dnet-openaire-users/src/main/java/eu/dnetlib/openaire/usermanagement/RegisterServlet.java

package eu.dnetlib.openaire.usermanagement;

import eu.dnetlib.openaire.user.utils.EmailSender;
import eu.dnetlib.openaire.user.utils.LDAPActions;
import eu.dnetlib.openaire.user.utils.VerificationActions;
import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor;
import org.apache.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.context.support.SpringBeanAutowiringSupport;

import javax.servlet.ServletConfig;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.io.PrintWriter;
import java.sql.Timestamp;
import java.util.Date;
import java.util.UUID;

/**
 * Created by sofia on 20/10/2017.
 */
public class RegisterServlet extends HttpServlet {

    public void init(ServletConfig config) throws ServletException {
        super.init(config);
        SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,
                config.getServletContext());
    }

    @Autowired
    private VerificationActions verificationActions;

    @Autowired
    private EmailSender emailSender;

    @Autowired
    private LDAPActions ldapActions;

    private Logger logger = Logger.getLogger(RegisterServlet.class);

    @Override
    protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {
        response.setContentType("text/html");
        PrintWriter printWriter = response.getWriter();

        String firstName = request.getParameter("first_name").trim();
        String lastName = request.getParameter("last_name").trim();
        String organization = request.getParameter("organization").trim();
        String username = request.getParameter("username").trim();
        String email =request.getParameter("email").trim();
        String confirmEmail = request.getParameter("email_conf").trim();
        String password = request.getParameter("password");
        String confirmPassword = request.getParameter("password_conf");

        if (organization == null){
            logger.info("organization is null");
        }
        if (firstName != null && lastName != null &&  username != null &&
                email.equals(confirmEmail) && password.equals(confirmPassword) ) {

            try {

                 if (username.matches("^[a-zA-Z0-9\\.\\_\\-]{4,150}") && !ldapActions.usernameExists(username) && !ldapActions.emailExists(email)
                         && !ldapActions.isZombieUsersEmail(email) && !ldapActions.isZombieUsersUsername(username)) {

                     ldapActions.createZombieUser(username, email, firstName, lastName, organization, password);
                     logger.info("Zombie user successfully created");

                     UUID verificationCode = UUID.randomUUID();
                     Date creationDate = new Date();

                     Timestamp timestamp = new Timestamp(creationDate.getTime());

                     if (!verificationActions.verificationEntryExists(username)) {
                         verificationActions.addVerificationEntry(username, verificationCode.toString(), timestamp);

                     } else {
                         verificationActions.updateVerificationEntry(username, verificationCode.toString(), timestamp);
                     }

                     String resultPath = UrlConstructor.getRedirectUrl(request, "activate.jsp");

                     String verificationCodeMsg = "<p>Hello " + username + ",</p>" +
                             "<p> A request has been made to verify your email and activate your OpenAIRE account. To activate your " +
                             "account, you will need to submit your username and this activation code in order to verify that the" +
                             "request was legitimate.</p>" +
                             "<p>" +
                             "The activation code is " + verificationCode.toString() +
                             "</p>" +
                             "Select the URL below and proceed with activating your password." +
                             "<p><a href=" + resultPath + ">" + resultPath + "</a></p>" +
                             "<p>Thank you</p>";

                     String verificationCodeSubject = "Activate your OpenAIRE account";

                     emailSender.sendEmail(email, verificationCodeSubject, verificationCodeMsg);

                     response.sendRedirect("./activate.jsp");

                 } else {

                     if(!username.matches("^[a-zA-Z0-9\\.\\_\\-]{4,150}")) {

                         if (username.length() < 5) {
                             request.getSession().setAttribute("username_message", "Minimum username length 5 characters.");
                             logger.info("Minimum username length 5 characters.");
                         }

                         if (username.length() > 150) {
                             request.getSession().setAttribute("username_message", "Maximum username length 150 characters.");
                             logger.info("Maximum username length 150 characters.");
                         }

