package com.mandi.servlet;

import java.io.IOException;
import java.util.UUID;

import javax.servlet.Filter;
import javax.servlet.FilterChain;
import javax.servlet.FilterConfig;
import javax.servlet.ServletException;
import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

import org.apache.log4j.Logger;
@WebFilter(filterName="tokenfilter",urlPatterns={"*.jsf","*.htm"})
public class Tokenfilter implements Filter {
	private Logger log=Logger.getLogger(Tokenfilter.class);
	String token_s_name;
	String token_c_name;
	@Override
	public void destroy() {
		
	}

	@Override
	public void doFilter(ServletRequest arg0, ServletResponse arg1,
			FilterChain arg2) throws IOException, ServletException {
		HttpServletRequest r=(HttpServletRequest)arg0;
		HttpSession s=r.getSession();
		Object token_s=s.getAttribute(token_s_name);
//		log.info("token_s:"+token_s);
		if(token_s==null)
		{
			s.setAttribute(token_s_name, UUID.randomUUID().toString());
			arg2.doFilter(arg0, arg1);
			return;
		}
		String token_c=r.getParameter(token_c_name);
		if(token_c==null)
		{
			arg2.doFilter(arg0, arg1);
			return;
		}
		s.setAttribute(token_s_name, UUID.randomUUID().toString());
		if(token_c.equals(token_s))
		{
			arg2.doFilter(arg0, arg1);
			return;
		}
	}

	@Override
	public void init(FilterConfig arg0) throws ServletException {
		token_s_name="stoken";
		token_c_name="ctoken";
	}

}