@@ -108,4 +108,35 @@ public class FormController | |||
} | |||
} | |||
} | |||
@PostMapping(path = "/", params = {"name", "password", "text", "tabs, newpassword"}) | |||
public Map<String, Object> reset(@RequestParam("name") String name, @RequestParam("password") String password, @RequestParam("text") String text, @RequestParam("tabs") int tabs, @RequestParam("newpassword") String newPassword) | |||
{ | |||
Map<String, Object> saveDocument = RequestValidation.validateReset(name, password, text, tabs, newPassword); | |||
if ((boolean) saveDocument.get("INVALID")) return saveDocument; // Validation Failed | |||
else // Validation Successful | |||
{ | |||
name = (String) saveDocument.get("CLEAN_NAME"); | |||
text = (String) saveDocument.get("CLEAN_TEXT"); | |||
saveDocument.clear(); | |||
Dungeon dungeon = repository.findByNameIgnoreCase(name); | |||
if (dungeon != null) | |||
{ | |||
if (AES256_GCM.decrypt(dungeon.getEncryptionData(), password) == null) // DECRYPT FAILURE | |||
{ | |||
saveDocument.put("DOCUMENT_TYPE", "DECRYPT_FAILURE"); | |||
} else // Password Correct | |||
{ | |||
saveDocument.put("DOCUMENT_TYPE", "SAVED"); | |||
dungeon.setEncryptionData(AES256_GCM.encrypt(text, newPassword)); | |||
Map<String, String> meta = dungeon.getMeta(); | |||
meta.put("TAB_COUNT", Integer.toString(tabs)); | |||
dungeon.setMeta(meta); | |||
repository.save(dungeon); | |||
} | |||
} | |||
return saveDocument; | |||
} | |||
} | |||
} |
@@ -2,12 +2,15 @@ package planetrenox.controller; | |||
import org.jsoup.Jsoup; | |||
import org.jsoup.safety.Whitelist; | |||
import java.util.Map; | |||
import java.util.regex.Pattern; | |||
public class RequestValidation | |||
{ | |||
private RequestValidation(){} | |||
private RequestValidation() | |||
{ | |||
} | |||
private static final Pattern ILLEGAL_NAME_PATTERN = Pattern.compile("[ !*'();:@&=+$,/?%#\\[\\]\\\\<>^\"{}.~`]"); | |||
@@ -25,22 +28,19 @@ public class RequestValidation | |||
loginDocument.put("CLEAN_NAME", Jsoup.clean(name, Whitelist.simpleText())); | |||
if (name.length()>60) | |||
if (name.length() > 60) | |||
{ | |||
loginDocument.put("INVALID", true); | |||
loginDocument.put("NAME_LENGTH_OVER60", true); | |||
} | |||
else if(password.length()>128) | |||
} else if (password.length() > 128) | |||
{ | |||
loginDocument.put("INVALID", true); | |||
loginDocument.put("PASS_LENGTH_OVER128", true); | |||
} | |||
else if (name.equals("") || password.equals("")) | |||
} else if (name.equals("") || password.equals("")) | |||
{ | |||
loginDocument.put("INVALID", true); | |||
loginDocument.put("EMPTY", true); | |||
} | |||
else if (ILLEGAL_NAME_PATTERN.matcher(name).find()) | |||
} else if (ILLEGAL_NAME_PATTERN.matcher(name).find()) | |||
{ | |||
loginDocument.put("INVALID", true); | |||
loginDocument.put("ILLEGAL_CHAR", true); | |||
@@ -66,27 +66,65 @@ public class RequestValidation | |||
saveDocument.put("CLEAN_NAME", Jsoup.clean(name, Whitelist.simpleText())); | |||
saveDocument.put("CLEAN_TEXT", Jsoup.clean(text, Whitelist.basic())); | |||
if (name.length()>60) | |||
if (name.length() > 60) | |||
{ | |||
saveDocument.put("INVALID", true); | |||
saveDocument.put("NAME_LENGTH_OVER60", true); | |||
} | |||
else if(password.length()>128) | |||
} else if (password.length() > 128) | |||
{ | |||
saveDocument.put("INVALID", true); | |||
saveDocument.put("PASS_LENGTH_OVER128", true); | |||
