StephanRichter/Widerhall
1
0
Fork 0
Code Issues Pull Requests Actions Projects Releases Activity

started working on templates and api

Browse Source
This commit is contained in:
Stephan Richter
2022-04-15 14:59:51 +02:00
parent 26df2e5654
commit 546d3c10f3
16 changed files with 313 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/main/java/de/srsoftware/widerhall/Application.java
View File

@@ -35,7 +35,7 @@ public class Application {
SessionHandler sh = new SessionHandler();
server.setConnectors(new Connector[]{connector});
ServletContextHandler context = new ServletContextHandler(server, "/",sh,null,null,null);
context.addServlet(Rest.class,"/api");
context.addServlet(Rest.class,"/api/*");
context.addServlet(Web.class,"/web/*");
server.start();

19
src/main/java/de/srsoftware/widerhall/Constants.java
View File

@@ -1,18 +1,21 @@
package de.srsoftware.widerhall;
public class Constants {
public static final String IMAPS = "imaps";
public static final String PROTOCOL = "mail.store.protocol";
public static final String ADMIN = "Admin";
public static final String EMAIL = "email";
public static final String ERROR = "error";
public static final String HOST = "host";
public static final String USER = "user";
public static final String PASSWORD = "password";
public static final String IMAPS = "imaps";
public static final String INBOX = "inbox";
public static final String INDEX = "index";
public static final String NAME = "name";
public static final String NOTES = "notes";
public static final String PASSWORD = "password";
public static final String PROTOCOL = "mail.store.protocol";
public static final String USER = "user";
public static final Object PORT = "port";
public static final String TOKEN_URL = "token_url";
public static final String LOGIN_URL = "login_url";
public static final String BASE_URL = "base_url";
public static final String CLIENT_ID = "client_id";
public static final String CLIENT_SECRET = "client_secret";
public static final String DB = "database";
public static final String BASE = "base";
public static final String CONFIG = "configuration";

22
src/main/java/de/srsoftware/widerhall/Util.java
View File

@@ -62,4 +62,26 @@ public class Util {
public static boolean isEmail(String email) {
return email.matches(EMAIL_PATTERN);
}
public static boolean simplePassword(String pass) {
if (pass.length() < 6) return true;
if (pass.length() < 8){
for (int i=0; i<pass.length();i++){
if (!Character.isLetterOrDigit(pass.charAt(i))) return false; // password contains special character
}
}
if (pass.length() < 10){
var digit = false;
var letter = false;
for (int i=0; i<pass.length();i++){
char c = pass.charAt(i);
if (!Character.isLetterOrDigit(c)) return false; // password contains special character
digit |= Character.isDigit(c);
letter |= Character.isLetter(c);
if (letter && digit) return false; // password contains letters and digits
}
return true;
}
return false;
}
}

59
src/main/java/de/srsoftware/widerhall/data/User.java
View File

@@ -1,16 +1,23 @@
package de.srsoftware.widerhall.data;
import de.srsoftware.widerhall.Util;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import java.io.Serializable;
import java.security.InvalidKeyException;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.time.LocalDate;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;
import static de.srsoftware.widerhall.Util.t;
import static de.srsoftware.widerhall.data.Database.*;
public class User {
private static final Logger LOG = LoggerFactory.getLogger(User.class);
private static Database database = Database.open();
private String email, salt, hashedPass, name;
@@ -51,7 +58,50 @@ public class User {
throw new InvalidKeyException();
}
private static boolean noUsers() throws SQLException {
public String email() {
return email;
}
public String hashedPassword() {
return hashedPass;
}
public boolean is(String test){
if (test == null) return false;
return test.equals(name) || test.equals(email);
}
public static List<User> list() {
var userList = new ArrayList<User>();
try {
var rs = database.query("SELECT * FROM Users").exec();
while (rs.next()){
var email = rs.getString(EMAIL);
var name = rs.getString(NAME);
var salt = rs.getString(SALT);
var hashedPassword = rs.getString(HASHED_PASS);
userList.add(new User(email,name,salt,hashedPassword));
}
} catch (SQLException e) {
LOG.warn("Error loading user list!",e);
}
return userList;
}
public Map<String,String> map() {
return Map.of(EMAIL,email,NAME,name);
}
private boolean matching(String password) {
return hashedPass.equals(Util.sha256(password+salt));
}
public String name() {
return name;
}
public static boolean noUsers() throws SQLException {
var rs = database.query("SELECT count(*) FROM users").exec();
try {
if (rs.next()) {
@@ -63,10 +113,6 @@ public class User {
return false;
}
private boolean matching(String password) {
return hashedPass.equals(Util.sha256(password+salt));
}
private User save() throws SQLException {
database.insertInto("Users")
.values(Map.of(EMAIL,email,NAME,name,SALT,salt,HASHED_PASS,hashedPass))
@@ -74,7 +120,4 @@ public class User {
return this;
}
public Map<String,String> map() {
return Map.of(EMAIL,email,NAME,name);
}
}

