Merge remote-tracking branch 'origin/SPM-25'

src/main/java/de/hsel/spm/baudas/analysis/ShoppingTimes.java

@@ -27,7 +27,7 @@ public class ShoppingTimes implements Analysis<Map<DayHour, Integer>> {
     /**
      * get customer count at specific times.
      *
-     * @return Map of Day-Hour Combinations and the corresponding customer count
+     * @return Map of Day-Hour Combinations and the corresponding user count
      */
     @Override
     public Map<DayHour, Integer> getResult() {

src/main/java/de/hsel/spm/baudas/web/AuthenticationFilter.java

@@ -0,0 +1,59 @@
+package de.hsel.spm.baudas.web;
+
+import javax.servlet.*;
+import javax.servlet.annotation.WebFilter;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+
+/**
+ * Filter implementation class AuthenticationFilter.
+ *
+ * @author Edgar Schkrob
+ */
+
+@WebFilter(urlPatterns = {"/*"})
+public class AuthenticationFilter implements Filter{
+    private ServletContext context;
+
+    /**
+     * Called by the web container to indicate to a filter that it is being placed into service. This filter manages the authentication.
+     * @param fConfig This parameter provides access to everything the code needs to work.
+     * @throws ServletException Defines a general exception a servlet can throw when it encounters difficulty.
+     */
+
+    public void init(FilterConfig fConfig) throws ServletException {
+        this.context = fConfig.getServletContext();
+        this.context.log("AuthenticationFilter initialized");
+    }
+
+    /**
+     * The doFilter method of the Filter is called by the container each time a request/response pair is passed through the chain due to a client request for a resource at the end of the chain.
+     * @param request This parameter provides access to everything the code needs to work.
+     * @param response This parameter provides access to everything the code needs to issue a response.
+     * @param chain This parameter allows passing request along the chain of potential handlers until one of them handles the request.
+     * @throws ServletException Defines a general exception a servlet can throw when it encounters difficulty.
+     * @throws IOException Signals that an I/O exception of some sort has occurred. This class is the general class of exceptions produced by failed or interrupted I/O operations.
+     */
+
+    public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
+        HttpServletRequest req = (HttpServletRequest) request;
+        HttpServletResponse res = (HttpServletResponse) response;
+        HttpSession session = req.getSession(false);
+        String url = req.getRequestURI();
+        if(url.contains("login") || url.contains("logo") || url.contains("js/")){
+            chain.doFilter(request, response);
+        } else if (session == null || !((boolean) session.getAttribute("authentication"))) {   //checking whether the session exists and if authentication succeed
+            this.context.log("Unauthorized access request");
+            res.sendRedirect(req.getContextPath() + "/login.html");
+        } else {
+            chain.doFilter(request, response);
+
+        }
+    }
+
+    public void destroy() {
+        //close any resources here
+    }
+}

src/main/java/de/hsel/spm/baudas/web/LoginServlet.java

@@ -0,0 +1,46 @@
+package de.hsel.spm.baudas.web;
+
+import javax.servlet.RequestDispatcher;
+import javax.servlet.ServletException;
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+import java.io.IOException;
+import java.io.PrintWriter;
+
+/**
+ * Servlet implementation class LoginServlet.
+ *
+ * @author Edgar Schkrob
+ */
+
+@WebServlet("/login")
+public class LoginServlet extends HttpServlet {
+
+    private final String password = "SPM2019SS";
+
+    /**
+     * This is a Servlet that manages the Login and creates Sessions.
+     * @param request This parameter provides access to everything the code needs to work.
+     * @param response This parameter provides access to everything the code needs to issue a response.
+     * @throws ServletException Defines a general exception a servlet can throw when it encounters difficulty.
+     * @throws IOException Signals that an I/O exception of some sort has occurred. This class is the general class of exceptions produced by failed or interrupted I/O operations.
+     */
+
+    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
+        String password = request.getParameter("password");
+        if (this.password.equals(password)) {
+            HttpSession newSession = request.getSession(true);
+            newSession.setAttribute("authentication", true);
+            newSession.setMaxInactiveInterval(5*60*60); //setting session to expiry in 5 hours
+            response.sendRedirect("index.jsp");
+        } else {
+            RequestDispatcher rd = getServletContext().getRequestDispatcher("/login.html");
+            PrintWriter out = response.getWriter();
+            out.println("<font color=red>Das eingegebene Passwort ist falsch.</font>");
+            rd.include(request, response);
+        }
+    }
+}