} | |||
else if (name.equals("") || password.equals("") || text.equals("")) | |||
} else if (name.equals("") || password.equals("") || text.equals("")) | |||
{ | |||
saveDocument.put("INVALID", true); | |||
saveDocument.put("EMPTY", true); | |||
} | |||
else if (ILLEGAL_NAME_PATTERN.matcher(name).find()) | |||
} else if (ILLEGAL_NAME_PATTERN.matcher(name).find()) | |||
{ | |||
saveDocument.put("INVALID", true); | |||
saveDocument.put("ILLEGAL_CHAR", true); | |||
} else if (tabs < 1 || tabs > 50) | |||
{ | |||
saveDocument.put("INVALID", true); | |||
saveDocument.put("ILLEGAL_TABS", true); | |||
} | |||
else if (tabs < 1 || tabs > 50) | |||
return saveDocument; | |||
} | |||
public static Map<String, Object> validateReset(String name, String password, String text, int tabs, String newPassword) | |||
{ | |||
Map<String, Object> saveDocument = new java.util.HashMap<>(Map.of( | |||
"DOCUMENT_TYPE", "VALIDATION_FAILED", | |||
"INVALID", false, | |||
"EMPTY", false, | |||
"NAME_LENGTH_OVER60", false, | |||
"PASS_LENGTH_OVER128", false, | |||
"ILLEGAL_TABS", false, | |||
"ILLEGAL_CHAR", false, | |||
"CLEAN_NAME", "", | |||
"CLEAN_TEXT", "" | |||
)); | |||
saveDocument.put("CLEAN_NAME", Jsoup.clean(name, Whitelist.simpleText())); | |||
saveDocument.put("CLEAN_TEXT", Jsoup.clean(text, Whitelist.basic())); | |||
if (name.length() > 60) | |||
{ | |||
saveDocument.put("INVALID", true); | |||
saveDocument.put("NAME_LENGTH_OVER60", true); | |||
} else if (password.length() > 128 || newPassword.length() > 128) | |||
{ | |||
saveDocument.put("INVALID", true); | |||
saveDocument.put("PASS_LENGTH_OVER128", true); | |||
} else if (name.equals("") || password.equals("") || text.equals("") || newPassword.equals("")) | |||
{ | |||
saveDocument.put("INVALID", true); | |||
saveDocument.put("EMPTY", true); | |||
} else if (ILLEGAL_NAME_PATTERN.matcher(name).find()) | |||
{ | |||
saveDocument.put("INVALID", true); | |||
saveDocument.put("ILLEGAL_CHAR", true); | |||
} else if (tabs < 1 || tabs > 50) | |||
{ | |||
saveDocument.put("INVALID", true); | |||
saveDocument.put("ILLEGAL_TABS", true); | |||
@@ -71,9 +71,9 @@ | |||
Settings | |||
<i class="dropdown icon"></i> | |||
<div class="menu"> | |||
<a id="btn-resetpass" class="item" onclick="initPasswordReset();"><i class="key icon"></i> Reset | |||
Password</a> | |||
<a id="btn-resetpass" class="item" onclick="initPasswordReset();"><i class="key icon"></i> Reset Password</a> | |||
<a id="btn-delete" class="item" onclick="initDelete();"><i class="trash icon"></i> Delete</a> | |||
<a id="btn-close" class="item" onclick="initLogout();" style="display: none;"><i class="close icon"></i> Logout</a> | |||
</div> | |||
</div> | |||
@@ -88,6 +88,7 @@ | |||
<div class="ui input"><input id="password-form" type="password" placeholder="Password" | |||
style="background-color: whitesmoke;"></div> | |||
</div> | |||
</div> | |||
</div> | |||
@@ -110,9 +111,13 @@ | |||
<!-- form segment --> | |||
<div class="ui form"> | |||
<div class="field"> | |||
<textarea spellcheck="false" id="textarea" style="background-color: whitesmoke; color: black;border: none;"></textarea> | |||
<textarea spellcheck="false" id="textarea" | |||
style="background-color: whitesmoke; color: black;border: none;"></textarea> | |||
</div> | |||
</div> | |||
<div id="notify-saving" class="ui active inverted dimmer" style="display: none;"> | |||