41
src/main/java/de/srsoftware/widerhall/web/Rest.java
View File

@@ -1,5 +1,7 @@
package de.srsoftware.widerhall.web;
import de.srsoftware.widerhall.data.User;
import org.json.simple.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -8,14 +10,47 @@ import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Collection;
import java.util.List;
import java.util.Map;
import static de.srsoftware.widerhall.Constants.*;
import static de.srsoftware.widerhall.Util.t;
public class Rest extends HttpServlet {
private static final Logger LOG = LoggerFactory.getLogger(Rest.class);
private static final String USER_LIST = "user/list";
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
String method = req.getMethod();
LOG.debug("GET {}"+method);
String error = handleGet(req, resp);
if (error != null) resp.sendError(400,error);
}
public String handleGet(HttpServletRequest req, HttpServletResponse resp){
Object o = req.getSession().getAttribute(USER);
JSONObject json = new JSONObject();
if (o instanceof User user){
var path = req.getPathInfo();
json.put(USER,safeMapUser(user));
path = path == null ? INDEX : path.substring(1);
switch (path) {
case USER_LIST:
json.put("users", (user.is(ADMIN) ? User.list() : List.of(user)).stream().map(Rest::safeMapUser).toList());
break;
}
} else {
json.put(ERROR,"Not logged in!");
}
try {
resp.getWriter().println(json.toJSONString());
return null;
} catch (IOException e) {
return t("Failed to handle request: {}",e.getMessage());
}
}
private static Map<String,String> safeMapUser(User user){
return Map.of(NAME,user.name(),EMAIL,user.email(),PASSWORD,user.hashedPassword() == null ? "no" : "yes");
}
}

