Commit 854af0c1 authored by Matija Obreza's avatar Matija Obreza
Browse files

Removed Captcha checks for local requests

parent a2584b03
......@@ -29,6 +29,8 @@ public interface UserService {
@PreAuthorize("hasRole('ADMINISTRATOR')")
void addUser(User user) throws UserException;
User createAccount(String email, String initialPassword, String fullName);
@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')")
void updateUser(User user) throws UserException;
......
......@@ -114,6 +114,26 @@ public class UserServiceImpl implements UserService {
return userWrapper;
}
@Override
@Transactional(readOnly = false)
public User createAccount(String email, String initialPassword, String fullName) {
User user = new User();
user.setEmail(email);
user.setName(fullName);
user.getRoles().add(UserRole.USER);
setPassword(user, initialPassword);
userPersistence.save(user);
return user;
}
/**
* @deprecated Use {@link #createAccount(String, String, String)} to add
* users
* @param user
* @throws UserException
*/
@Deprecated
@Override
@Transactional(readOnly = false, rollbackFor = NotUniqueUserException.class)
public void addUser(User user) throws UserException {
......@@ -161,11 +181,13 @@ public class UserServiceImpl implements UserService {
@Transactional(readOnly = false)
public void updatePassword(long userId, String rawPassword) throws UserException {
User user = userPersistence.findOne(userId);
setPassword(user, rawPassword);
userPersistence.save(user);
}
private void setPassword(User user, String rawPassword) {
// encrypt password
user.setPassword(passwordEncoder.encode(rawPassword));
userPersistence.save(user);
}
@Override
......
......@@ -16,6 +16,8 @@
package org.genesys2.server.servlet.controller;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.util.Arrays;
import java.util.List;
import java.util.Locale;
......@@ -25,7 +27,6 @@ import javax.servlet.http.HttpServletRequest;
import net.tanesha.recaptcha.ReCaptchaImpl;
import net.tanesha.recaptcha.ReCaptchaResponse;
import org.genesys2.server.aspect.AsAdmin;
import org.genesys2.server.model.Permissions;
import org.genesys2.server.model.UserRole;
import org.genesys2.server.model.impl.User;
......@@ -34,8 +35,6 @@ import org.genesys2.server.service.CropService;
import org.genesys2.server.service.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.validation.BindingResult;
......@@ -100,38 +99,51 @@ public class HtmlController extends BaseController {
}
@RequestMapping(value = "new-user")
@AsAdmin
public String addUser(@ModelAttribute User user, BindingResult bindingResult, HttpServletRequest req,
@RequestParam("recaptcha_challenge_field") String challenge, @RequestParam("recaptcha_response_field") String response) {
@RequestParam(value = "recaptcha_challenge_field", required = false) String challenge,
@RequestParam(value = "recaptcha_response_field", required = false) String response) {
user.getRoles().add(UserRole.USER);
validator.validate(user, bindingResult);
// Validate the reCAPTCHA
String remoteAddr = req.getRemoteAddr();
ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
boolean isLocalRequest = false;
reCaptcha.setPrivateKey(captchaPrivateKey);
try {
InetAddress remoteInetAddr = InetAddress.getByName(remoteAddr);
isLocalRequest = remoteInetAddr.isAnyLocalAddress() || remoteInetAddr.isLoopbackAddress();
_logger.debug("Remote addr: " + remoteAddr + " " + remoteInetAddr + " isLocal=" + isLocalRequest);
} catch (UnknownHostException e1) {
_logger.warn(e1.getMessage());
}
if (!isLocalRequest) {
ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
reCaptcha.setPrivateKey(captchaPrivateKey);
ReCaptchaResponse reCaptchaResponse = reCaptcha.checkAnswer(remoteAddr, challenge, response);
ReCaptchaResponse reCaptchaResponse = reCaptcha.checkAnswer(remoteAddr, challenge, response);
if (!reCaptchaResponse.isValid()) {
FieldError fieldError = new FieldError("comment", "captcha", response, false, new String[] { "errors.badCaptcha" }, null, "Please try again.");
bindingResult.addError(fieldError);
if (!reCaptchaResponse.isValid()) {
_logger.warn("Invalid captcha.");
FieldError fieldError = new FieldError("comment", "captcha", response, false, new String[] { "errors.badCaptcha" }, null, "Please try again.");
bindingResult.addError(fieldError);
}
}
try {
if (!bindingResult.hasErrors()) {
if (!userService.exists(user.getEmail())) {
userService.addUser(user);
userService.createAccount(user.getEmail(), user.getPassword(), user.getName());
return "redirect:/content/account-created";
} else {
return "redirect:/registration.html?exist=true";
}
SecurityContextHolder.getContext().setAuthentication(new UsernamePasswordAuthenticationToken(user.getEmail(), user.getPassword()));
return "redirect:/";
} else {
_logger.warn("New account form has errors: " + bindingResult.getErrorCount());
}
} catch (Exception e) {
simpleExceptionHandler(e);
_logger.error(e.getMessage(), e);
// simpleExceptionHandler(e);
}
return "redirect:/registration.html?error=true";
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment