Add Second Servlet Filter

Shell26 · Shell26 · commit 01ddda503e6f · 2019-10-24T16:21:48.000+04:00
diff --git a/src/main/java/servlet/DeleteServlet.java b/src/main/java/servlet/DeleteServlet.java
@@ -11,21 +11,22 @@
 import javax.servlet.http.HttpSession;
 import java.io.IOException;
 
-@WebServlet("/delete")
+@WebServlet("/admin/delete")
 public class DeleteServlet extends HttpServlet {
 
     @Override
     protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-        final HttpSession session = req.getSession();
+        final HttpSession session = req.getSession(false);
         final String login = (String) session.getAttribute("login");
         final String password = (String) session.getAttribute("password");
 
         if (UserService.getInstance().isAdmin(login, password)) {
             Long id = Long.parseLong(req.getParameter("id"));
             UserService.getInstance().deleteUser(id);
-            resp.sendRedirect(req.getContextPath() + "/");
+            resp.sendRedirect(req.getContextPath() + "/admin/main");
         }else{
-            req.getRequestDispatcher("/WEB-INF/view/index.jsp").forward(req, resp);
+//            req.getRequestDispatcher("/WEB-INF/view/index.jsp").forward(req, resp);
+            resp.sendRedirect(req.getContextPath() + "/");
         }
     }
 }
diff --git a/src/main/java/servlet/LogoutServlet.java b/src/main/java/servlet/LogoutServlet.java
@@ -14,7 +14,7 @@ public class LogoutServlet extends HttpServlet {
     protected void doGet(HttpServletRequest req, HttpServletResponse resp)
             throws ServletException, IOException {
 
-        final HttpSession session = req.getSession();
+        final HttpSession session = req.getSession(false);
 
         session.removeAttribute("password");
         session.removeAttribute("login");
diff --git a/src/main/java/servlet/MainServlet.java b/src/main/java/servlet/MainServlet.java
@@ -12,12 +12,12 @@
 import javax.servlet.http.HttpSession;
 import java.io.IOException;
 
-@WebServlet("/main")
+@WebServlet("/admin/main")
 public class MainServlet extends HttpServlet {
 
     @Override
     protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-        final HttpSession session = req.getSession();
+        final HttpSession session = req.getSession(false);
         final String login = (String) session.getAttribute("login");
         final String password = (String) session.getAttribute("password");
 
@@ -45,8 +45,6 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws S
 
         UserService.getInstance().addUser(user);
 
-//        System.out.println(UserService.getInstance().isAdmin(name, secondName));
-
         doGet(req, resp);
     }
 }
diff --git a/src/main/java/servlet/UpdateServlet.java b/src/main/java/servlet/UpdateServlet.java
@@ -11,20 +11,20 @@
 import javax.servlet.http.HttpSession;
 import java.io.IOException;
 
-@WebServlet("/update")
+@WebServlet("/admin/update")
 public class UpdateServlet extends HttpServlet {
 
     @Override
     protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-        final HttpSession session = req.getSession();
+        final HttpSession session = req.getSession(false);
         final String login = (String) session.getAttribute("login");
         final String password = (String) session.getAttribute("password");
 
         if (UserService.getInstance().isAdmin(login, password)) {
             Long id = Long.parseLong(req.getParameter("id"));
             User user = UserService.getInstance().getUserById(id);
             req.setAttribute("user", user);
-            req.getRequestDispatcher("WEB-INF/view/update.jsp").forward(req, resp);
+            req.getRequestDispatcher("/WEB-INF/view/update.jsp").forward(req, resp);
         }else{
             req.getRequestDispatcher("/WEB-INF/view/index.jsp").forward(req, resp);
         }
@@ -39,6 +39,6 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws S
 
         UserService.getInstance().updateUser(id, newAge, newName, newpassword);
 
-        resp.sendRedirect(req.getContextPath() + "/");
+        resp.sendRedirect(req.getContextPath() + "/admin/main");
     }
 }
diff --git a/src/main/java/servlet/UserServlet.java b/src/main/java/servlet/UserServlet.java
@@ -1,16 +1,20 @@
 package servlet;
 