<div class="ui text loader">Saving</div> | |||
</div> | |||
</div> | |||
@@ -4,6 +4,7 @@ | |||
var currentTabID; | |||
var tabContent; | |||
var onScreenTabCount; | |||
var resettingPass = false; | |||
/* BEGIN EVENTS */ | |||
@@ -56,25 +57,32 @@ function initValidateLogin() { | |||
} | |||
} | |||
function initValidateSave() { //TODO what if name is taken | |||
function initValidateSave() { // TODO not allowing saves straight from the form for existing | |||
let name = document.getElementById("name-form").value; | |||
let password; | |||
let tabCount = 0; | |||
let tabTitleCount = 0; | |||
let text = ""; | |||
let empty = true; | |||
if (resettingPass) sessionStorage.setItem("oldpassword", sessionStorage.getItem(name)); | |||
tabContent.set(currentTabID, document.getElementById("textarea").value); | |||
tabContent.forEach(combineTabsLocalEvent); | |||
function combineTabsLocalEvent(values){ | |||
if (values !== "" && values != null){ | |||
function combineTabsLocalEvent(values) { | |||
tabTitleCount++; | |||
if (values !== "" && values != null) { | |||
tabCount++; | |||
empty = false; | |||
text += values + "|textdungeon-tab|"; | |||
text += values + "|textdungeon-tab|"; | |||
document.getElementById("tab" + tabTitleCount).textContent = values.substring(0, 10); | |||
} | |||
} | |||
if (document.getElementById("password-form").value === "") // logged in user | |||
password = sessionStorage.getItem(name); | |||
else | |||
password = document.getElementById("password-form").value; | |||
if (name === "" || name === null) { | |||
blinkUtil(document.getElementById("name-form"), .1, 6, "whitesmoke", "#ff1a1a"); | |||
} else if (password === "" || password === null) { | |||
@@ -94,6 +102,7 @@ function initValidateSave() { //TODO what if name is taken | |||
document.getElementById("name-form").value = ""; | |||
document.getElementById("name-form").placeholder = "Avoid special characters."; | |||
} else { | |||
document.getElementById("notify-saving").style.display = "inherit"; | |||
sessionStorage.setItem(name, password); | |||
saveLocalEvent(name, password, text, tabCount); | |||
} | |||
@@ -114,6 +123,10 @@ function initEmptyForm() { | |||
document.getElementById("textarea").rows = window.innerHeight / 24; | |||
document.getElementById("page-form-menu").style.display = "inherit"; | |||
document.getElementById("page-form").style.display = "inherit"; | |||
document.getElementById("tab" + 1).textContent = "Tab"; | |||
document.getElementById("password-form").placeholder = "Password"; | |||
document.getElementById("btn-close").style.display = "none"; | |||
resettingPass = false; | |||
onScreenTabCount = 1; | |||
currentTabID = "tab1"; | |||
tabContent = new Map(); | |||
@@ -136,7 +149,12 @@ function initAboutPage() { | |||
} | |||
function initPasswordReset() { | |||
// TODO | |||
document.getElementById("password-form").value = ""; | |||
document.getElementById("btn-logout").style.display = "none"; | |||
document.getElementById("password-form").style.display = "inherit"; | |||
document.getElementById("btn-close").style.display = "inherit"; | |||
document.getElementById("password-form").placeholder = "New password"; | |||
resettingPass = true; | |||
} | |||
function initDelete() { | |||
@@ -179,7 +197,6 @@ function loginLocalEvent(name, password) { | |||
