Browse Source

FORM VALIDATION & LOGIN API COMPLETED

master
RENOX 5 months ago
parent
commit
0279b2f456
4 changed files with 74 additions and 33 deletions
  1. +31
    -13
      src/main/java/planetrenox/controller/FormController.java
  2. +39
    -19
      src/main/java/planetrenox/controller/RequestValidation.java
  3. +3
    -0
      src/main/java/planetrenox/mongodb/Dungeon.java
  4. +1
    -1
      src/main/resources/static/js/post.js

+ 31
- 13
src/main/java/planetrenox/controller/FormController.java View File

@@ -5,26 +5,44 @@ import org.springframework.web.bind.annotation.*;
import planetrenox.encryption.AES256_GCM;
import planetrenox.mongodb.Dungeon;
import planetrenox.mongodb.DungeonRepository;

import javax.validation.constraints.NotBlank;
import javax.validation.constraints.NotNull;
import java.util.HashMap;
import java.util.Map;

@RestController
public class FormController
{
@Autowired private DungeonRepository repository;

@Autowired
private DungeonRepository repository;

/*
* "DOCUMENT_TYPE":"LOGIN" -> Invalid Form Params
* "DOCUMENT_TYPE":"NEW" -> New User
* "DOCUMENT_TYPE":"DECRYPT" -> Success or Failure
*/
@PostMapping(path = "/", params = {"name", "password"})
public String login(@RequestParam("name") String name, @RequestParam("password") String password)
public Map<String, Object> login(@RequestParam("name") String name, @RequestParam("password") String password)
{






return "str";
Map<String, Object> loginDocument = RequestValidation.validateLogin(name, password);
if ((boolean)loginDocument.get("INVALID")) return loginDocument; // Validation Failed
else // Validation Successful
{
name = (String)loginDocument.get("CLEAN_NAME");
Dungeon dungeon = repository.findByName(name);
if (dungeon==null) // New User
{
Map<String, Object> newDocument = new HashMap<>();
newDocument.put("DOCUMENT_TYPE", "NEW");
return newDocument;
}
else // Existing Dungeon
{
Map<String, Object> decryptDocument = new HashMap<>();
decryptDocument.put("DOCUMENT_TYPE", "DECRYPT");
dungeon.setCleartext(AES256_GCM.decrypt(dungeon.getEncryptionData(), password));
if (dungeon.getCleartext() == null) return decryptDocument;
else decryptDocument.put("DUNGEON", dungeon);
return decryptDocument;
}
}
}
}

+ 39
- 19
src/main/java/planetrenox/controller/RequestValidation.java View File

@@ -2,30 +2,50 @@ package planetrenox.controller;

import org.jsoup.Jsoup;
import org.jsoup.safety.Whitelist;

import java.util.Map;
import java.util.regex.Pattern;

public class RequestValidation
{
private static final Map<String, Boolean> LOGIN_REQ = Map.of(
"INVALID", false,
"EMPTY", false,
"NAME_LENGTH>60", false,
"PASS_LENGTH>128", false,
"ILLEGAL_NAME", false,
"ILLEGAL_PASS", false
);
private RequestValidation(){}

private static final Pattern ILLEGAL_NAME_PATTERN = Pattern.compile("[ !*'();:@&=+$,/?%#\\[\\]\\\\<>^\"{}~`]");

public static Map<String, Boolean> validateLogin(String name, String password)
public static Map<String, Object> validateLogin(String name, String password)
{
name = Jsoup.clean(name, Whitelist.basic());
password = Jsoup.clean(password, Whitelist.basic());


return null;
Map<String, Object> loginDocument = new java.util.HashMap<>(Map.of(
"DOCUMENT_TYPE", "LOGIN",
"INVALID", false,
"EMPTY", false,
"NAME_LENGTH>60", false,
"PASS_LENGTH>128", false,
"ILLEGAL_CHAR", false,
"CLEAN_NAME", ""
));

loginDocument.put("CLEAN_NAME", Jsoup.clean(name, Whitelist.basic()));

if (name.length()>60)
{
loginDocument.put("INVALID", true);
loginDocument.put("NAME_LENGTH>60", true);
}
if(password.length()>128)
{
loginDocument.put("INVALID", true);
loginDocument.put("PASS_LENGTH>128", true);
}
if (name.equals("") || password.equals(""))
{
loginDocument.put("INVALID", true);
loginDocument.put("EMPTY", true);
}
if (ILLEGAL_NAME_PATTERN.matcher(name).find())
{
loginDocument.put("INVALID", true);
loginDocument.put("ILLEGAL_CHAR", true);
}

return loginDocument;
}


}
}

+ 3
- 0
src/main/java/planetrenox/mongodb/Dungeon.java View File

@@ -3,6 +3,8 @@ package planetrenox.mongodb;
import lombok.Getter;
import lombok.Setter;
import org.springframework.data.annotation.Id;
import org.springframework.data.annotation.Transient;

import java.util.Date;
import java.util.HashMap;
import java.util.Map;
@@ -15,6 +17,7 @@ public class Dungeon
@Getter @Setter private Date creationDate;
@Getter @Setter private byte[] encryptionData;
@Getter @Setter private Map<String, String> meta = new HashMap<>();
@Transient @Getter @Setter String cleartext;

public Dungeon(String name, byte[] encryptionData, Map<String, String> meta)
{


+ 1
- 1
src/main/resources/static/js/post.js View File

@@ -10,6 +10,6 @@ function btnLoginEvent(e) {
xmlrequest.send("name=" + name + "&password=" + password);
xmlrequest.onload = function ()
{
alert(xmlrequest.response);
console.log(xmlrequest.response);
}
}

Loading…
Cancel
Save