Skip to content

Password encryption #2

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Kevin-Menezes wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Password encryption #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
255edac
kevin/fixed hardcoded admin login
Kevin-Menezes Aug 8, 2022
5dcc9db
kevin/password encryption in db
Kevin-Menezes Aug 8, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
17 changes: 13 additions & 4 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,14 @@
<version>1.4.7</version>
<type>jar</type>
</dependency>

<dependency>
<groupId>javax.servlet</groupId>
<artifactId>javax.servlet-api</artifactId>
<version>4.0.1</version>
<type>jar</type>
</dependency>

<dependency>
<groupId>javax</groupId>
<artifactId>javaee-web-api</artifactId>
Expand All @@ -32,14 +40,15 @@
<dependency>
<groupId>mysql</groupId>
<artifactId>mysql-connector-java</artifactId>
<version>5.1.40</version>
<version>5.1.38</version>
<type>jar</type>
</dependency>

<!-- https://mvnrepository.com/artifact/com.google.code.gson/gson -->
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
<version>2.8.6</version>
<type>jar</type>
</dependency>

<dependency>
Expand All @@ -60,14 +69,14 @@
<version>1.1.1</version>
</dependency>-->

<!-- https://mvnrepository.com/artifact/com.sun.mail/javax.mail -->

<dependency>
<groupId>com.sun.mail</groupId>
<artifactId>javax.mail</artifactId>
<version>1.6.2</version>
</dependency>

<!-- https://mvnrepository.com/artifact/javax.mail/javax.mail-api
<!--
<dependency>
<groupId>javax.mail</groupId>
<artifactId>javax.mail-api</artifactId>
Expand Down
4 changes: 4 additions & 0 deletions src/main/java/com/notesacademy/DAO/UserDAO.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,8 +18,12 @@ public interface UserDAO

public int getUsersCount(); // Total number of users

public int getAdminsCount(); // Total number of users

List<UserDetails> getUsers(); // Gets the details of all the users

List<UserDetails> getAdmins(); // Gets the details of all the admins

public UserDetails getUserById(int id); // Gets a particular users details from userid

public boolean updateEditUser(UserDetails us); // Updates user details based on user id
Expand Down
84 changes: 76 additions & 8 deletions src/main/java/com/notesacademy/DAO/UserDAOImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,15 @@ public boolean userSignup(UserDetails us)
boolean f = false;

try{
String sql = "insert into user(userName,userPassword,userEmail,userProfession,userCollege) values(?,?,?,?,?)"; // INSERTING INTO THE DATABASE
String sql = "insert into user(userName,userPassword,userEmail,userProfession,userCollege,Role) values(?,aes_encrypt(?,'txt1234'),?,?,?,?)"; // INSERTING INTO THE DATABASE
PreparedStatement ps = con.prepareStatement(sql);

ps.setString(1, us.getUserName()); // TAKING VALUES FROM THE USER'S GETTER AND PUTTING IN THE DATABASE
ps.setString(2, us.getUserPassword());
ps.setString(3, us.getUserEmail());
ps.setString(4, us.getUserProfession());
ps.setString(5, us.getUserCollege());
ps.setString(6, us.getRole());

int rs = ps.executeUpdate();

Expand All @@ -54,9 +55,11 @@ public UserDetails userLogin(String email, String password)
{
UserDetails us = null;

// cast(aes_decrypt(userPassword,'txt1234') as char(100))

try
{
String sql = "select * from user where userEmail=? and userPassword=?"; // CHECKING IF THE USER HAS REGISTERED
String sql = "select userId, userName, aes_decrypt(userPassword,'txt1234'), userEmail, userProfession, userCollege, userLikeCount, userDownloadCount, userViewCount, userRank, Role from user where userEmail=? and userPassword=aes_encrypt(?,'txt1234')"; // CHECKING IF THE USER HAS REGISTERED
PreparedStatement ps = con.prepareStatement(sql);

ps.setString(1,email); // CHECKING IF THE DETAILS IN THE DATABASE MATCH WITH THE DATA THAT IS ENTERED IN THE LOGIN FORM
Expand All @@ -76,6 +79,7 @@ public UserDetails userLogin(String email, String password)
us.setUserDownloadCount(rs.getInt(8));
us.setUserViewCount(rs.getInt(9));
us.setUserRank(rs.getInt(10));
us.setRole(rs.getString(11));
}

