package de.cismet.web.timetracker.servlets;

import com.google.gwt.user.server.rpc.impl.SerializedInstanceReference;
import com.mchange.v2.sql.SqlUtils;
import de.cismet.web.timetracker.Database;
import de.cismet.web.timetracker.TimeTrackerFunctions;
import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.sql.ResultSet;
import java.sql.SQLException;
import javax.servlet.ServletConfig;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/* loaded from: input_file:WEB-INF/lib/time-tracker-1.0-20170427.155454-3.jar:de/cismet/web/timetracker/servlets/CheckPwd.class */
public class CheckPwd extends HttpServlet {
    ServletContext application;

    @Override // javax.servlet.http.HttpServlet
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        processRequest(httpServletRequest, httpServletResponse);
    }

    @Override // javax.servlet.http.HttpServlet
    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        processRequest(httpServletRequest, httpServletResponse);
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public String getServletInfo() {
        return "Short description";
    }

    @Override // javax.servlet.GenericServlet, javax.servlet.Servlet
    public void init(ServletConfig servletConfig) throws ServletException {
        super.init(servletConfig);
        this.application = servletConfig.getServletContext();
    }

    protected void processRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String str = (String) httpServletRequest.getSession().getAttribute("lastPage");
        Database database = new Database(this.application.getRealPath(SerializedInstanceReference.SERIALIZED_REFERENCE_SEPARATOR).replace('\\', '/'));
        if (!database.isConnectionOk()) {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL("Login.jsp?errorMsg=Fehler beim Verbinden mit der Datenbank."));
            return;
        }
        try {
            ResultSet execute = database.execute("SELECT admin, name, id, company FROM tt_user WHERE pass = '" + TimeTrackerFunctions.calcSHA1(httpServletRequest.getParameter(SqlUtils.DRIVER_MANAGER_PASSWORD_PROPERTY)) + "' AND (name = '" + httpServletRequest.getParameter("username") + "' OR buddyname = '" + httpServletRequest.getParameter("username") + "')");
            if (execute == null || !execute.next()) {
                httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL("Login.jsp?errorMsg=Ungültiges Benutzernamen/Passwort-Paar"));
            } else {
                httpServletRequest.getSession().setMaxInactiveInterval(1728000);
                Cookie cookie = new Cookie("JSESSIONID", httpServletRequest.getSession().getId());
                cookie.setMaxAge(1728000);
                cookie.setPath(httpServletRequest.getContextPath());
                httpServletResponse.addCookie(cookie);
                httpServletRequest.getSession().setAttribute("username", execute.getString("name"));
                httpServletRequest.getSession().setAttribute("role", execute.getBoolean("admin") ? "admin" : SqlUtils.DRIVER_MANAGER_USER_PROPERTY);
                httpServletRequest.getSession().setAttribute("id", execute.getString("id"));
                httpServletRequest.getSession().setAttribute("company", execute.getString("company"));
                if (str == null) {
                    str = "Stammdaten.jsp";
                }
                httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL(str + "?u_id=" + execute.getString(3)));
                execute.close();
            }
        } catch (NoSuchAlgorithmException e) {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL("Login.jsp?errorMsg=" + e.getMessage()));
        } catch (SQLException e2) {
            httpServletResponse.sendRedirect(httpServletResponse.encodeRedirectURL("Login.jsp?errorMsg=" + e2.getMessage()));
        }
        database.close();
    }
}
