Softwareprojektmanagement/src/main/java/de/hsel/spm/baudas/web/LoginServlet.java

package de.hsel.spm.baudas.web;

import org.jetbrains.annotations.NotNull;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.io.PrintWriter;
import java.nio.charset.StandardCharsets;
import java.nio.file.Files;
import java.nio.file.Paths;
import java.util.ArrayList;
import java.util.List;
import java.util.stream.Stream;

/**
 * authenticates users.
 *
 * @author Edgar Schkrob
 * @version 0.1
 * @since 1.0
 */

@WebServlet("/login")
public class LoginServlet extends HttpServlet {

    /**
     * reads from HTTP POST parameter 'password' and compares it.
     *
     * @param request  request object
     * @param response response object
     * @throws IOException failed to initialize print writer
     */
    @Override
    protected void doPost(@NotNull HttpServletRequest request, @NotNull HttpServletResponse response) throws ServletException, IOException {
        List<String> list = new ArrayList<>();
        try (Stream<String> lines = Files.lines(Paths.get("password.txt"), StandardCharsets.UTF_8)) {
            lines.forEach(list::add);
        }
        String pw = list.get(0);

        String password = request.getParameter("password");
        if (pw.equals(password)) {
            HttpSession newSession = request.getSession(true);
            newSession.setAttribute("authentication", true);
            newSession.setMaxInactiveInterval(5 * 60 * 60); //setting session to expire in 5 hours
            response.sendRedirect("index.jsp");
        } else {
            RequestDispatcher rd = getServletContext().getRequestDispatcher("/login.jsp");
            PrintWriter out = response.getWriter();
            rd.include(request, response);
            out.print("<script>$('#wrong_password').removeClass('hide')</script>");
        }
    }
}