                         if (!username.matches("^[a-zA-Z0-9\\.\\_\\-]")) {
                             request.getSession().setAttribute("username_allowed_message", "You can use only letters, numbers, underscores, hyphens and periods.");
                             logger.info("Only letters, numbers, underscores, hyphens and periods.");
                         }
                     }

                     if (ldapActions.usernameExists(username) || ldapActions.isZombieUsersUsername(username)) {
                        request.getSession().setAttribute("username_message", "Username already exists! Choose another one.");
                        logger.info("Username already exists");
                     }

                     if (ldapActions.emailExists(email)) {
                         request.getSession().setAttribute("email_message", "There is another user with this email.");
                         logger.info("There is another user with this email");
                     }

                     if (ldapActions.isZombieUsersEmail(email)) {
                         request.getSession().setAttribute("email_message", "You have already registered with this email address! Please check your email to activate your account or contact OpenAIRE <a href=\"https://www.openaire.eu/support/helpdesk\">helpdesk</a>.");
                         logger.info("There is another user with this email");
                     }

                     request.getSession().setAttribute("first_name", firstName);
                     request.getSession().setAttribute("last_name", lastName);
                     request.getSession().setAttribute("organization", organization);
                     request.getSession().setAttribute("username", username);
                     request.getSession().setAttribute("email", email);
                     request.getSession().setAttribute("email_conf", confirmEmail);

                     response.sendRedirect("./register.jsp");
                 }


            } catch (Exception e) {
                logger.error("LDAP error in creating user", e);
                response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp"));
                //response.sendRedirect("./error.jsp");
            }
        }
        printWriter.close();

    }
}
Add RegisterServlet.java 2017-10-20 14:31:39 +02:00			`package eu.dnetlib.openaire.usermanagement;`

Add emailSender at register 2017-10-25 16:15:07 +02:00			`import eu.dnetlib.openaire.user.utils.EmailSender;`
Add RegisterServlet.java 2017-10-20 14:31:39 +02:00			`import eu.dnetlib.openaire.user.utils.LDAPActions;`
			`import eu.dnetlib.openaire.user.utils.VerificationActions;`
Add session check to redirect pages 2018-03-09 17:11:28 +01:00			`import eu.dnetlib.openaire.usermanagement.utils.UrlConstructor;`
Add RegisterServlet.java 2017-10-20 14:31:39 +02:00			`import org.apache.log4j.Logger;`
			`import org.springframework.beans.factory.annotation.Autowired;`
			`import org.springframework.web.context.support.SpringBeanAutowiringSupport;`

			`import javax.servlet.ServletConfig;`
			`import javax.servlet.ServletException;`
			`import javax.servlet.http.HttpServlet;`
			`import javax.servlet.http.HttpServletRequest;`
			`import javax.servlet.http.HttpServletResponse;`
			`import java.io.IOException;`
			`import java.io.PrintWriter;`
Add emailSender at register 2017-10-25 16:15:07 +02:00			`import java.sql.Timestamp;`
			`import java.util.Date;`
			`import java.util.UUID;`
Add RegisterServlet.java 2017-10-20 14:31:39 +02:00
			`/**`
			`* Created by sofia on 20/10/2017.`
			`*/`
			`public class RegisterServlet extends HttpServlet {`

			`public void init(ServletConfig config) throws ServletException {`
			`super.init(config);`
			`SpringBeanAutowiringSupport.processInjectionBasedOnServletContext(this,`
			`config.getServletContext());`
			`}`

			`@Autowired`
			`private VerificationActions verificationActions;`

Add emailSender at register 2017-10-25 16:15:07 +02:00			`@Autowired`
			`private EmailSender emailSender;`

Add RegisterServlet.java 2017-10-20 14:31:39 +02:00			`@Autowired`
			`private LDAPActions ldapActions;`

			`private Logger logger = Logger.getLogger(RegisterServlet.class);`

			`@Override`
			`protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {`
			`response.setContentType("text/html");`
			`PrintWriter printWriter = response.getWriter();`

