| 1 | package control.utente; | |
| 2 | ||
| 3 | import model.utente.UtenteBean; | |
| 4 | import model.utente.UtenteDAO; | |
| 5 | import javax.servlet.ServletException; | |
| 6 | import javax.servlet.annotation.WebServlet; | |
| 7 | import javax.servlet.http.HttpServlet; | |
| 8 | import javax.servlet.http.HttpServletRequest; | |
| 9 | import javax.servlet.http.HttpServletResponse; | |
| 10 | ||
| 11 | import org.mindrot.jbcrypt.BCrypt; | |
| 12 | ||
| 13 | import java.io.IOException; | |
| 14 | import java.sql.SQLException; | |
| 15 | ||
| 16 | @WebServlet("/Login") | |
| 17 | public class Login extends HttpServlet { | |
| 18 | public static final int ADMIN = 0; | |
| 19 | public static final int REGISTRATO = 1; | |
| 20 | ||
| 21 | @Override | |
| 22 | protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException { | |
| 23 | String username = req.getParameter("username"); | |
| 24 | String password = req.getParameter("password"); | |
| 25 | ||
| 26 | try { | |
| 27 | String redirectedPage; | |
| 28 | int tipoUtente = checkUser(username, password); | |
| 29 | UtenteDAO utenteDAO = new UtenteDAO(); | |
| 30 | UtenteBean utenteBean = utenteDAO.doRetrieveByKey(username); | |
| 31 | ||
| 32 |
1
1. doPost : removed call to javax/servlet/http/HttpSession::setAttribute → KILLED |
req.getSession().setAttribute("utente", utenteBean); |
| 33 | ||
| 34 | switch (tipoUtente) { | |
| 35 | case ADMIN: | |
| 36 |
1
1. doPost : removed call to javax/servlet/http/HttpSession::setAttribute → KILLED |
req.getSession().setAttribute("tipoUtente", ADMIN); |
| 37 | redirectedPage = "index.jsp"; | |
| 38 | break; | |
| 39 | case REGISTRATO: | |
| 40 |
1
1. doPost : removed call to javax/servlet/http/HttpSession::setAttribute → KILLED |
req.getSession().setAttribute("tipoUtente", REGISTRATO); |
| 41 | redirectedPage = "index.jsp"; | |
| 42 | break; | |
| 43 | default: | |
| 44 | redirectedPage = "pages/login.jsp"; | |
| 45 | } | |
| 46 | ||
| 47 |
1
1. doPost : removed call to javax/servlet/http/HttpServletResponse::sendRedirect → KILLED |
resp.sendRedirect(redirectedPage); |
| 48 | } catch (SQLException e) { | |
| 49 |
1
1. doPost : removed call to javax/servlet/RequestDispatcher::forward → KILLED |
req.getRequestDispatcher("/pages/errorpage.jsp").forward(req, resp); |
| 50 | } | |
| 51 | } | |
| 52 | ||
| 53 | private int checkUser(String username, String password) throws SQLException { | |
| 54 | UtenteDAO utenteDAO = new UtenteDAO(); | |
| 55 | UtenteBean utenteBean = utenteDAO.doRetrieveByKey(username); | |
| 56 | ||
| 57 |
1
1. checkUser : negated conditional → KILLED |
if (utenteBean == null) |
| 58 |
1
1. checkUser : replaced int return with 0 for control/utente/Login::checkUser → KILLED |
return -1; |
| 59 | ||
| 60 | boolean valid = BCrypt.checkpw(password, utenteBean.getPwd()); | |
| 61 |
1
1. checkUser : negated conditional → KILLED |
if (!valid) |
| 62 |
1
1. checkUser : replaced int return with 0 for control/utente/Login::checkUser → KILLED |
return -1; |
| 63 | ||
| 64 |
1
1. checkUser : negated conditional → KILLED |
if ("admin".equals(utenteBean.getTipo())) |
| 65 | return ADMIN; | |
| 66 | else | |
| 67 |
1
1. checkUser : replaced int return with 0 for control/utente/Login::checkUser → KILLED |
return REGISTRATO; |
| 68 | } | |
| 69 | } | |
Mutations | ||
| 32 |
1.1 |
|
| 36 |
1.1 |
|
| 40 |
1.1 |
|
| 47 |
1.1 |
|
| 49 |
1.1 |
|
| 57 |
1.1 |
|
| 58 |
1.1 |
|
| 61 |
1.1 |
|
| 62 |
1.1 |
|
| 64 |
1.1 |
|
| 67 |
1.1 |