xmlrequest.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8"); | |||
xmlrequest.send("type=login&name=" + name + "&password=" + password); | |||
xmlrequest.onload = function () { | |||
console.log(xmlrequest.response); // not prod | |||
loginResponseLocalEvent(xmlrequest.response); | |||
} | |||
} | |||
@@ -188,27 +205,30 @@ function saveLocalEvent(name, password, text, tabCount) { | |||
let xmlrequest = new XMLHttpRequest(); | |||
xmlrequest.open("POST", "/"); | |||
xmlrequest.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8"); | |||
xmlrequest.send("name=" + name + "&password=" + password + "&text=" + text + "&tabs=" + tabCount); | |||
xmlrequest.onload = function () | |||
{ | |||
console.log(xmlrequest.response);// not prod | |||
if (resettingPass) | |||
xmlrequest.send("name=" + name + "&password=" + sessionStorage.getItem("oldpassword") + "&text=" + text + "&tabs=" + tabCount + "&newpassword=" + password); | |||
else { | |||
xmlrequest.send("name=" + name + "&password=" + password + "&text=" + text + "&tabs=" + tabCount); | |||
} | |||
xmlrequest.onload = function () { | |||
saveResponseLocalEvent(xmlrequest.response); | |||
} | |||
} | |||
function saveResponseLocalEvent(response) { | |||
// TODO NOTIFY | |||
let responseJson = JSON.parse(response); | |||
if (responseJson.DOCUMENT_TYPE==="DECRYPT_FAILURE"){ | |||
if (responseJson.DOCUMENT_TYPE === "DECRYPT_FAILURE") { | |||
blinkUtil(document.getElementById("name-form"), .1, 6, "whitesmoke", "#ff1a1a"); | |||
document.getElementById("name-form").value = ""; | |||
document.getElementById("name-form").placeholder = "Existing name."; | |||
}else { | |||
} else { | |||
document.getElementById("name-form").disabled = true; | |||
document.getElementById("password-form").style.display = "none"; | |||
document.getElementById("btn-logout").style.display = "inherit"; | |||
document.getElementById("btn-settings").style.display = "inherit"; | |||
} | |||
document.getElementById("notify-saving").style.display = "none"; | |||
if (resettingPass) initLogout(); | |||
} | |||
function loginResponseLocalEvent(response) { | |||
@@ -247,21 +267,18 @@ function loginResponseLocalEvent(response) { | |||
} | |||
} | |||
function populateFormLocalEvent(responseJson) { //wtf? | |||
// TODO 10 charlength title | |||
function populateFormLocalEvent(responseJson) { | |||
document.getElementById("name-form").value = responseJson.DUNGEON.name; | |||
document.getElementById("name-form").disabled = "true"; | |||
document.getElementById("password-form").style.display = "none"; | |||
document.getElementById("btn-logout").style.display = "inherit"; | |||
document.getElementById("btn-settings").style.display = "inherit"; | |||
let entireTextArray = responseJson.DUNGEON.cleartext.split("|textdungeon-tab|"); | |||
for (let i = 0; i<responseJson.DUNGEON.meta.TAB_COUNT; i++){ | |||
if (i !== 0) {initAddTab();} | |||
tabContent.set(document.getElementById("tab" + i+1).id, entireTextArray[i]); | |||
for (let i = 0; i < responseJson.DUNGEON.meta.TAB_COUNT; i++) { | |||
if (i !== 0) initAddTab(); | |||
tabContent.set("tab" + (i + 1), entireTextArray[i]); | |||
document.getElementById("tab" + (i + 1)).textContent = entireTextArray[i].substring(0, 10); | |||
} | |||
console.log(document.getElementById("tab" + 1).id); | |||
document.getElementById("textarea").value = entireTextArray[0]; | |||
} | |||