByLogin(String login); } diff --git a/src/main/java/taxi/service/DriverServiceImpl.java b/src/main/java/taxi/service/DriverServiceImpl.java index e2f554b3f..cf14b8e39 100644 --- a/src/main/java/taxi/service/DriverServiceImpl.java +++ b/src/main/java/taxi/service/DriverServiceImpl.java @@ -2,6 +2,7 @@ import java.util.List; import java.util.NoSuchElementException; +import java.util.Optional; import taxi.dao.DriverDao; import taxi.lib.Inject; import taxi.lib.Service; @@ -38,4 +39,9 @@ public Driver update(Driver driver) { public boolean delete(Long id) { return driverDao.delete(id); } + + @Override + public Optional findByLogin(String login) { + return driverDao.findByLogin(login); + } } diff --git a/src/main/java/taxi/util/ConnectionUtil.java b/src/main/java/taxi/util/ConnectionUtil.java index 9a94e69a2..0f986a748 100644 --- a/src/main/java/taxi/util/ConnectionUtil.java +++ b/src/main/java/taxi/util/ConnectionUtil.java @@ -6,10 +6,10 @@ import java.util.Properties; public class ConnectionUtil { - private static final String URL = "YOUR DATABASE URL"; - private static final String USERNAME = "YOUR USERNAME"; - private static final String PASSWORD = "YOUR PASSWORD"; - private static final String JDBC_DRIVER = "YOUR DRIVER"; + private static final String URL = "jdbc:mysql://localhost:3306/taxi?serverTimezone=UTC"; + private static final String USERNAME = "root"; + private static final String PASSWORD = "irochka020704"; + private static final String JDBC_DRIVER = "com.mysql.cj.jdbc.Driver"; static { try { diff --git a/src/main/resources/init_db.sql b/src/main/resources/init_db.sql index 2acabb883..decfb1493 100644 --- a/src/main/resources/init_db.sql +++ b/src/main/resources/init_db.sql @@ -12,6 +12,8 @@ CREATE TABLE `drivers` ( `name` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL, `license_number` VARCHAR(255) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL, `is_deleted` BIT(1) NOT NULL DEFAULT b'0', + `login` varchar(255) NOT NULL, + `password` varchar(255) NOT NULL, PRIMARY KEY (`id`) USING BTREE ) ENGINE = InnoDB CHARACTER SET = utf8 COLLATE = utf8_general_ci ROW_FORMAT = Dynamic; diff --git a/src/main/webapp/WEB-INF/views/drivers/add.jsp b/src/main/webapp/WEB-INF/views/drivers/add.jsp index 4ad7cee44..d9e3ac9c8 100644 --- a/src/main/webapp/WEB-INF/views/drivers/add.jsp +++ b/src/main/webapp/WEB-INF/views/drivers/add.jsp @@ -14,6 +14,8 @@ Name License number + Login + Password Add @@ -23,6 +25,12 @@ + + + + + + diff --git a/src/main/webapp/WEB-INF/views/drivers/all.jsp b/src/main/webapp/WEB-INF/views/drivers/all.jsp index 776101f73..aa23eef5a 100644 --- a/src/main/webapp/WEB-INF/views/drivers/all.jsp +++ b/src/main/webapp/WEB-INF/views/drivers/all.jsp @@ -14,6 +14,7 @@ ID Name License number + Delete diff --git a/src/main/webapp/WEB-INF/views/header.jsp b/src/main/webapp/WEB-INF/views/header.jsp new file mode 100644 index 000000000..2807e3852 --- /dev/null +++ b/src/main/webapp/WEB-INF/views/header.jsp @@ -0,0 +1,9 @@ +<%@ page contentType="text/html;charset=UTF-8" language="java" %> + + + Title + + +Logout + + diff --git a/src/main/webapp/WEB-INF/views/index.jsp b/src/main/webapp/WEB-INF/views/index.jsp index b9b5e9d2b..23b59f453 100644 --- a/src/main/webapp/WEB-INF/views/index.jsp +++ b/src/main/webapp/WEB-INF/views/index.jsp @@ -9,6 +9,7 @@

Hello, mates

+<%@include file="header.jsp" %> diff --git a/src/main/webapp/WEB-INF/views/login.jsp b/src/main/webapp/WEB-INF/views/login.jsp new file mode 100644 index 000000000..f25e2eeb7 --- /dev/null +++ b/src/main/webapp/WEB-INF/views/login.jsp @@ -0,0 +1,15 @@ +<%@ page contentType="text/html;charset=UTF-8" language="java" %> + + + Login + + +

Login page

+

${errorMsg}

+ + Please enter your login: + Please enter your password: + + + + diff --git a/src/main/webapp/web.xml b/src/main/webapp/web.xml index 284381048..9af76c18b 100644 --- a/src/main/webapp/web.xml +++ b/src/main/webapp/web.xml @@ -105,4 +105,13 @@ deleteManufacturer/manufacturers/delete + + + authenticationFilter + taxi.filter.AuthenticationFilter + + + authenticationFilter + /* +
Redirect to