litvinovg/vitro
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

NIHVIVO-2601 Improve the password-change functioning.

Browse source
This commit is contained in:
j2blake 2011-05-12 20:59:08 +00:00
parent 9d8610f410
commit 2d8873f41e
2 changed files with 69 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

69
webapp/src/edu/cornell/mannlib/vitro/webapp/controller/authenticate/AdminLoginController.java
View file

@ -7,7 +7,11 @@ import static edu.cornell.mannlib.vedit.beans.LoginStatusBean.AuthenticationSour
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions; import edu.cornell.mannlib.vitro.webapp.auth.requestedAction.Actions;
import edu.cornell.mannlib.vitro.webapp.beans.User;
import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest; import edu.cornell.mannlib.vitro.webapp.controller.VitroRequest;
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet; import edu.cornell.mannlib.vitro.webapp.controller.freemarker.FreemarkerHttpServlet;
import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder; import edu.cornell.mannlib.vitro.webapp.controller.freemarker.UrlBuilder;
@ -23,9 +27,13 @@ import edu.cornell.mannlib.vitro.webapp.controller.freemarker.responsevalues.Tem
* URL can come here, but they need to pass Internal Authentication to proceed. * URL can come here, but they need to pass Internal Authentication to proceed.
*/ */
public class AdminLoginController extends FreemarkerHttpServlet { public class AdminLoginController extends FreemarkerHttpServlet {
private static final Log log = LogFactory
.getLog(AdminLoginController.class);
public static final String PARAMETER_USERNAME = "username"; public static final String PARAMETER_USERNAME = "username";
public static final String PARAMETER_PASSWORD = "password"; public static final String PARAMETER_PASSWORD = "password";
public static final String PARAMETER_NEW_PASSWORD = "newPassword"; public static final String PARAMETER_NEW_PASSWORD = "newPassword";
public static final String PARAMETER_CONFIRM_PASSWORD = "confirmPassword";
public static final String URL_THIS = "/admin/login"; public static final String URL_THIS = "/admin/login";
public static final String URL_HOME_PAGE = "/"; public static final String URL_HOME_PAGE = "/";
@ -36,6 +44,9 @@ public class AdminLoginController extends FreemarkerHttpServlet {
private static final String MESSAGE_NO_PASSWORD = "errorNoPassword"; private static final String MESSAGE_NO_PASSWORD = "errorNoPassword";
private static final String MESSAGE_LOGIN_FAILED = "errorLoginFailed"; private static final String MESSAGE_LOGIN_FAILED = "errorLoginFailed";
private static final String MESSAGE_NEW_PASSWORD_REQUIRED = "newPasswordRequired"; private static final String MESSAGE_NEW_PASSWORD_REQUIRED = "newPasswordRequired";
private static final String MESSAGE_NEW_PASSWORD_WRONG_LENGTH = "errorNewPasswordWrongLength";
private static final String MESSAGE_NEW_PASSWORDS_DONT_MATCH = "errorNewPasswordsDontMatch";
private static final String MESSAGE_NEW_PASSWORD_MATCHES_OLD = "errorNewPasswordMatchesOld";
@Override @Override
protected Actions requiredActions(VitroRequest vreq) { protected Actions requiredActions(VitroRequest vreq) {
@ -56,6 +67,7 @@ public class AdminLoginController extends FreemarkerHttpServlet {
private final String username; private final String username;
private final String password; private final String password;
private final String newPassword; private final String newPassword;
private final String confirmPassword;
public Core(VitroRequest vreq) { public Core(VitroRequest vreq) {
this.auth = Authenticator.getInstance(vreq); this.auth = Authenticator.getInstance(vreq);
@ -64,20 +76,40 @@ public class AdminLoginController extends FreemarkerHttpServlet {
this.password = nonNull(vreq.getParameter(PARAMETER_PASSWORD)); this.password = nonNull(vreq.getParameter(PARAMETER_PASSWORD));
this.newPassword = nonNull(vreq this.newPassword = nonNull(vreq
.getParameter(PARAMETER_NEW_PASSWORD)); .getParameter(PARAMETER_NEW_PASSWORD));
this.confirmPassword = nonNull(vreq
.getParameter(PARAMETER_CONFIRM_PASSWORD));
log.debug("Parameters: username='" + username + "', password='"
+ password + "', newPassword='" + newPassword
+ "', confirmPassword='" + confirmPassword + "'");
} }
public ResponseValues process() { public ResponseValues process() {
if (username.isEmpty() && password.isEmpty()) { if (username.isEmpty() && password.isEmpty()) {
return showInitialForm(); return showForm();
} }
if (username.isEmpty()) { if (username.isEmpty()) {
return showFormWithMessage(MESSAGE_NO_USERNAME); return showForm(MESSAGE_NO_USERNAME);
} }
if (password.isEmpty()) { if (password.isEmpty()) {
return showFormWithMessage(MESSAGE_NO_PASSWORD); return showForm(MESSAGE_NO_PASSWORD);
}
if (newPasswordRequired()) {
if (newPassword.isEmpty()) {
return showForm(MESSAGE_NEW_PASSWORD_REQUIRED);
}
if (!isPasswordValidLength(newPassword)) {
return showForm(MESSAGE_NEW_PASSWORD_REQUIRED,
MESSAGE_NEW_PASSWORD_WRONG_LENGTH);
}
if (newPassword.equals(password)) {
return showForm(MESSAGE_NEW_PASSWORD_REQUIRED,
MESSAGE_NEW_PASSWORD_MATCHES_OLD);
}
if (!newPassword.equals(confirmPassword)) {
return showForm(MESSAGE_NEW_PASSWORD_REQUIRED,
MESSAGE_NEW_PASSWORDS_DONT_MATCH);
} }
if (newPasswordRequired() && newPassword.isEmpty()) {
return showFormWithMessage(MESSAGE_NEW_PASSWORD_REQUIRED);
} }
boolean loggedIn = tryToLogin(); boolean loggedIn = tryToLogin();
@ -85,7 +117,7 @@ public class AdminLoginController extends FreemarkerHttpServlet {
return goToHomePage(); return goToHomePage();
} }
return showFormWithMessage(MESSAGE_LOGIN_FAILED); return showForm(MESSAGE_LOGIN_FAILED);
} }
private boolean newPasswordRequired() { private boolean newPasswordRequired() {
@ -93,6 +125,11 @@ public class AdminLoginController extends FreemarkerHttpServlet {
&& auth.isPasswordChangeRequired(username); && auth.isPasswordChangeRequired(username);
} }
private boolean isPasswordValidLength(String pw) {
return (pw.length() >= User.MIN_PASSWORD_LENGTH)
&& (pw.length() <= User.MAX_PASSWORD_LENGTH);
}
private boolean tryToLogin() { private boolean tryToLogin() {
if (auth.isCurrentPassword(username, password)) { if (auth.isCurrentPassword(username, password)) {
auth.recordLoginAgainstUserAccount(username, INTERNAL); auth.recordLoginAgainstUserAccount(username, INTERNAL);
@ -107,18 +144,20 @@ public class AdminLoginController extends FreemarkerHttpServlet {
} }
} }
private ResponseValues showInitialForm() { private ResponseValues showForm(String... codes) {
Map<String, Object> body = new HashMap<String, Object>();
body.put("controllerUrl", UrlBuilder.getUrl(URL_THIS));
body.put("username", "");
return new TemplateResponseValues(TEMPLATE_NAME, body);
}
private ResponseValues showFormWithMessage(String messageCode) {
Map<String, Object> body = new HashMap<String, Object>(); Map<String, Object> body = new HashMap<String, Object>();
body.put("controllerUrl", UrlBuilder.getUrl(URL_THIS)); body.put("controllerUrl", UrlBuilder.getUrl(URL_THIS));
body.put("username", username); body.put("username", username);
body.put(messageCode, Boolean.TRUE); body.put("password", password);
body.put("newPassword", newPassword);
body.put("confirmPassword", confirmPassword);
for (String code : codes) {
body.put(code, Boolean.TRUE);
}
log.debug("showing form with values: " + body);
return new TemplateResponseValues(TEMPLATE_NAME, body); return new TemplateResponseValues(TEMPLATE_NAME, body);
} }