+import service.UserService;
+
 import javax.servlet.ServletException;
 import javax.servlet.annotation.WebServlet;
 import javax.servlet.http.HttpServlet;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 import java.io.IOException;
 
 @WebServlet("/user")
 public class UserServlet extends HttpServlet {
     @Override
     protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-        req.getRequestDispatcher("/WEB-INF/view/user.jsp").forward(req, resp);
+            req.getRequestDispatcher("/WEB-INF/view/user.jsp").forward(req, resp);
+
     }
 }
diff --git a/src/main/java/servlet/filter/IndexFilter.java b/src/main/java/servlet/filter/IndexFilter.java
@@ -13,8 +13,8 @@
 
 import static java.util.Objects.nonNull;
 
-//@WebFilter("/")
-@WebFilter(servletNames = "IndexServlet")
+@WebFilter("/admin")
+//@WebFilter(servletNames = "IndexServlet")
 public class IndexFilter implements Filter {
 
     @Override
@@ -23,29 +23,52 @@ public void init(FilterConfig filterConfig) throws ServletException {
 
     @Override
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
-        System.out.printf("Filter working");
-
         final HttpServletRequest req = (HttpServletRequest) request;
         final HttpServletResponse res = (HttpServletResponse) response;
 
-        final String login = req.getParameter("authLogin");
-        final String password = req.getParameter("authPass");
+        final HttpSession session = req.getSession(false);
+
+        if(session.getAttribute("login") == null ||
+                session.getAttribute("password") == null){
+            final String login = req.getParameter("authLogin");       //читаю из формы
+            final String password = req.getParameter("authPass");
+            session.setAttribute("password", password);
+            session.setAttribute("login", login);
+        }
 
-        final HttpSession session = req.getSession();
+        final String login = (String) session.getAttribute("login");
+        final String password = (String) session.getAttribute("password");
 
-        if (login == null || password == null) {          //первое посещение
-            filterChain.doFilter(request, response);
-        } else if (UserService.getInstance().userIsExist(login, password)) {     // не заходил, существует
-            req.getSession().setAttribute("password", password);
-            req.getSession().setAttribute("login", login);
+        if (UserService.getInstance().userIsExist(login, password)){
             if (UserService.getInstance().isAdmin(login, password)) {
-                res.sendRedirect("main");
-            } else {
-                res.sendRedirect("user");
+                res.sendRedirect(req.getContextPath() + "/admin/main");
+            }else{
+                res.sendRedirect(req.getContextPath() + "/user");
             }
+        }else{
+            res.sendRedirect(req.getContextPath() + "/");
         }
+
+
+//        if (login == null || password == null) {          //первое посещение
+//            filterChain.doFilter(request, response);
+//        } else if (UserService.getInstance().userIsExist(login, password)) {     // не заходил, существует
+//            req.getSession().setAttribute("password", password);
+//            req.getSession().setAttribute("login", login);
+//            if (UserService.getInstance().isAdmin(login, password)) {
+                // бегает по кругу фильтр-сервлет
+//                res.sendRedirect(req.getContextPath() + "/admin/main");
+//                request.getServletContext().getRequestDispatcher("/admin/main").forward(request, response);
+
+//                request.getRequestDispatcher("/admin/main").forward(request, response);
+//            } else {
+//                res.sendRedirect(req.getContextPath() + "/user");
+//                request.getServletContext().getRequestDispatcher("/user").forward(request, response);
+//            }
+//        }
     }
 
+
     @Override
     public void destroy() {
     }
diff --git a/src/main/java/servlet/filter/LoginFilter.java b/src/main/java/servlet/filter/LoginFilter.java
@@ -1,5 +1,6 @@
 package servlet.filter;
 
+import model.User;
 import service.UserService;
 
 import javax.servlet.*;
@@ -20,31 +21,27 @@ public void init(FilterConfig filterConfig) throws ServletException {
     public void doFilter(ServletRequest request, ServletResponse response, FilterChain filterChain) throws IOException, ServletException {
         final HttpServletRequest req = (HttpServletRequest) request;
         final HttpServletResponse resp = (HttpServletResponse) response;
-        final HttpSession session = req.getSession();
+        final HttpSession session = req.getSession(false);
 
