Added more validation to registration #10

src/main/java/org/ros/chatto/controller/RegistrationController.java

@@ -40,6 +40,7 @@ public class RegistrationController {
 	@Autowired
 	private final CaptchaService captchaService;
 
+	// FIXME must change this to a timeout base cache otherwise memory leak!
 	private final Map<Long, String> captchaMap = new ConcurrentHashMap<>();
 
 	@GetMapping("/registration")
@@ -61,32 +62,31 @@ public class RegistrationController {
 			BindingResult bindingResult) {
 		if (bindingResult.hasErrors()) {
 			log.warn("Registration input has errors!");
-			return "registration";
+			return "redirect:registration?error";
+		}
+		if (userService.getUser(userRegistrationDTO.getUserName()).isPresent()) {
+			return "redirect:registration?error&duplicate=true";
 		}
-		log.debug("Captcha text from user input = {}",
-				userRegistrationDTO.getCaptchaInput());
-		log.debug("Captcha text from captcha map = {}",
-				captchaMap.get(userRegistrationDTO.getCaptchaID()));
-		if (userRegistrationDTO.getCaptchaInput()
-				.equals(captchaMap.get(userRegistrationDTO.getCaptchaID()))) {
+
+		log.debug("Captcha text from user input = {}", userRegistrationDTO.getCaptchaInput());
+		log.debug("Captcha text from captcha map = {}", captchaMap.get(userRegistrationDTO.getCaptchaID()));
+		if (userRegistrationDTO.getCaptchaInput().equals(captchaMap.get(userRegistrationDTO.getCaptchaID()))) {
 			log.info("Registration captcha equal success");
 			userService.createUser(userRegistrationDTO);
 			return "redirect:registration?success";
 		} else {
 			log.warn("Registration captcha equal fail");
-			return "redirect:registration?error";
+			return "redirect:registration?error&captchaError=true";
 		}
 	}
 
 	@GetMapping(value = "/img/captcha/{image_id}", produces = MediaType.IMAGE_PNG_VALUE)
-	public ResponseEntity<byte[]> getImage(
-			@PathVariable("image_id") Long imageId) throws IOException {
+	public ResponseEntity<byte[]> getImage(@PathVariable("image_id") Long imageId) throws IOException {
 
 		final String captchaText = captchaMap.get(imageId);
 		final HttpHeaders headers = new HttpHeaders();
 		headers.setContentType(MediaType.IMAGE_PNG);
-		BufferedImage captchaBufferedImage = captchaService
-				.createCaptchaImage(captchaText);
+		BufferedImage captchaBufferedImage = captchaService.createCaptchaImage(captchaText);
 
 		ByteArrayOutputStream baos = new ByteArrayOutputStream();
 		ImageIO.write(captchaBufferedImage, "png", baos);

src/main/resources/static/js/login.js

@@ -11,19 +11,19 @@ function storeCredentials() {
         },
     });
     //this section is executed when the server responds with no error 
-    jqxhr.done(function() {
+    jqxhr.done(function () {
         let authToken = jqxhr.getResponseHeader('X-AUTH-TOKEN');
         localStorage.setItem('authToken', authToken);
         authToken = localStorage.getItem('authToken')
-        console.log("getting header " + authToken);
+        // console.log("getting header " + authToken);
         // secondClick = true;
         $('#loginForm').submit();
 
     });
     //this section is executed when the server responds with error
-    jqxhr.fail(function() {
+    jqxhr.fail(function () {
         log.error('Error retrieving auth token');
-        alertify.error('Error retrieving auth token. Please log in again')
+        alertify.error('Error retrieving auth token. Please try again')
         secondClick = false;
         // setTimeout(() => location.reload(), 2000)
     })
@@ -31,7 +31,7 @@ function storeCredentials() {
 }
 
 
-$('#loginForm').on('submit', function(e) {
+$('#loginForm').on('submit', function (e) {
     if (!secondClick) {
         secondClick = true;
         e.preventDefault();

src/main/resources/templates/registration.html

@@ -6,7 +6,8 @@
         <title id="pageTitle">Registration</title>
     </div>
     <script src="https://code.jquery.com/jquery-2.1.4.min.js" th:if="false"></script>
-    <script src="http://blackpeppersoftware.github.io/thymeleaf-fragment.js/thymeleaf-fragment.js" defer="defer" th:if="false"></script>
+    <script src="http://blackpeppersoftware.github.io/thymeleaf-fragment.js/thymeleaf-fragment.js" defer="defer"
+        th:if="false"></script>
 
 </head>
 
@@ -37,7 +38,20 @@
 
                             <div class="card-text">
                                 <h2 class="card-title text-center mb-3">Register</h2>
-                                <form action="#" th:action="@{/perform_registration}" th:object=${userRegistrationDTO} method="POST">
+                                <form action="#" th:action="@{/perform_registration}" th:object=${userRegistrationDTO}
+                                    method="POST">
+                                    <div th:if="${param.error}" class="alert alert-danger">
+                                        An error occured while creating your account. Please try again.
+                                        <div th:if="${param.duplicate}">
+                                            User with the given name already exists. Please use another name.
+                                        </div>
+                                        <div th:if="${param.captchaError}">
+                                            Invalid captcha entered. Please try again.
+                                        </div>
+                                    </div>
+                                    <div th:if="${param.success}" class="alert alert-success">
+                                        Registration was successful. You may now login.
+                                    </div>
                                     <div class="form-group">
                                         <label>Enter username: </label>
                                         <input th:classappend="${#fields.hasErrors('userName')} ? 'is-invalid' : ''" class="form-control" th:field="*{userName}" type="text" name="username" required>