Browse Source

password reset 50%

master
RENOX 4 months ago
parent
commit
25d905863c
4 changed files with 131 additions and 40 deletions
  1. +31
    -0
      src/main/java/planetrenox/controller/FormController.java
  2. +54
    -16
      src/main/java/planetrenox/controller/RequestValidation.java
  3. +8
    -3
      src/main/resources/static/index.html
  4. +38
    -21
      src/main/resources/static/js/main.js

+ 31
- 0
src/main/java/planetrenox/controller/FormController.java View File

@@ -108,4 +108,35 @@ public class FormController
}
}
}

@PostMapping(path = "/", params = {"name", "password", "text", "tabs, newpassword"})
public Map<String, Object> reset(@RequestParam("name") String name, @RequestParam("password") String password, @RequestParam("text") String text, @RequestParam("tabs") int tabs, @RequestParam("newpassword") String newPassword)
{
Map<String, Object> saveDocument = RequestValidation.validateReset(name, password, text, tabs, newPassword);
if ((boolean) saveDocument.get("INVALID")) return saveDocument; // Validation Failed
else // Validation Successful
{
name = (String) saveDocument.get("CLEAN_NAME");
text = (String) saveDocument.get("CLEAN_TEXT");
saveDocument.clear();
Dungeon dungeon = repository.findByNameIgnoreCase(name);
if (dungeon != null)
{
if (AES256_GCM.decrypt(dungeon.getEncryptionData(), password) == null) // DECRYPT FAILURE
{
saveDocument.put("DOCUMENT_TYPE", "DECRYPT_FAILURE");
} else // Password Correct
{
saveDocument.put("DOCUMENT_TYPE", "SAVED");
dungeon.setEncryptionData(AES256_GCM.encrypt(text, newPassword));
Map<String, String> meta = dungeon.getMeta();
meta.put("TAB_COUNT", Integer.toString(tabs));
dungeon.setMeta(meta);
repository.save(dungeon);
}
}
return saveDocument;
}
}

}

+ 54
- 16
src/main/java/planetrenox/controller/RequestValidation.java View File

@@ -2,12 +2,15 @@ package planetrenox.controller;

import org.jsoup.Jsoup;
import org.jsoup.safety.Whitelist;

import java.util.Map;
import java.util.regex.Pattern;

public class RequestValidation
{
private RequestValidation(){}
private RequestValidation()
{
}

private static final Pattern ILLEGAL_NAME_PATTERN = Pattern.compile("[ !*'();:@&=+$,/?%#\\[\\]\\\\<>^\"{}.~`]");

@@ -25,22 +28,19 @@ public class RequestValidation

loginDocument.put("CLEAN_NAME", Jsoup.clean(name, Whitelist.simpleText()));

if (name.length()>60)
if (name.length() > 60)
{
loginDocument.put("INVALID", true);
loginDocument.put("NAME_LENGTH_OVER60", true);
}
else if(password.length()>128)
} else if (password.length() > 128)
{
loginDocument.put("INVALID", true);
loginDocument.put("PASS_LENGTH_OVER128", true);
}
else if (name.equals("") || password.equals(""))
} else if (name.equals("") || password.equals(""))
{
loginDocument.put("INVALID", true);
loginDocument.put("EMPTY", true);
}
else if (ILLEGAL_NAME_PATTERN.matcher(name).find())
} else if (ILLEGAL_NAME_PATTERN.matcher(name).find())
{
loginDocument.put("INVALID", true);
loginDocument.put("ILLEGAL_CHAR", true);
@@ -66,27 +66,65 @@ public class RequestValidation
saveDocument.put("CLEAN_NAME", Jsoup.clean(name, Whitelist.simpleText()));
saveDocument.put("CLEAN_TEXT", Jsoup.clean(text, Whitelist.basic()));

if (name.length()>60)
if (name.length() > 60)
{
saveDocument.put("INVALID", true);
saveDocument.put("NAME_LENGTH_OVER60", true);
}
else if(password.length()>128)
} else if (password.length() > 128)
{
saveDocument.put("INVALID", true);
saveDocument.put("PASS_LENGTH_OVER128", true);
}
else if (name.equals("") || password.equals("") || text.equals(""))
} else if (name.equals("") || password.equals("") || text.equals(""))
{
saveDocument.put("INVALID", true);
saveDocument.put("EMPTY", true);
}
else if (ILLEGAL_NAME_PATTERN.matcher(name).find())
} else if (ILLEGAL_NAME_PATTERN.matcher(name).find())
{
saveDocument.put("INVALID", true);
saveDocument.put("ILLEGAL_CHAR", true);
} else if (tabs < 1 || tabs > 50)
{
saveDocument.put("INVALID", true);
saveDocument.put("ILLEGAL_TABS", true);
}
else if (tabs < 1 || tabs > 50)