-        final String login1 = (String) session.getAttribute("login");
-        final String password1 = (String) session.getAttribute("password");
-
-        if(login1 == null && password1 == null){
-            final String login = req.getParameter("authLogin");
-            final String password = req.getParameter("authPass");
-            req.getSession().setAttribute("password", password);
-            req.getSession().setAttribute("login", login);
-        }else if(!UserService.getInstance().userIsExist(login1, password1)){
+        if(session != null){
+            //читаю из формы
             final String login = req.getParameter("authLogin");
             final String password = req.getParameter("authPass");
-            req.getSession().setAttribute("password", password);
-            req.getSession().setAttribute("login", login);
+            if (session.getAttribute("login") == null || session.getAttribute("password") ==null){
+                //записываю в сессию
+                session.setAttribute("password", password);
+                session.setAttribute("login", login);
+            }
         }
 
-        final String login2 = (String) session.getAttribute("login");
-        final String password2 = (String) session.getAttribute("password");
-
-        if (UserService.getInstance().userIsExist(login2, password2)){
-            filterChain.doFilter(request, response);
+        if(session == null || session.getAttribute("login") == null || session.getAttribute("password") ==null) {
+            request.getServletContext().getRequestDispatcher("/").forward(request, response);
+            //кидает опять на этот же фильтр
+//            resp.sendRedirect(req.getContextPath() + "/");
         }else{
-            req.getRequestDispatcher("/WEB-INF/view/index.jsp").forward(req, resp);
+            filterChain.doFilter(request, response);
         }
+
     }
 
     @Override
diff --git a/src/main/resources/config.properties b/src/main/resources/config.properties
@@ -1 +1 @@
-DB_TYPE = hibernate
+DB_TYPE = jdbc
diff --git a/src/main/webapp/WEB-INF/view/index.jsp b/src/main/webapp/WEB-INF/view/index.jsp
@@ -6,7 +6,7 @@
 </head>
 <body>
 <h1>Вход в систему</h1><br>
-<form method="post" action="">
+<form method="post" action="/test1_war/admin">
     <input type="text" required placeholder="login" name="authLogin"><br>
     <input type="password" required placeholder="password" name="authPass"><br><br>
     <input class="button" type="submit" value="Войти">
diff --git a/src/main/webapp/WEB-INF/view/main.jsp b/src/main/webapp/WEB-INF/view/main.jsp
@@ -12,11 +12,11 @@
             <li> Пароль: <c:out value="${user.password}"/></li>
             <li> Возраст: <c:out value="${user.age}"/></li>
             <li> Права: <c:out value="${user.role}"/></li>
-            <form method="post" action="<c:url value="/delete"/>">
+            <form method="post" action="<c:url value="/admin/delete"/>">
                 <input type="number" hidden name="id" value="${user.id}"/>
                 <input type="submit" name="delete" value="Удалить"/>
             </form>
-            <form method="get" action="<c:url value="/update"/>">
+            <form method="get" action="<c:url value="/admin/update"/>">
                 <input type="number" hidden name="id" value="${user.id}"/>
                 <input type="submit" name="update" value="Редактировать"/>
             </form>
diff --git a/src/main/webapp/WEB-INF/view/update.jsp b/src/main/webapp/WEB-INF/view/update.jsp
@@ -10,7 +10,7 @@
     Текущий Возраст: <c:out value="${requestScope.user.age}"/><br/>
     <br/>
 <p>Обязательно нужно редактировать все поля</p><br/>
-    <form method="post" action="<c:url value='/update'/>">
+    <form method="post" action="<c:url value='/admin/update'/>">
         <label>Новое имя: <input type="text" name="name2" placeholder="<c:out value="${requestScope.user.name}"/>" /></label><br>
         <label>Новый пароль: <input type="password" name="password2" placeholder="<c:out value="${requestScope.user.password}"/>" /></label><br>
         <label>Новый возраст: <input type="number" name="age2" placeholder="<c:out value="${requestScope.user.age}"/>" /></label><br>
diff --git a/src/main/webapp/WEB-INF/web.xml b/src/main/webapp/WEB-INF/web.xml