}
Expand All @@ -96,7 +100,7 @@ public int getUsersCount()

try
{
String sql = "SELECT COUNT(userName) FROM user";
String sql = "SELECT COUNT(userName) FROM user WHERE Role='User'";
PreparedStatement ps = con.prepareStatement(sql);
ResultSet rs = ps.executeQuery();
rs.next();
Expand All @@ -112,6 +116,30 @@ public int getUsersCount()


}

// ------------------------------------------------ Count of Admins --------------------------------------

@Override
public int getAdminsCount()
{
int count = 0;

try
{
String sql = "SELECT COUNT(userName) FROM user WHERE Role='Admin'";
PreparedStatement ps = con.prepareStatement(sql);
ResultSet rs = ps.executeQuery();
rs.next();
count = rs.getInt(1);
}

catch (Exception e)
{
System.out.println("There is error in UserDAOImpl - getAdminsCount : "+e);
}

return count;
}

// --------------------------------------------------------- Gets the details of all the users -----------------------------------------------------------------

Expand All @@ -124,10 +152,10 @@ public List<UserDetails> getUsers()
try
{

String sql = "SELECT * FROM user";
PreparedStatement ps_getcategories = con.prepareStatement(sql);
String sql = "SELECT * FROM user WHERE Role='User'";
PreparedStatement ps_getusers = con.prepareStatement(sql);

ResultSet rs = ps_getcategories.executeQuery();
ResultSet rs = ps_getusers.executeQuery();

while (rs.next())
{
Expand All @@ -138,6 +166,7 @@ public List<UserDetails> getUsers()
us.setUserEmail(rs.getString(4));
us.setUserProfession(rs.getString(5));
us.setUserCollege(rs.getString(6));
us.setRole(rs.getString(11));
list.add(us);
}

Expand All @@ -151,6 +180,44 @@ public List<UserDetails> getUsers()

}

// --------------------------------------------------------- Gets the details of all the admins -----------------------------------------------------------------

@Override
public List<UserDetails> getAdmins()
{
List<UserDetails> list = new ArrayList<UserDetails>();
UserDetails us = null;

try
{
String sql = "SELECT * FROM user WHERE Role='Admin'";
PreparedStatement ps_getadmins = con.prepareStatement(sql);

ResultSet rs = ps_getadmins.executeQuery();

while (rs.next())
{
us = new UserDetails();
us.setUserId(rs.getInt(1));
us.setUserName(rs.getString(2));
us.setUserPassword(rs.getString(3));
us.setUserEmail(rs.getString(4));
us.setUserProfession(rs.getString(5));
us.setUserCollege(rs.getString(6));
us.setRole(rs.getString(11));
list.add(us);
}

}
catch (Exception e)
{
System.out.println("There is error in UserDAOImpl - getAdmins : "+e);
}

return list;

}

// ---------------------------------------------------- Gets a particular users details from userid ----------------------------------------------------

@Override
Expand All @@ -160,7 +227,7 @@ public UserDetails getUserById(int id)

try
{
String sql = "SELECT * FROM user WHERE userId = ? ";
String sql = "SELECT userId, userName, aes_decrypt(userPassword,'txt1234'), userEmail, userProfession, userCollege, userLikeCount, userDownloadCount, userViewCount, userRank, Role FROM user WHERE userId = ? ";
PreparedStatement ps = con.prepareStatement(sql);
ps.setInt(1, id);

Expand All @@ -178,6 +245,7 @@ public UserDetails getUserById(int id)
us.setUserDownloadCount(rs.getInt(8));
us.setUserViewCount(rs.getInt(9));
us.setUserRank(rs.getInt(10));
us.setRole(rs.getString(11));

}
}
Expand All @@ -199,7 +267,7 @@ public boolean updateEditUser(UserDetails us)

try
{
String sql = "UPDATE user SET userName = ? , userPassword = ? , userEmail = ? , userProfession = ? , userCollege = ? WHERE userId = ?";
String sql = "UPDATE user SET userName = ? , userPassword = aes_encrypt(?,'txt1234') , userEmail = ? , userProfession = ? , userCollege = ? WHERE userId = ?";
PreparedStatement ps = con.prepareStatement(sql);
ps.setString(1, us.getUserName());
ps.setString(2, us.getUserPassword());
Expand Down
22 changes: 14 additions & 8 deletions src/main/java/com/notesacademy/entities/UserDetails.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@ public class UserDetails
private int userDownloadCount;
private int userViewCount;
private int userRank;
private String Role;

