changes in username and password checks
This commit is contained in:
parent
e17be455fe
commit
bf7d5f2061
|
|
@ -69,8 +69,10 @@ public class RegisterServlet extends HttpServlet {
|
|||
String confirmEmail = request.getParameter("email_conf").trim();
|
||||
String password = request.getParameter("password");
|
||||
String confirmPassword = request.getParameter("password_conf");
|
||||
|
||||
String gRecaptchaResponse = request.getParameter("g-recaptcha-response");
|
||||
|
||||
boolean isRecaptchaVerified = VerifyRecaptcha.verify(gRecaptchaResponse, secret);
|
||||
//System.out.println("RESPONSE " + gRecaptchaResponse);
|
||||
|
||||
if (organization == null){
|
||||
|
|
@ -79,11 +81,10 @@ public class RegisterServlet extends HttpServlet {
|
|||
|
||||
if (firstName != null && lastName != null && username != null && email!= null &&
|
||||
email.equals(confirmEmail) && password!= null && password.equals(confirmPassword) &&
|
||||
!EmailValidator.getInstance().isValid(email) && isValidPassword(password) && VerifyRecaptcha.verify(gRecaptchaResponse, secret)) {
|
||||
|
||||
EmailValidator.getInstance().isValid(email) && isValidPassword(password) && isRecaptchaVerified) {
|
||||
try {
|
||||
|
||||
if (username.matches("^[a-zA-Z0-9\\.\\_\\-]{4,150}") && !ldapActions.usernameExists(username) && !ldapActions.emailExists(email)
|
||||
if (username.matches("^[a-zA-Z0-9][a-zA-Z0-9\\.\\_\\-]{4,150}") && !ldapActions.usernameExists(username) && !ldapActions.emailExists(email)
|
||||
&& !ldapActions.isZombieUsersEmail(email) && !ldapActions.isZombieUsersUsername(username) && EmailValidator.getInstance().isValid(email)) {
|
||||
|
||||
ldapActions.createZombieUser(username, email, firstName, lastName, organization, password);
|
||||
|
|
@ -122,27 +123,23 @@ public class RegisterServlet extends HttpServlet {
|
|||
|
||||
} else {
|
||||
|
||||
if(!username.matches("^[a-zA-Z0-9\\.\\_\\-]{4,150}")) {
|
||||
|
||||
validateUsername(request, username);
|
||||
|
||||
}
|
||||
validateUsername(request, username);
|
||||
|
||||
if (ldapActions.usernameExists(username) || ldapActions.isZombieUsersUsername(username)) {
|
||||
request.getSession().setAttribute("username_message", "Username already exists! Choose another one.");
|
||||
logger.info("Username already exists");
|
||||
}
|
||||
|
||||
if (ldapActions.emailExists(email)) {
|
||||
request.getSession().setAttribute("email_message", "There is another user with this email.");
|
||||
logger.info("There is another user with this email");
|
||||
}
|
||||
|
||||
if (!EmailValidator.getInstance().isValid(email)) {
|
||||
request.getSession().setAttribute("email_message", "Please enter a valid email.");
|
||||
logger.info("Invalid email.");
|
||||
}
|
||||
|
||||
if (ldapActions.emailExists(email)) {
|
||||
request.getSession().setAttribute("email_message", "There is another user with this email.");
|
||||
logger.info("There is another user with this email");
|
||||
}
|
||||
|
||||
if (ldapActions.isZombieUsersEmail(email)) {
|
||||
request.getSession().setAttribute("email_message", "You have already registered with this email address! Please check your email to activate your account or contact OpenAIRE <a href=\"https://www.openaire.eu/support/helpdesk\">helpdesk</a>.");
|
||||
logger.info("There is another user with this email");
|
||||
|
|
@ -176,7 +173,7 @@ public class RegisterServlet extends HttpServlet {
|
|||
} catch (MessagingException e) {
|
||||
logger.error("Error in sending email", e);
|
||||
request.getSession().setAttribute("message","Error sending email");
|
||||
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "./remindUsername.jsp"));
|
||||
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "./register.jsp"));
|
||||
//response.sendRedirect("./error.jsp");
|
||||
|
||||
//TODO better handling of these exceprions
|
||||
|
|
@ -196,42 +193,50 @@ public class RegisterServlet extends HttpServlet {
|
|||
request.getSession().setAttribute("email_conf", confirmEmail);
|
||||
|
||||
if (firstName == null || firstName.isEmpty()) {
|
||||
logger.info("No first name");
|
||||
request.getSession().setAttribute("msg_first_name_error_display", "display:block" );
|
||||
}
|
||||
|
||||
if (lastName == null || lastName.isEmpty()) {
|
||||
logger.info("No last name");
|
||||
request.getSession().setAttribute("msg_last_name_error_display", "display:block" );
|
||||
}
|
||||
|
||||
if (username == null || username.isEmpty()) {
|
||||
request.getSession().setAttribute("username_message", "Minimum username length 5 characters.");
|
||||
logger.info("Username does not exist.");
|
||||
logger.info("No username");
|
||||
|
||||
} else {
|
||||
validateUsername(request, username);
|
||||
}
|
||||
|
||||
if (password == null || password.isEmpty()) {
|
||||
logger.info("No valid password");
