<%@page errorPage="oops.jsp" import="java.util.*,jabadot.*" %>
<%
User user = (User)session.getAttribute("jabadot.login");
if (user != null) {
session.setAttribute("jabadot.message",
"You're already logged on!
"+
"(as user " + user.getName() + "). Please" +
"" +
"logout if you wish to log in as a different user.");
response.sendRedirect("/jabadot/");
}
String nick = request.getParameter("nick");
String pass = request.getParameter("pass");
if (nick == null || nick.length() == 0 ||
pass == null || pass.length() == 0) {
%>
Missing name/password!
Missing name/password!
Please enter both a name and a password in the form.
<% return;
}
User u = UserDB.getInstance().getUser(nick);
if (u == null || !u.checkPassword(pass)) {
%>
Invalid name/password
Invalid name/password
We could not find that name and password combination.
Please try again if you have an account, else go
create one.
If you have hit yourself with a stick 42 times and still
cannot remember your password, try this magic.
<% return;
}
// Hallelujeah! WE FINALLY GOT THIS ONE LOGGED IN.
session.setAttribute("jabadot.login", u); // login flag
//session.setAttribute("jabadot.ads", new AdServlet());
session.setAttribute("jabadot.message",
"
Welcome back, " + u.getFullName() + "
");
// Maintain list of who is logged in.
TreeMap list = (TreeMap)application.getAttribute("jabadot.wtmp");
if (list == null) {
list = new TreeMap();
application.setAttribute("jabadot.wtmp", list);
}
list.put(u.getName(), u);
session.setAttribute("jabadot.timer",
new WhosonCleaner(list, u.getName()));
// For non-admin logins, provide a 3-hour timeout
if (!u.isAdminPrivileged()) {
session.setMaxInactiveInterval(3600*3);
}
// Send Redirect back to top, so user sees just this in URL textfield.
response.sendRedirect("/jabadot/");
%>
<%!
/** Inner class to ensure that users
* get removed from the list of users
* when they logout or get timed out.
*/
public class WhosonCleaner implements HttpSessionBindingListener {
/** The name to remove when we get un-bound from session */
String key;
/** The Collection to remove it from */
TreeMap map;
/* Construct a WhosonCleaner for a given user */
public WhosonCleaner(TreeMap map, String key) {
this.map = map;
this.key = key;
}
/** Unused, required by interface */
public void valueBound(HttpSessionBindingEvent event) {
// nothing to do
}
/** Called when the object is being unbound from the session */
public void valueUnbound(HttpSessionBindingEvent event) {
map.remove(key);
}
}
%>