18
webapp/web/templates/freemarker/body/adminLogin.ftl
View file

@ -17,7 +17,19 @@
<#assign errorMessage = "Email or Password was incorrect." /> <#assign errorMessage = "Email or Password was incorrect." />
</#if> </#if>
<#if (errorNoUser?? || errorNoPassword?? || errorLoginFailed?? )> <#if errorNewPasswordWrongLength??>
<#assign errorMessage = "Password must be between 6 and 12 characters." />
</#if>
<#if errorNewPasswordsDontMatch??>
<#assign errorMessage = "Passwords do not match." />
</#if>
<#if errorNewPasswordMatchesOld??>
<#assign errorMessage = "Your new password must be different from your existing password." />
</#if>
<#if errorMessage?has_content>
<section id="error-alert" role="alert"> <section id="error-alert" role="alert">
<img src="${urls.images}/iconAlert.png" width="24" height="24" alert="Error alert icon"/> <img src="${urls.images}/iconAlert.png" width="24" height="24" alert="Error alert icon"/>
<p>${errorMessage}</p> <p>${errorMessage}</p>
@ -33,12 +45,12 @@
<form method="post" action="${controllerUrl}"> <form method="post" action="${controllerUrl}">
<#if newPasswordRequired??> <#if newPasswordRequired??>
<label for="newPassword">New Password</label> <label for="newPassword">New Password</label>
<input name="password" id="password" class="text-field" type="password" required autofocus /> <input name="newPassword" id="newPassword" class="text-field" type="password" value="${newPassword!}" required autofocus />
<p class="password-note">Minimum of 6 characters in length.</p> <p class="password-note">Minimum of 6 characters in length.</p>
<label for="confirmPassword">Confirm Password</label> <label for="confirmPassword">Confirm Password</label>
<input id="confirmPassword" name="confirmPassword" class="text-field" type="password" required /> <input id="confirmPassword" name="confirmPassword" class="text-field" type="password" value="${confirmPassword!}" required />
<input id="username" name="username" type="hidden" value="${username!}" /> <input id="username" name="username" type="hidden" value="${username!}" />
<input id="password" name="password" type="hidden" value="${password!}" /> <input id="password" name="password" type="hidden" value="${password!}" />