94
src/main/java/de/srsoftware/widerhall/web/Web.java
View File

@@ -15,23 +15,27 @@ import javax.servlet.http.HttpServletResponse;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.sql.SQLException;
import java.util.HashMap;
import java.util.Map;
import static de.srsoftware.widerhall.Constants.*;
import static de.srsoftware.widerhall.Util.t;
public class Web extends HttpServlet {
private static final Logger LOG = LoggerFactory.getLogger(Web.class);
private static final String LOGIN = "login";
private static final String LOGOUT = "logout";
private static final String REGISTER = "register";
private final String baseDir;
private final STGroup templates;
private STGroup templates;
private static final String WEB_ROOT = "/web";
public Web(){
var config = Configuration.instance();
baseDir = config.baseDir();
var templateDir = String.join(File.separator,baseDir,"static","templates");
templates = new STRawGroupDir(templateDir,'«','»');
loadTemplates();
}
@Override
@@ -42,22 +46,44 @@ public class Web extends HttpServlet {
private String handleGet(HttpServletRequest req, HttpServletResponse resp) {
var path = req.getPathInfo();
path = path == null ? "index" : path.substring(1);
path = path == null ? INDEX : path.substring(1);
String notes = null;
switch (path){
case "reload":
loadTemplates();
path = INDEX;
notes = t("Templates have been reloaded");
break;
case "css":
case "js":
case "login":
return loadTemplate(path,null,resp);
case LOGIN:
try {
if (User.noUsers()) return loadTemplate(REGISTER, Map.of(NOTES,t("User database is empty. Create admin user first:")), resp);
return loadTemplate(path,null,resp);
} catch (SQLException throwables) {
return "Error reading user database!";
}
case LOGOUT:
req.getSession().invalidate();
return redirectTo(INDEX,resp);
case "jquery":
return loadFile("jquery-3.6.0.min.js",resp);
}
var u = req.getSession().getAttribute("user");
if (u instanceof User user){
Map<String,Object> data = Map.of("user",user.map());
var o = req.getSession().getAttribute("user");
if (o instanceof User user){
var data = new HashMap<String,Object>();
data.put(USER,user.map());
data.put(NOTES,notes);
return loadTemplate(path,data,resp);
}
return loginRedirect(resp);
return redirectTo(LOGIN,resp);
}
private void loadTemplates() {
var templateDir = String.join(File.separator,baseDir,"static","templates");
templates = new STRawGroupDir(templateDir,'«','»');
}
private String loadTemplate(String path, Map<String, ? extends Object> data, HttpServletResponse resp) {
@@ -75,17 +101,17 @@ public class Web extends HttpServlet {
}
private String loginRedirect(HttpServletResponse resp) {
private String redirectTo(String page, HttpServletResponse resp) {
try {
resp.sendRedirect(String.join("/",WEB_ROOT,LOGIN));
resp.sendRedirect(String.join("/",WEB_ROOT,page));
return null;
} catch (IOException e) {
return t("Was not able to redirect to login page: {}", e.getMessage());
return t("Was not able to redirect to {} page: {}", page, e.getMessage());
}
}
private String loadFile(String filename, HttpServletResponse resp) {
var path = String.join(File.separator,baseDir,filename);
var path = String.join(File.separator,baseDir,"static",filename);
LOG.debug("loading {}",path);
var file = new File(path);
if (!file.exists()) return t("File {} does not exist!",filename);
@@ -106,19 +132,55 @@ public class Web extends HttpServlet {
private String handlePost(HttpServletRequest req, HttpServletResponse resp) {
var path = req.getPathInfo();
if (path == null) path = "/";
path = path == null ? INDEX : path.substring(1);
switch (path){
case "/login":
case LOGIN:
return handleLogin(req,resp);
case REGISTER:
return registerUser(req,resp);
}
return t("No handler for path {}!",path);
}
private String registerUser(HttpServletRequest req, HttpServletResponse resp) {
var email = req.getParameter("email");
var pass = req.getParameter("pass");
var pass_repeat = req.getParameter("pass_repeat");
var name = req.getParameter("name");
if (email == null || email.isBlank() ||
name == null || name.isBlank() ||
pass == null || pass.isBlank() ||
pass_repeat == null || pass_repeat.isBlank()) return loadTemplate(REGISTER,Map.of(ERROR,"Fill all fields, please!",NAME,name,EMAIL,email),resp);
if (!pass.equals(pass_repeat)) return loadTemplate(REGISTER,Map.of(ERROR,"Passwords do not match!",NAME,name,EMAIL,email),resp);
if (Util.simplePassword(pass)) return loadTemplate(REGISTER,Map.of(ERROR,"Password to short or to simple!",NAME,name,EMAIL,email),resp);
try {
if (User.noUsers()) { // we are registering the first user, which is forced to be „Admin“
name = ADMIN;
} else {
if (ADMIN.equals(name)) return loadTemplate(REGISTER,Map.of(ERROR,t("Name must not be „{}“",ADMIN),NAME,name,EMAIL,email),resp);
}
} catch (SQLException e) {
return t("Failed to access user database: {}",e.getMessage());
}
try {
var user = User.create(email, name, pass);
req.getSession().setAttribute("user",user);
return redirectTo(INDEX,resp);
} catch (SQLException e) {
return t("Failed to create new user: {}",e.getMessage());
}
}
private String handleLogin(HttpServletRequest req, HttpServletResponse resp) {
var email = req.getParameter("email");
var pass = req.getParameter("pass");
if (email == null || pass == null) return loginRedirect(resp);
if (email == null || pass == null) return loadTemplate("login", Map.of("error",t("Missing username or password!")), resp);
if (!Util.isEmail(email)) return loadTemplate("login", Map.of("error",t("'{}' is not a valid email address!",email)), resp);
try {
var user = User.load(email,pass);