Initial commit for the framework #3
Conversation
The ChallengeProvider trait provides the methods to be implemented by the challenge providers. The framework gets a challenge from a challenge provider, inserts the details of the challenge into the database, and gives the challenge to the user. It then gets the answer from the user, and sends it to the challenge provider for verification. This commit includes the implementation only for FilterChallenge provider.
src/main/scala/lc/Main.scala
Outdated
|
|
||
| class Captcha { | ||
| val con: Connection = DriverManager.getConnection("jdbc:h2:./captcha", "sa", "") | ||
| val stmt: Statement = con.createStatement(); |
There was a problem hiding this comment.
What is this stmt for? Doesn't seem to be used.
There was a problem hiding this comment.
I'm using it to execute the CREATE TABLE statement.
src/main/scala/lc/Main.scala
Outdated
| def getCaptcha(): Boolean = { | ||
| val provider = new FilterChallenge | ||
| val (token, image) = this.getChallenge(provider) | ||
| val stmt: Statement = con.createStatement(); |
There was a problem hiding this comment.
Same with this stmt. Doesn't seem to be used.
There was a problem hiding this comment.
Yes, this wasn't being used. I've removed it in the most recent commit.
src/main/scala/lc/Main.scala
Outdated
| val (image, secret) = provider.returnChallenge() | ||
| val token = scala.util.Random.nextInt(10000).toString | ||
| var pstmt: PreparedStatement = null | ||
| pstmt = con.prepareStatement("INSERT INTO challenge(token, id, secret) VALUES (?, ?, ?)") |
There was a problem hiding this comment.
Convert pstmt to val by declaring and initialising in the same line.
var is mutable state, is 💣, avoid
There was a problem hiding this comment.
using prepareStatement is a good optimisation over exectuteQuery. But for it to be effective you should prepare it only once. In other words, move declaration of pstmt to the class level.
src/main/scala/lc/Main.scala
Outdated
|
|
||
| def getAnswer(token: String, answer: String, provider: ChallengeProvider): Boolean = { | ||
| val stmt: Statement = con.createStatement(); | ||
| val rs: ResultSet = stmt.executeQuery("SELECT secret FROM challenge WHERE token = "+token); |
There was a problem hiding this comment.
you could convert it to a prepared statement, as an optimisation.
src/main/scala/lc/Main.scala
Outdated
| val secret = rs.getString("secret"); | ||
| val image = rs.getString("image"); | ||
| println(s"${token}\t\t${id}\t\t${secret}\t\t${image}") | ||
| } |
There was a problem hiding this comment.
Check indentation of the code in this function.
- Used prepared statements and made them immutable - Fixed indentation
The ChallengeProvider trait provides the methods to be implemented by the challenge providers.
The framework gets a challenge from a challenge provider, inserts the details of the challenge into the database, and gives the challenge to the user. It then gets the answer from the user, and sends it to the challenge provider for verification.
This commit includes the implementation only for FilterChallenge provider.