return saveDocument;
}

public static Map<String, Object> validateReset(String name, String password, String text, int tabs, String newPassword)
{
Map<String, Object> saveDocument = new java.util.HashMap<>(Map.of(
"DOCUMENT_TYPE", "VALIDATION_FAILED",
"INVALID", false,
"EMPTY", false,
"NAME_LENGTH_OVER60", false,
"PASS_LENGTH_OVER128", false,
"ILLEGAL_TABS", false,
"ILLEGAL_CHAR", false,
"CLEAN_NAME", "",
"CLEAN_TEXT", ""
));

saveDocument.put("CLEAN_NAME", Jsoup.clean(name, Whitelist.simpleText()));
saveDocument.put("CLEAN_TEXT", Jsoup.clean(text, Whitelist.basic()));

if (name.length() > 60)
{
saveDocument.put("INVALID", true);
saveDocument.put("NAME_LENGTH_OVER60", true);
} else if (password.length() > 128 || newPassword.length() > 128)
{
saveDocument.put("INVALID", true);
saveDocument.put("PASS_LENGTH_OVER128", true);
} else if (name.equals("") || password.equals("") || text.equals("") || newPassword.equals(""))
{
saveDocument.put("INVALID", true);
saveDocument.put("EMPTY", true);
} else if (ILLEGAL_NAME_PATTERN.matcher(name).find())
{
saveDocument.put("INVALID", true);
saveDocument.put("ILLEGAL_CHAR", true);
} else if (tabs < 1 || tabs > 50)
{
saveDocument.put("INVALID", true);
saveDocument.put("ILLEGAL_TABS", true);


+ 8
- 3
src/main/resources/static/index.html View File

@@ -71,9 +71,9 @@
Settings
<i class="dropdown icon"></i>
<div class="menu">
<a id="btn-resetpass" class="item" onclick="initPasswordReset();"><i class="key icon"></i> Reset
Password</a>
<a id="btn-resetpass" class="item" onclick="initPasswordReset();"><i class="key icon"></i> Reset Password</a>
<a id="btn-delete" class="item" onclick="initDelete();"><i class="trash icon"></i> Delete</a>
<a id="btn-close" class="item" onclick="initLogout();" style="display: none;"><i class="close icon"></i> Logout</a>
</div>
</div>

@@ -88,6 +88,7 @@
<div class="ui input"><input id="password-form" type="password" placeholder="Password"
style="background-color: whitesmoke;"></div>


</div>
</div>
</div>
@@ -110,9 +111,13 @@
<!-- form segment -->
<div class="ui form">
<div class="field">
<textarea spellcheck="false" id="textarea" style="background-color: whitesmoke; color: black;border: none;"></textarea>
<textarea spellcheck="false" id="textarea"
style="background-color: whitesmoke; color: black;border: none;"></textarea>
</div>
</div>
<div id="notify-saving" class="ui active inverted dimmer" style="display: none;">
<div class="ui text loader">Saving</div>
</div>
</div>




+ 38
- 21
src/main/resources/static/js/main.js View File

@@ -4,6 +4,7 @@
var currentTabID;
var tabContent;
var onScreenTabCount;
var resettingPass = false;


/* BEGIN EVENTS */
@@ -56,25 +57,32 @@ function initValidateLogin() {
}
}

function initValidateSave() { //TODO what if name is taken
function initValidateSave() { // TODO not allowing saves straight from the form for existing
let name = document.getElementById("name-form").value;
let password;
let tabCount = 0;
let tabTitleCount = 0;
let text = "";
let empty = true;
if (resettingPass) sessionStorage.setItem("oldpassword", sessionStorage.getItem(name));
tabContent.set(currentTabID, document.getElementById("textarea").value);
tabContent.forEach(combineTabsLocalEvent);
function combineTabsLocalEvent(values){
if (values !== "" && values != null){

function combineTabsLocalEvent(values) {
tabTitleCount++;
if (values !== "" && values != null) {
tabCount++;
empty = false;
text += values + "|textdungeon-tab|";
text += values + "|textdungeon-tab|";
document.getElementById("tab" + tabTitleCount).textContent = values.substring(0, 10);
}
}

if (document.getElementById("password-form").value === "") // logged in user
password = sessionStorage.getItem(name);
else
password = document.getElementById("password-form").value;

