open-autonomous-connection/Web2OAC
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
This repository has been archived on 2026-02-10. You can view files and clone it. You cannot open issues or pull requests or push a commit.
Files
348476cf0ada91341476b9afc5993033b39c6f21
Web2OAC/src/main/java/org/openautonomousconnection/oac2web/frontend/login.java
Finn 348476cf0a Updated to new WebServer-Version
2026-01-19 17:02:46 +01:00

83 lines
3.3 KiB
Java
Raw Blame History

package org.openautonomousconnection.oac2web.frontend;
import org.openautonomousconnection.oac2web.utils.*;
import org.openautonomousconnection.protocol.packets.v1_0_0.beta.web.WebResponsePacket;
import org.openautonomousconnection.protocol.side.web.ProtocolWebServer;
import org.openautonomousconnection.protocol.side.web.managers.SessionManager;
import org.openautonomousconnection.protocol.versions.v1_0_0.beta.WebRequestMethod;
import org.openautonomousconnection.webserver.api.Route;
import org.openautonomousconnection.webserver.api.WebPage;
import org.openautonomousconnection.webserver.api.WebPageContext;
import org.openautonomousconnection.webserver.utils.Html;
import org.openautonomousconnection.webserver.utils.RequestParams;
import java.util.HashMap;
import java.util.Map;
/**
* Login page.
*
* POST headers expected:
* - username
* - password
*
* Creates a session with SessionManager.
*/
@Route(path = "ins/login")
public final class login implements WebPage {
@Override
public WebResponsePacket handle(WebPageContext ctx) throws Exception {
if (ctx.request.getMethod() != WebRequestMethod.POST) {
return renderForm(null);
}
RequestParams p = new RequestParams(ctx.request);
String username = p.get("username");
String password = p.get("password");
if (username == null || username.isBlank() || password == null || password.isBlank()) {
return renderForm("Missing username/password (send via headers).");
}
Oac2WebApp app = Oac2WebApp.get();
String usernameHash = Sha256.hex(username.trim());
RegistrarDao.UserRow u = app.dao().findUserByUsernameHash(usernameHash).orElse(null);
if (u == null) return renderForm("Invalid credentials.");
boolean ok = app.passwordHasher().verify(password, u.passwordEncoded());
if (!ok) return renderForm("Invalid credentials.");
String ip = (ctx.client.getConnection().getSocket() != null && ctx.client.getConnection().getSocket().getInetAddress() != null)
? ctx.client.getConnection().getSocket().getInetAddress().getHostAddress()
: "";
String ua = ctx.request.getHeaders() != null ? ctx.request.getHeaders().getOrDefault("user-agent", "") : "";
String session = SessionManager.create(String.valueOf(u.id()), ip, ua, (ProtocolWebServer) ctx.client.getServer());
Map<String, String> headers = new HashMap<>();
headers.put("session", session);
headers.put("location", "/dashboard");
return new WebResponsePacket(302, "text/plain", headers, new byte[0]);
}
private WebResponsePacket renderForm(String err) {
String body = """
<div class="card">
<h2>Login</h2>
%s
<p class="muted">Send a POST request with headers <code>username</code> and <code>password</code>.</p>
<div class="row">
<div class="col"><a href="/register">Register</a></div>
<div class="col"><a href="/">Home</a></div>
</div>
</div>
""".formatted(err == null ? "" : "<p class='err'>" + Html.esc(err) + "</p>");
String html = Html.page("Login", body);
return new WebResponsePacket(200, "text/html", new HashMap<>(), Html.utf8(html));
}
}
Reference in New Issue View Git Blame Copy Permalink