// Getter Setter
public int getUserId() {
Expand Down Expand Up @@ -95,11 +96,15 @@ public int getUserRank() {
public void setUserRank(int userRank) {
this.userRank = userRank;
}






public String getRole() {
return Role;
}

public void setRole(String Role) {
this.Role = Role;
}

//Constructors
public UserDetails() {
}
Expand All @@ -115,7 +120,7 @@ public UserDetails(int userId, String userName, String userPassword, String user
}

// All
public UserDetails(int userId, String userName, String userPassword, String userEmail, String userProfession, String userCollege, int userLikeCount, int userDownloadCount, int userViewCount, int userRank) {
public UserDetails(int userId, String userName, String userPassword, String userEmail, String userProfession, String userCollege, int userLikeCount, int userDownloadCount, int userViewCount, int userRank,String Role) {
this.userId = userId;
this.userName = userName;
this.userPassword = userPassword;
Expand All @@ -126,6 +131,7 @@ public UserDetails(int userId, String userName, String userPassword, String user
this.userDownloadCount = userDownloadCount;
this.userViewCount = userViewCount;
this.userRank = userRank;
this.Role = Role;
}


Expand Down Expand Up @@ -173,7 +179,7 @@ public UserDetails(String userName, String userPassword, String userEmail, Strin
// To String
@Override
public String toString() {
return "UserDetails{" + "userId=" + userId + ", userName=" + userName + ", userPassword=" + userPassword + ", userEmail=" + userEmail + ", userProfession=" + userProfession + ", userCollege=" + userCollege + ", userLikeCount=" + userLikeCount + ", userDownloadCount=" + userDownloadCount + ", userViewCount=" + userViewCount + ", userRank=" + userRank + '}';
return "UserDetails{" + "userId=" + userId + ", userName=" + userName + ", userPassword=" + userPassword + ", userEmail=" + userEmail + ", userProfession=" + userProfession + ", userCollege=" + userCollege + ", userLikeCount=" + userLikeCount + ", userDownloadCount=" + userDownloadCount + ", userViewCount=" + userViewCount + ", userRank=" + userRank + ", Role=" + Role + '}';
}

}
80 changes: 80 additions & 0 deletions src/main/java/com/notesacademy/servlets/AddAdminServlet.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
package com.notesacademy.servlets;

import com.notesacademy.DAO.UserDAOImpl;
import com.notesacademy.DB.DBConnection;
import com.notesacademy.entities.Message;
import com.notesacademy.entities.UserDetails;
import java.io.IOException;
import java.io.PrintWriter;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;


public class AddAdminServlet extends HttpServlet {

@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp)
throws ServletException, IOException {

HttpSession session = req.getSession(); // SESSION

try
{
String name = req.getParameter("uname"); // THIS uname IS TAKE FROM THE FORM KA name ATTRIBUTE
String password = req.getParameter("upass");
String email = req.getParameter("uemail");
String profession = req.getParameter("uprof");
String college = req.getParameter("uclg");

// PUTTING THE USERS DETAILS IN THE SETTER IN User.java
UserDetails us = new UserDetails();
us.setUserName(name);
us.setUserPassword(password);
us.setUserEmail(email);
us.setUserProfession(profession);
us.setUserCollege(college);
us.setRole("Admin");


UserDAOImpl dao = new UserDAOImpl(DBConnection.getConnection()); // GETTING THE DB CONNECTION OBJECT FROM getConnection() FUNCTION AND THEN PUTTING IT IN THE UserDAOImpl constructor

boolean f = dao.userSignup(us); // WE CALL THE SIGNUP FUNCTION IN DAO CLASS

if(f) // IF IT IS TRUE
{
Message msg = new Message("New Admin Added!", "success", "alert-success");
session.setAttribute("message", msg);
resp.sendRedirect("display_admins.jsp");
}
else
{
Message msg = new Message("Error! Kindly retry with a different username or email!", "error", "alert-danger");
session.setAttribute("message", msg);
System.out.println("Error - Retry with different username");
resp.sendRedirect("display_admins.jsp");
}

}
catch(Exception e)
{
Message msg = new Message("Something Went Wrong! Kindly retry with a different username!", "error", "alert-danger");
session.setAttribute("message", msg);
System.out.println("Something Went Wrong");
resp.sendRedirect("display_admins.jsp");
e.printStackTrace();
}


}



}
Loading