if (name === "" || name === null) {
blinkUtil(document.getElementById("name-form"), .1, 6, "whitesmoke", "#ff1a1a");
} else if (password === "" || password === null) {
@@ -94,6 +102,7 @@ function initValidateSave() { //TODO what if name is taken
document.getElementById("name-form").value = "";
document.getElementById("name-form").placeholder = "Avoid special characters.";
} else {
document.getElementById("notify-saving").style.display = "inherit";
sessionStorage.setItem(name, password);
saveLocalEvent(name, password, text, tabCount);
}
@@ -114,6 +123,10 @@ function initEmptyForm() {
document.getElementById("textarea").rows = window.innerHeight / 24;
document.getElementById("page-form-menu").style.display = "inherit";
document.getElementById("page-form").style.display = "inherit";
document.getElementById("tab" + 1).textContent = "Tab";
document.getElementById("password-form").placeholder = "Password";
document.getElementById("btn-close").style.display = "none";
resettingPass = false;
onScreenTabCount = 1;
currentTabID = "tab1";
tabContent = new Map();
@@ -136,7 +149,12 @@ function initAboutPage() {
}

function initPasswordReset() {
// TODO
document.getElementById("password-form").value = "";
document.getElementById("btn-logout").style.display = "none";
document.getElementById("password-form").style.display = "inherit";
document.getElementById("btn-close").style.display = "inherit";
document.getElementById("password-form").placeholder = "New password";
resettingPass = true;
}

function initDelete() {
@@ -179,7 +197,6 @@ function loginLocalEvent(name, password) {
xmlrequest.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xmlrequest.send("type=login&name=" + name + "&password=" + password);
xmlrequest.onload = function () {
console.log(xmlrequest.response); // not prod
loginResponseLocalEvent(xmlrequest.response);
}
}
@@ -188,27 +205,30 @@ function saveLocalEvent(name, password, text, tabCount) {
let xmlrequest = new XMLHttpRequest();
xmlrequest.open("POST", "/");
xmlrequest.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xmlrequest.send("name=" + name + "&password=" + password + "&text=" + text + "&tabs=" + tabCount);
xmlrequest.onload = function ()
{
console.log(xmlrequest.response);// not prod
if (resettingPass)
xmlrequest.send("name=" + name + "&password=" + sessionStorage.getItem("oldpassword") + "&text=" + text + "&tabs=" + tabCount + "&newpassword=" + password);
else {
xmlrequest.send("name=" + name + "&password=" + password + "&text=" + text + "&tabs=" + tabCount);
}
xmlrequest.onload = function () {
saveResponseLocalEvent(xmlrequest.response);
}
}

function saveResponseLocalEvent(response) {
// TODO NOTIFY
let responseJson = JSON.parse(response);
if (responseJson.DOCUMENT_TYPE==="DECRYPT_FAILURE"){
if (responseJson.DOCUMENT_TYPE === "DECRYPT_FAILURE") {
blinkUtil(document.getElementById("name-form"), .1, 6, "whitesmoke", "#ff1a1a");
document.getElementById("name-form").value = "";
document.getElementById("name-form").placeholder = "Existing name.";
}else {
} else {
document.getElementById("name-form").disabled = true;
document.getElementById("password-form").style.display = "none";
document.getElementById("btn-logout").style.display = "inherit";
document.getElementById("btn-settings").style.display = "inherit";
}
document.getElementById("notify-saving").style.display = "none";
if (resettingPass) initLogout();
}

function loginResponseLocalEvent(response) {
@@ -247,21 +267,18 @@ function loginResponseLocalEvent(response) {
}
}

function populateFormLocalEvent(responseJson) { //wtf?
// TODO 10 charlength title

function populateFormLocalEvent(responseJson) {
document.getElementById("name-form").value = responseJson.DUNGEON.name;
document.getElementById("name-form").disabled = "true";
document.getElementById("password-form").style.display = "none";
document.getElementById("btn-logout").style.display = "inherit";
document.getElementById("btn-settings").style.display = "inherit";
let entireTextArray = responseJson.DUNGEON.cleartext.split("|textdungeon-tab|");
for (let i = 0; i<responseJson.DUNGEON.meta.TAB_COUNT; i++){
if (i !== 0) {initAddTab();}
tabContent.set(document.getElementById("tab" + i+1).id, entireTextArray[i]);
for (let i = 0; i < responseJson.DUNGEON.meta.TAB_COUNT; i++) {
if (i !== 0) initAddTab();
tabContent.set("tab" + (i + 1), entireTextArray[i]);
document.getElementById("tab" + (i + 1)).textContent = entireTextArray[i].substring(0, 10);
}
console.log(document.getElementById("tab" + 1).id);
document.getElementById("textarea").value = entireTextArray[0];
}



Loading…
Cancel
Save