/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */

package com.anoigma.actionbean;


import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import net.sourceforge.stripes.util.StringUtil;

import java.io.IOException;
import java.util.HashSet;
import java.util.Set;

/**
 * A simplistic security filter for Anoigma that ensures that the user is logged in
 * before allowing access to any secured pages.
 *
 * @author Tim Fennell
 */
public class SecurityFilter implements Filter {
     
    private static Set<String> publicUrls = new HashSet<String>();

    static {
        publicUrls.add("/Anoigma/login_1.jsp");
      //  publicUrls.add("/bugzooky/Register.jsp");
        //publicUrls.add("/bugzooky/Exit.jsp");
       // publicUrls.add("/com/anoigma/actionbean/Login.action");
       // publicUrls.add("/com/anoigma/actionbean/Register.action");
        //publicUrls.add("/examples/bugzooky/ViewResource.action");
    }

    /** Does nothing. */
    public void init(FilterConfig filterConfig) throws ServletException { System.out.println("Inside doFilter");}

    public void doFilter(ServletRequest servletRequest,
                         ServletResponse servletResponse,
                         FilterChain filterChain) throws IOException, ServletException {
          System.out.println("Inside doFilter");
        HttpServletRequest request = (HttpServletRequest) servletRequest;
        HttpServletResponse response = (HttpServletResponse) servletResponse;
        System.out.println("Inside doFilter");
        if (request.getSession().getAttribute("user") != null) {
            System.out.println("request.getSession().getAttribute(user)"+request.getSession().getAttribute("user"));
            filterChain.doFilter(request, response);
        }
        else if ( isPublicResource(request) ) {
            filterChain.doFilter(request, response);
        }
        else {
            // Redirect the user to the login page, noting where they were coming from
            String targetUrl = StringUtil.urlEncode(request.getServletPath());
           System.out.println("targetURL is"+targetUrl);
            response.sendRedirect(request.getContextPath() + "/Anoigma/login_1.jsp?targetUrl=" + targetUrl);
        }
    }

    /**
     * Method that checks the request to see if it is for a publicly accessible resource
     */
    protected boolean isPublicResource(HttpServletRequest request) {
        String resource = request.getServletPath();
        System.out.println("request.getServletPath()"+request.getServletPath());
        return publicUrls.contains(request.getServletPath())
                || (!resource.endsWith(".jsp") && !resource.endsWith(".action"));
    }

    /** Does nothing. */
    public void destroy() { }
}