src/main/java/de/hsel/spm/baudas/web/LogoutServlet.java

@@ -0,0 +1,34 @@
+package de.hsel.spm.baudas.web;
+
+import java.io.IOException;
+
+import javax.servlet.annotation.WebServlet;
+import javax.servlet.http.HttpServlet;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
+
+/**
+ * Servlet implementation class LogoutServlet.
+ *
+ * @author Edgar Schkrob
+ */
+
+@WebServlet("/logout")
+public class LogoutServlet extends HttpServlet {
+
+    /**
+     * This is a Servlet that manages the Logout and deletes Sessions.
+     * @param request This parameter provides access to everything the code needs to work.
+     * @param response This parameter provides access to everything the code needs to issue a response.
+     * @throws IOException Signals that an I/O exception of some sort has occurred. This class is the general class of exceptions produced by failed or interrupted I/O operations.
+     */
+
+    protected void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
+        HttpSession session = request.getSession(false);
+        if(session != null){
+            session.invalidate();
+        }
+        response.sendRedirect(request.getContextPath() + "/");
+    }
+}

src/main/webapp/login.html

@@ -18,20 +18,23 @@
                 <div class="card white col s6 push-s3">
                     <div class="card-content">
                         <div class="center">
-                            <img style="width: 50%" src="../logoOrginal.gif">
+                            <img style="width: 50%" src="logoOrginal.gif">
                         </div>
                         <div class="divider"></div>
                         <div class="row">
                             <div class="col s8 push-s2">
-                                <input id="password" type="password" class="validate" placeholder="Passwort">
-                                <a class="waves-effect waves-light btn blue-grey lighten-2"><i class="material-icons left">lock_open</i>Login</a>
-                            </div>
-                        </div>
-                    </div>
-                </div>
-            </div>
-        </div>
 
+                                <form action="login" method="post">
+                                    <input id="password" type="password" class="validate" placeholder="Passwort" name="password">
+                                    <input class="white-text btn blue-grey lighten-2" type="submit" value="Login">
+                                </form>
+                            </div>
+                        </div>
+                    </div>
+                </div>
+            </div>
+        </div>
+        <!--<a class="waves-effect waves-light btn blue-grey lighten-2"><i class="material-icons left">lock_open</i>Login</a>-->
         <!--Anfang Skriptbereich-->
 
         <!--Script für Materlialize-->

src/main/webapp/preview/index.html

@@ -29,11 +29,11 @@
                 <div class="nav-wrapper col 2 right">
                     <ul class="right hide-on-med-and-down">
                         <li><a data-target="slide-out" class="sidenav-trigger show-on-large"><i class="material-icons left">menu</i>Menü</a></li><!--Sidenav-->
-                        <li><a href="login.html"><i class="material-icons left">person_outline</i>Logout</a></li><!--Logout-->
+                        <li><a href="../login.html"><i class="material-icons left">person_outline</i>Logout</a></li><!--Logout-->
                     </ul>
                     <ul class="right">
                         <li><a href="#" data-target="slide-out" class="sidenav-trigger"><i class="material-icons">menu</i></a></li><!--Sidenav-->
-                        <li><a href="login.html" class="sidenav-trigger"><i class="material-icons">person_outline</i></a></li><!--Logout-->
+                        <li><a href="../login.html" class="sidenav-trigger"><i class="material-icons">person_outline</i></a></li><!--Logout-->
                     </ul>
                 </div>
             </nav>

src/main/webapp/preview/registration.html

@@ -37,7 +37,7 @@
                 </div>
                 <div class="card-action right">
                     <a href="#">Bestätigen</a>
-                    <a href="login.html">Zurück</a>
+                    <a href="../login.html">Zurück</a>
                 </div>
             </div>
         </div>