Added more validation to registration #10
This commit is contained in:
parent
0bd4a09852
commit
6754071700
@ -40,6 +40,7 @@ public class RegistrationController {
|
|||||||
@Autowired
|
@Autowired
|
||||||
private final CaptchaService captchaService;
|
private final CaptchaService captchaService;
|
||||||
|
|
||||||
|
// FIXME must change this to a timeout base cache otherwise memory leak!
|
||||||
private final Map<Long, String> captchaMap = new ConcurrentHashMap<>();
|
private final Map<Long, String> captchaMap = new ConcurrentHashMap<>();
|
||||||
|
|
||||||
@GetMapping("/registration")
|
@GetMapping("/registration")
|
||||||
@ -61,32 +62,31 @@ public class RegistrationController {
|
|||||||
BindingResult bindingResult) {
|
BindingResult bindingResult) {
|
||||||
if (bindingResult.hasErrors()) {
|
if (bindingResult.hasErrors()) {
|
||||||
log.warn("Registration input has errors!");
|
log.warn("Registration input has errors!");
|
||||||
return "registration";
|
return "redirect:registration?error";
|
||||||
}
|
}
|
||||||
log.debug("Captcha text from user input = {}",
|
if (userService.getUser(userRegistrationDTO.getUserName()).isPresent()) {
|
||||||
userRegistrationDTO.getCaptchaInput());
|
return "redirect:registration?error&duplicate=true";
|
||||||
log.debug("Captcha text from captcha map = {}",
|
}
|
||||||
captchaMap.get(userRegistrationDTO.getCaptchaID()));
|
|
||||||
if (userRegistrationDTO.getCaptchaInput()
|
log.debug("Captcha text from user input = {}", userRegistrationDTO.getCaptchaInput());
|
||||||
.equals(captchaMap.get(userRegistrationDTO.getCaptchaID()))) {
|
log.debug("Captcha text from captcha map = {}", captchaMap.get(userRegistrationDTO.getCaptchaID()));
|
||||||
|
if (userRegistrationDTO.getCaptchaInput().equals(captchaMap.get(userRegistrationDTO.getCaptchaID()))) {
|
||||||
log.info("Registration captcha equal success");
|
log.info("Registration captcha equal success");
|
||||||
userService.createUser(userRegistrationDTO);
|
userService.createUser(userRegistrationDTO);
|
||||||
return "redirect:registration?success";
|
return "redirect:registration?success";
|
||||||
} else {
|
} else {
|
||||||
log.warn("Registration captcha equal fail");
|
log.warn("Registration captcha equal fail");
|
||||||
return "redirect:registration?error";
|
return "redirect:registration?error&captchaError=true";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping(value = "/img/captcha/{image_id}", produces = MediaType.IMAGE_PNG_VALUE)
|
@GetMapping(value = "/img/captcha/{image_id}", produces = MediaType.IMAGE_PNG_VALUE)
|
||||||
public ResponseEntity<byte[]> getImage(
|
public ResponseEntity<byte[]> getImage(@PathVariable("image_id") Long imageId) throws IOException {
|
||||||
@PathVariable("image_id") Long imageId) throws IOException {
|
|
||||||
|
|
||||||
final String captchaText = captchaMap.get(imageId);
|
final String captchaText = captchaMap.get(imageId);
|
||||||
final HttpHeaders headers = new HttpHeaders();
|
final HttpHeaders headers = new HttpHeaders();
|
||||||
headers.setContentType(MediaType.IMAGE_PNG);
|
headers.setContentType(MediaType.IMAGE_PNG);
|
||||||
BufferedImage captchaBufferedImage = captchaService
|
BufferedImage captchaBufferedImage = captchaService.createCaptchaImage(captchaText);
|
||||||
.createCaptchaImage(captchaText);
|
|
||||||
|
|
||||||
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
ByteArrayOutputStream baos = new ByteArrayOutputStream();
|
||||||
ImageIO.write(captchaBufferedImage, "png", baos);
|
ImageIO.write(captchaBufferedImage, "png", baos);
|
||||||
|
@ -11,19 +11,19 @@ function storeCredentials() {
|
|||||||
},
|
},
|
||||||
});
|
});
|
||||||
//this section is executed when the server responds with no error
|
//this section is executed when the server responds with no error