Trim input fields at the backend 2017-11-07 11:56:43 +01:00			`String firstName = request.getParameter("first_name").trim();`
			`String lastName = request.getParameter("last_name").trim();`
			`String organization = request.getParameter("organization").trim();`
			`String username = request.getParameter("username").trim();`
			`String email =request.getParameter("email").trim();`
			`String confirmEmail = request.getParameter("email_conf").trim();`
Add registerSuccess.jsp 2017-11-01 11:58:15 +01:00			`String password = request.getParameter("password");`
			`String confirmPassword = request.getParameter("password_conf");`
Add RegisterServlet.java 2017-10-20 14:31:39 +02:00
			`if (organization == null){`
			`logger.info("organization is null");`
			`}`
			`if (firstName != null && lastName != null && username != null &&`
Add registerSuccess.jsp 2017-11-01 11:58:15 +01:00			`email.equals(confirmEmail) && password.equals(confirmPassword) ) {`
Add another java check about username lenght 2017-10-30 14:00:20 +01:00
Add RegisterServlet.java 2017-10-20 14:31:39 +02:00			`try {`
Add emailSender at register 2017-10-25 16:15:07 +02:00
Escape chars in regular expession for username 2018-04-04 23:25:50 +02:00			`if (username.matches("^[a-zA-Z0-9\\.\\_\\-]{4,150}") && !ldapActions.usernameExists(username) && !ldapActions.emailExists(email)`
Check if it is zombie user's username or email 2017-11-08 13:00:59 +01:00			`&& !ldapActions.isZombieUsersEmail(email) && !ldapActions.isZombieUsersUsername(username)) {`
Add javascript code to keep input after redirect to the same jsp page 2017-10-30 13:33:02 +01:00
Complete ldapmodify about zombies and users :P at front end 2017-11-06 14:51:36 +01:00			`ldapActions.createZombieUser(username, email, firstName, lastName, organization, password);`
Trim input fields at the backend 2017-11-07 11:56:43 +01:00			`logger.info("Zombie user successfully created");`
Add emailSender at register 2017-10-25 16:15:07 +02:00
Add email and username check 2017-10-26 15:10:30 +02:00			`UUID verificationCode = UUID.randomUUID();`
			`Date creationDate = new Date();`
Add emailSender at register 2017-10-25 16:15:07 +02:00
Add email and username check 2017-10-26 15:10:30 +02:00			`Timestamp timestamp = new Timestamp(creationDate.getTime());`
Add emailSender at register 2017-10-25 16:15:07 +02:00
Add email and username check 2017-10-26 15:10:30 +02:00			`if (!verificationActions.verificationEntryExists(username)) {`
			`verificationActions.addVerificationEntry(username, verificationCode.toString(), timestamp);`
Add emailSender at register 2017-10-25 16:15:07 +02:00
Add email and username check 2017-10-26 15:10:30 +02:00			`} else {`
			`verificationActions.updateVerificationEntry(username, verificationCode.toString(), timestamp);`
			`}`
Add emailSender at register 2017-10-25 16:15:07 +02:00
Add session check to redirect pages 2018-03-09 17:11:28 +01:00			`String resultPath = UrlConstructor.getRedirectUrl(request, "activate.jsp");`
Uncomment check for session attribute in case of empty username redirect to forgotPassword page 2018-03-08 15:41:15 +01:00
Change email format and add link for activation 2017-11-07 13:21:18 +01:00			`String verificationCodeMsg = "<p>Hello " + username + ",</p>" +`
Change email format and add link for verification 2017-11-07 13:41:53 +01:00			`"<p> A request has been made to verify your email and activate your OpenAIRE account. To activate your " +`
Change email format and add link for activation 2017-11-07 13:21:18 +01:00			`"account, you will need to submit your username and this activation code in order to verify that the" +`
			`"request was legitimate.</p>" +`
			`"<p>" +`
			`"The activation code is " + verificationCode.toString() +`
			`"</p>" +`
			`"Select the URL below and proceed with activating your password." +`
Change email format and add link for verification 2017-11-07 13:41:53 +01:00			`"<p><a href=" + resultPath + ">" + resultPath + "</a></p>" +`
			`"<p>Thank you</p>";`
Add emailSender at register 2017-10-25 16:15:07 +02:00
Change email subject 2017-10-26 15:42:42 +02:00			`String verificationCodeSubject = "Activate your OpenAIRE account";`
Add emailSender at register 2017-10-25 16:15:07 +02:00
Add email and username check 2017-10-26 15:10:30 +02:00			`emailSender.sendEmail(email, verificationCodeSubject, verificationCodeMsg);`
Add emailSender at register 2017-10-25 16:15:07 +02:00
Add email and username check 2017-10-26 15:10:30 +02:00			`response.sendRedirect("./activate.jsp");`
Add variables in session 2017-10-30 15:34:06 +01:00
Add email and username check 2017-10-26 15:10:30 +02:00			`} else {`

