-3

After Registration, I want to verify the information of the user, After verifying the information by admin - He will be able to log in. How can I do it by JavaFX?

In my code if anyone registers he can login by this time but I want to verify his/her information, if his all information is correct then he will be able to log in for the next activity, otherwise i want to reject his registration.

Here is my database connection snippet:

public static void signUpUser(ActionEvent event, String username, String email, String password) {
    Connection connection = null;
    PreparedStatement psInsert = null;
    PreparedStatement psCheckUserExists = null;
    ResultSet resultSet = null;

    try {
        connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/DTABASE_TABLE", "root", "");
        psCheckUserExists = connection.prepareStatement("SELECT * FROM user_info WHERE email = ?");
        psCheckUserExists.setString(1, email);
        resultSet = psCheckUserExists.executeQuery();

        if (resultSet.isBeforeFirst()) {
            System.out.println("Email Already Exits");
            Alert alert = new Alert(Alert.AlertType.ERROR);
            alert.setContentText("You can not use this email");
            alert.show();
        } else {
            psInsert = connection.prepareStatement("INSERT INTO user_info (username, email, password) VALUES (?, ?, ?)");
            psInsert.setString(1, username);
            psInsert.setString(2, email);
            psInsert.setString(3, password);
            psInsert.executeUpdate();

            changeScene(event, "homePage.fxml", "Welcome ", username);
        }
    }
}

public static void logInUser(ActionEvent event, String email, String password) {
    Connection connection = null;
    PreparedStatement preparedStatement = null;
    ResultSet resultSet = null;

    try {
        connection = DriverManager.getConnection("jdbc:mysql://localhost:3306/DATABASE_TABLE", "root", "");
        preparedStatement = connection.prepareStatement("SELECT password FROM user_info WHERE email = ?");
        preparedStatement.setString(1, email);
        resultSet = preparedStatement.executeQuery();

        if (!resultSet.isBeforeFirst()) {
            System.out.println("User Not Found in the Database");
            Alert alert = new Alert(Alert.AlertType.ERROR);
            alert.setContentText("Provide credential are incorrect");
            alert.show();
        } else {
            while (resultSet.next()) {
                String retrievedPassword = resultSet.getString("password");
                //String retrievedChannel = resultSet.getString("username");
                if (retrievedPassword.equals(password)) {
                    changeScene(event, "homePage.fxml", "welcome ", email);
                } else {
                    System.out.println("Password did not match");
                    Alert alert = new Alert(Alert.AlertType.ERROR);
                    alert.setContentText("The provide credentials are incorrect");
                    alert.show();
                }
            }
        }
    }
}
jewelsea
  • 150,031
  • 14
  • 366
  • 406
Shohanur Nishad
  • 1
  • 3
    I have no idea why you are passing those events around so much, but what is actually wrong with the code you posted? – James_D Mar 21 '22 at 20:35
  • Not related to your immediate problem: You should store and match passwords as [salted hashes](https://www.baeldung.com/java-password-hashing), rather than storing and matching the raw password. – jewelsea Mar 21 '22 at 20:50
  • Not related to your immediate problem: I'd also recommend separating the database code from the UI code, so the java classes which have database access functions like connections and SQL statements have no JavaFX class imports and vice-versa for UI classes with JavaFX imports. For instance, see the [patterns in this eden coding JavaFX jdbc database access tutorial](https://edencoding.com/connect-javafx-with-sqlite/). – jewelsea Mar 21 '22 at 20:50
  • Beware: Support for the `isBeforeFirst` method is optional for ResultSets with a result set type of TYPE_FORWARD_ONLY (quoted from the Javadoc). – Basil Bourque Mar 21 '22 at 21:04

1 Answers1

2

Two phases to sign-up

It sounds like you want to separate registration of a new user into two phases:

  • Initial sign-up/registration, essentially a request to be added as a user.
  • Verification by a human administrator allowing access, essentially granting (or denying) the request to be added as a user.

Record registration status

If that describes your core issue, you need to add another column to your users table. You need a reg_status_ column, non-null, where you track whether the user has initially applied, been granted access, been rejected in their request, or has been retired meaning no longer want or need to be a user. You could make this column a text type to get started. But in a serious deployment, I would make a custom type in the database so that only valid values could be inserted.

When the user first registers as a new user, you assign a default value indication initial application. Later when the administrator verifies the account, that administrator person alters the registration-status column to indicate approval or rejection. Later on, when the user quits, dies, or otherwise becomes ineligible, you change the registration-status to indicate the account is retired.

If the user attempts to login before the administrator has done their registration approval/rejection work, your code notices the registration-status still indicates initial registration still awaiting verification. Your user-interface should let the user know of that status, estimate how long to wait until access will be granted, and explain how to contact support staff if they suspect a problem has arisen.

None of this has anything to do with JavaFX in particular. Your user-interface needs to accommodate each of these registration-status states. JavaFX makes it easy for you to either morph a view or replace the view displayed to the user.

As you have seen on countless apps and web sites in your own experience, you know that a login screen should offer two paths, either (a) registration as a new user, or (b) an attempt at authentication. The result of the first is a form indicating their success at submitting a registration application. The result of the second is to display the usual starting point for using the content of your app.

Before coding, you should have all the views, and all the possible user-experience paths through those views, mapped out as a flowchart and/or storyboard.

By the way, your code has several other issues and problems. Some of these are noted in Comments on the Question. The most serious problem is directly writing a password — that should never be done.

Basil Bourque
  • 303,325
  • 100
  • 852
  • 1,154