|
||||||
jqxhr.done(function() {
|
jqxhr.done(function () {
|
||||||
let authToken = jqxhr.getResponseHeader('X-AUTH-TOKEN');
|
let authToken = jqxhr.getResponseHeader('X-AUTH-TOKEN');
|
||||||
localStorage.setItem('authToken', authToken);
|
localStorage.setItem('authToken', authToken);
|
||||||
authToken = localStorage.getItem('authToken')
|
authToken = localStorage.getItem('authToken')
|
||||||
console.log("getting header " + authToken);
|
// console.log("getting header " + authToken);
|
||||||
// secondClick = true;
|
// secondClick = true;
|
||||||
$('#loginForm').submit();
|
$('#loginForm').submit();
|
||||||
|
|
||||||
});
|
});
|
||||||
//this section is executed when the server responds with error
|
//this section is executed when the server responds with error
|
||||||
jqxhr.fail(function() {
|
jqxhr.fail(function () {
|
||||||
log.error('Error retrieving auth token');
|
log.error('Error retrieving auth token');
|
||||||
alertify.error('Error retrieving auth token. Please log in again')
|
alertify.error('Error retrieving auth token. Please try again')
|
||||||
secondClick = false;
|
secondClick = false;
|
||||||
// setTimeout(() => location.reload(), 2000)
|
// setTimeout(() => location.reload(), 2000)
|
||||||
})
|
})
|
||||||
@ -31,7 +31,7 @@ function storeCredentials() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
$('#loginForm').on('submit', function(e) {
|
$('#loginForm').on('submit', function (e) {
|
||||||
if (!secondClick) {
|
if (!secondClick) {
|
||||||
secondClick = true;
|
secondClick = true;
|
||||||
e.preventDefault();
|
e.preventDefault();
|
||||||
|
@ -6,7 +6,8 @@
|
|||||||
<title id="pageTitle">Registration</title>
|
<title id="pageTitle">Registration</title>
|
||||||
</div>
|
</div>
|
||||||
<script src="https://code.jquery.com/jquery-2.1.4.min.js" th:if="false"></script>
|
<script src="https://code.jquery.com/jquery-2.1.4.min.js" th:if="false"></script>
|
||||||
<script src="http://blackpeppersoftware.github.io/thymeleaf-fragment.js/thymeleaf-fragment.js" defer="defer" th:if="false"></script>
|
<script src="http://blackpeppersoftware.github.io/thymeleaf-fragment.js/thymeleaf-fragment.js" defer="defer"
|
||||||
|
th:if="false"></script>
|
||||||
|
|
||||||
</head>
|
</head>
|
||||||
|
|
||||||
@ -37,7 +38,20 @@
|
|||||||
|
|
||||||
<div class="card-text">
|
<div class="card-text">
|
||||||
<h2 class="card-title text-center mb-3">Register</h2>
|
<h2 class="card-title text-center mb-3">Register</h2>
|
||||||
<form action="#" th:action="@{/perform_registration}" th:object=${userRegistrationDTO} method="POST">
|
<form action="#" th:action="@{/perform_registration}" th:object=${userRegistrationDTO}
|
||||||
|
method="POST">
|
||||||
|
<div th:if="${param.error}" class="alert alert-danger">
|
||||||
|
An error occured while creating your account. Please try again.
|
||||||
|
<div th:if="${param.duplicate}">
|
||||||
|
User with the given name already exists. Please use another name.
|
||||||
|
</div>
|
||||||
|
<div th:if="${param.captchaError}">
|
||||||
|
Invalid captcha entered. Please try again.
|
||||||
|
</div>
|
||||||
|
</div>
|
||||||
|
<div th:if="${param.success}" class="alert alert-success">
|
||||||
|
Registration was successful. You may now login.
|
||||||
|
</div>
|
||||||
<div class="form-group">
|
<div class="form-group">
|
||||||
<label>Enter username: </label>
|
<label>Enter username: </label>
|
||||||
<input th:classappend="${#fields.hasErrors('userName')} ? 'is-invalid' : ''" class="form-control" th:field="*{userName}" type="text" name="username" required>
|
<input th:classappend="${#fields.hasErrors('userName')} ? 'is-invalid' : ''" class="form-control" th:field="*{userName}" type="text" name="username" required>
|
||||||
|
Loading…
Reference in New Issue
Block a user