Escape chars in regular expession for username 2018-04-04 23:25:50 +02:00			`if(!username.matches("^[a-zA-Z0-9\\.\\_\\-]{4,150}")) {`
Add another java check about username lenght 2017-10-30 14:00:20 +01:00
			`if (username.length() < 5) {`
			`request.getSession().setAttribute("username_message", "Minimum username length 5 characters.");`
			`logger.info("Minimum username length 5 characters.");`
			`}`

			`if (username.length() > 150) {`
Add check for username - Allow only numbers, letters, periods, underscores and hyphens 2018-04-04 17:13:29 +02:00			`request.getSession().setAttribute("username_message", "Maximum username length 150 characters.");`
			`logger.info("Maximum username length 150 characters.");`
			`}`

			`if (!username.matches("^[a-zA-Z0-9\\.\\_\\-]")) {`
			`request.getSession().setAttribute("username_allowed_message", "You can use only letters, numbers, underscores, hyphens and periods.");`
			`logger.info("Only letters, numbers, underscores, hyphens and periods.");`
Add another java check about username lenght 2017-10-30 14:00:20 +01:00			`}`
			`}`

Check if it is zombie user's username or email 2017-11-08 13:00:59 +01:00			`if (ldapActions.usernameExists(username) \|\| ldapActions.isZombieUsersUsername(username)) {`
Add email and username check 2017-10-26 15:10:30 +02:00			`request.getSession().setAttribute("username_message", "Username already exists! Choose another one.");`
			`logger.info("Username already exists");`
			`}`

			`if (ldapActions.emailExists(email)) {`
			`request.getSession().setAttribute("email_message", "There is another user with this email.");`
			`logger.info("There is another user with this email");`
			`}`

Check if it is zombie user's username or email 2017-11-08 13:00:59 +01:00			`if (ldapActions.isZombieUsersEmail(email)) {`
			`request.getSession().setAttribute("email_message", "You have already registered with this email address! Please check your email to activate your account or contact OpenAIRE <a href=\"https://www.openaire.eu/support/helpdesk\">helpdesk</a>.");`
			`logger.info("There is another user with this email");`
			`}`

Add variables in session 2017-10-30 15:34:06 +01:00			`request.getSession().setAttribute("first_name", firstName);`
			`request.getSession().setAttribute("last_name", lastName);`
			`request.getSession().setAttribute("organization", organization);`
			`request.getSession().setAttribute("username", username);`
			`request.getSession().setAttribute("email", email);`
			`request.getSession().setAttribute("email_conf", confirmEmail);`

Add email and username check 2017-10-26 15:10:30 +02:00			`response.sendRedirect("./register.jsp");`
			`}`

Add emailSender at register 2017-10-25 16:15:07 +02:00
Add RegisterServlet.java 2017-10-20 14:31:39 +02:00			`} catch (Exception e) {`
			`logger.error("LDAP error in creating user", e);`
Add session check to redirect pages 2018-03-09 17:11:28 +01:00			`response.sendRedirect(UrlConstructor.getRedirectUrl(request, "error.jsp"));`
			`//response.sendRedirect("./error.jsp");`
Add RegisterServlet.java 2017-10-20 14:31:39 +02:00			`}`
			`}`
			`printWriter.close();`

			`}`
			`}`