|
||||
request.getSession().setAttribute("msg_password_error_display", "display:block" );
|
||||
}
|
||||
|
||||
if(!EmailValidator.getInstance().isValid(email)) {
|
||||
logger.info("No valid e-mail");
|
||||
request.getSession().setAttribute("msg_email_validation_error_display", "display:block");
|
||||
}
|
||||
|
||||
if (!email.equals(confirmEmail)) {
|
||||
logger.info("No matching e-mails");
|
||||
request.getSession().setAttribute("msg_email_conf_error_display", "display:block" );
|
||||
}
|
||||
|
||||
if (!password.equals(confirmPassword)){
|
||||
request.getSession().setAttribute("msg_pass_conf_error_display", "display:block" );
|
||||
}
|
||||
|
||||
if(!isValidPassword(password)) {
|
||||
logger.info("No valid password");
|
||||
request.getSession().setAttribute("msg_invalid_password_display", "display:block");
|
||||
}
|
||||
|
||||
if (!VerifyRecaptcha.verify(gRecaptchaResponse, secret)) {
|
||||
if (!password.equals(confirmPassword)){
|
||||
logger.info("No matching passwords");
|
||||
request.getSession().setAttribute("msg_pass_conf_error_display", "display:block" );
|
||||
}
|
||||
|
||||
if (!isRecaptchaVerified) {
|
||||
logger.info("No valid recaptcha");
|
||||
request.getSession().setAttribute("recaptcha_error_display", "display:block" );
|
||||
}
|
||||
|
||||
|
|
@ -244,25 +249,30 @@ public class RegisterServlet extends HttpServlet {
|
|||
}
|
||||
|
||||
private void validateUsername(HttpServletRequest request, String username) {
|
||||
if (username.length() < 5) {
|
||||
request.getSession().setAttribute("username_message", "Minimum username length 5 characters.");
|
||||
logger.info("Minimum username length 5 characters.");
|
||||
}
|
||||
|
||||
if (username.length() > 150) {
|
||||
request.getSession().setAttribute("username_message", "Maximum username length 150 characters.");
|
||||
logger.info("Maximum username length 150 characters.");
|
||||
}
|
||||
if(!username.matches("^[a-zA-Z0-9][a-zA-Z0-9\\.\\_\\-]{4,150}")) {
|
||||
|
||||
if (!username.matches("^[a-zA-Z0-9\\.\\_\\-]")) {
|
||||
request.getSession().setAttribute("username_allowed_chars_message", "You can use letters, numbers, underscores, hyphens and periods.");
|
||||
logger.info("Only letters, numbers, underscores, hyphens and periods.");
|
||||
}
|
||||
logger.info("No valid username");
|
||||
if (username.length() < 5) {
|
||||
request.getSession().setAttribute("username_message", "Minimum username length 5 characters.");
|
||||
logger.info("Minimum username length 5 characters.");
|
||||
}
|
||||
|
||||
if (!username.matches("^[a-zA-Z0-9].*")) {
|
||||
request.getSession().setAttribute("username_first_char_message", "The username must start with letter or digit.");
|
||||
logger.info("The username must start with letter or digit.");
|
||||
}
|
||||
if (username.length() > 150) {
|
||||
request.getSession().setAttribute("username_message", "Maximum username length 150 characters.");
|
||||
logger.info("Maximum username length 150 characters.");
|
||||
}
|
||||
|
||||
if (!username.matches("^[a-zA-Z0-9\\.\\_\\-]")) {
|
||||
request.getSession().setAttribute("username_allowed_chars_message", "You can use letters, numbers, underscores, hyphens and periods.");
|
||||
logger.info("Only letters, numbers, underscores, hyphens and periods.");
|
||||
}
|
||||
|
||||
if (!username.matches("^[a-zA-Z0-9].*")) {
|
||||
request.getSession().setAttribute("username_first_char_message", "The username must start with letter or digit.");
|
||||
logger.info("The username must start with letter or digit.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
public static boolean isValidPassword(String password) {
|
||||
|
|
@ -271,13 +281,14 @@ public class RegisterServlet extends HttpServlet {
|
|||
(?=.*[0-9]) # a digit must occur at least once
|
||||
(?=.*[a-z]) # a lower case letter must occur at least once
|
||||
(?=.*[A-Z]) # an upper case letter must occur at least once
|
||||
(?=.*[@#$%^&+=]) # a special character must occur at least once
|
||||
(?=.*[@#$%^&+=]) # a special character must occur at least once. This has been removed.
|
||||
# Please add if special character is needed.
|
||||
(?=\S+$) # no whitespace allowed in the entire string
|
||||
.{8,} # anything, at least eight places though
|
||||
$ # end-of-string
|
||||
*/
|
||||
|
||||
if (password.matches("^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=])(?=\\S+$).{6,}$")) {
|
||||
if (password.matches("^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=\\S+$).{6,}$")) {
|
||||
logger.info("Valid password!");
|
||||
return true;
|
||||
}
|
||||
|
|
@ -285,8 +296,5 @@ public class RegisterServlet extends HttpServlet {
|
|||
logger.info("Not valid password!");
|
||||
return false;
|
||||
}
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue