This is a banking system and I have to create two user levels, Manager and Cashier. I have to provide username and password for manager and manager has to provide username and password for a cashier. I am not really sure how to code validation for cahsier login. This has to be coded in Java in Netbeans IDE (GUI)
My answer is more a series of questions and suggestions to get you to think about how to do it. Also, I cannot be very specific because you have provided very little detail in your question.
Question 1, after your manager enters the cashier details, where do you store them? In memory? In a file? In a database? Something else?
Question 2, when validating the cashier login, why would you not validate the cashier details against that database/file/memory store? The answer is you should validate your cashier logins against the place where they are stored.
Also for whatever it is worth, you should never hardcode a logon (eg the manager) into an application (not even for testing). Why?
Therefore, the way you validate the manager's credentials will be exactly the same as everybody else.
This will (should) have the advantage of a simpler program which will be easier to maintain.
And just in case, the way you tell the difference between the manager, the cashier, a supervisor or whatever other user types that you might have (or need in the future) is via a role. In your user data store have a field that define which role the user is in (eg manager, cashier etc). Another model is "muliple fields" where you indicate that a user has that role (and thus access to the associated function or not). For example, you might have manager, supervisor, cashier, backoffice etc roles. Then just put a true/false in your user record that indicates whether that user can access the functions associated with a particular role.
Finally, your program becomes simpler because your logic is now simply
if user has manager role then display manager menu
if user has supervisor role then display supervisor menu"
etc
Note that there is no else
in the above psuedo code.
My point is just a concern as your question needs you to have a basic understanding of Java. I am not sure whether you are storing your login details in a database or in a text file. If you store the data in a database, then you can just use the normal java validation techniques described below:
Also, note that banking applications should be more secure and therefore the best practice is to store seeded hashes of the passwords and use a cryptographically strong hashing function.
In case you are saving your data in a text file, then you can refer to this sample code . You can read more about the Java Scanner Class here . You can also decide to use a map to map all users on registering and then just check the map to confirm the login details.
N/B: In all of these cases, check if the username and password fields are empty before you submit the details.
If this were a real application, you would store usernames and hashed-and-salted versions of the passwords on disk (or you would query them over a network), ideally using bcrypt , pbkdf2 , or another strong and upgrade-able password-hashing scheme. There are multiple open-source libraries that implement those for you.
Since this appears to be a programming exercise, the question of how you store them is probably mandated by whoever wrote it, and security may therefore be minimal.
The easiest way (which is not secure at all) of implementing this is to keep a password file around. You could, for example, use something similar to the following code:
public class InsecurePasswordStore {
private Map<String, String> passwords = new HashMap<>();
public void setPassword(String user, String password) {
passwords.put(user, password);
}
public boolean isPasswordCorrect(String user, String password) {
return passwords.get(user) != null && passwords.get(user).equals(password);
}
public void save(File file) throws IOException {
try (PrintWriter writer = new PrintWriter(new BufferedWriter(new FileWriter(file)))) {
for (Map.Entry<String, String> e: passwords.entrySet()) {
writer.println(e.getKey());
writer.println(e.getValue());
}
}
}
public void load(File file) throws IOException {
passwords.clear();
try (BufferedReader reader = new BufferedReader(new FileReader(file))) {
boolean finished = false;
while ( ! finished) {
String user = reader.readLine();
String password = reader.readLine();
if (user == null || password == null) {
finished = true;
} else {
passwords.put(user, password);
}
}
}
}
public static void main(String[] args) throws IOException {
InsecurePasswordStore store = new InsecurePasswordStore();
File passwordFile = new File("secrets.txt");
// create initial password file before first run
store.setPassword("manager", "12345");
store.save(passwordFile);
// load file when the app is launched
store.load(passwordFile);
// check password for a user
String badGuess = "2345";
System.out.println("Is " + badGuess
+ " the correct password for the manager? " + store.isPasswordCorrect("manager", badGuess));
String goodGuess = "12345";
System.out.println("Is " + goodGuess
+ " the correct password for the manager? " + store.isPasswordCorrect("manager", goodGuess));
// if the password was correct, set another username-password pair
if (store.isPasswordCorrect("manager", goodGuess)) {
store.setPassword("cashier", "abcde");
}
store.save(passwordFile);
}
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.