Skip to content
GitLab
Projects
Groups
Snippets
/
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Genesys PGR
Genesys Backend
Commits
854af0c1
Commit
854af0c1
authored
Oct 16, 2013
by
Matija Obreza
Browse files
Removed Captcha checks for local requests
parent
a2584b03
Changes
3
Hide whitespace changes
Inline
Side-by-side
src/main/java/org/genesys2/server/service/UserService.java
View file @
854af0c1
...
...
@@ -29,6 +29,8 @@ public interface UserService {
@PreAuthorize
(
"hasRole('ADMINISTRATOR')"
)
void
addUser
(
User
user
)
throws
UserException
;
User
createAccount
(
String
email
,
String
initialPassword
,
String
fullName
);
@PreAuthorize
(
"hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')"
)
void
updateUser
(
User
user
)
throws
UserException
;
...
...
src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java
View file @
854af0c1
...
...
@@ -114,6 +114,26 @@ public class UserServiceImpl implements UserService {
return
userWrapper
;
}
@Override
@Transactional
(
readOnly
=
false
)
public
User
createAccount
(
String
email
,
String
initialPassword
,
String
fullName
)
{
User
user
=
new
User
();
user
.
setEmail
(
email
);
user
.
setName
(
fullName
);
user
.
getRoles
().
add
(
UserRole
.
USER
);
setPassword
(
user
,
initialPassword
);
userPersistence
.
save
(
user
);
return
user
;
}
/**
* @deprecated Use {@link #createAccount(String, String, String)} to add
* users
* @param user
* @throws UserException
*/
@Deprecated
@Override
@Transactional
(
readOnly
=
false
,
rollbackFor
=
NotUniqueUserException
.
class
)
public
void
addUser
(
User
user
)
throws
UserException
{
...
...
@@ -161,11 +181,13 @@ public class UserServiceImpl implements UserService {
@Transactional
(
readOnly
=
false
)
public
void
updatePassword
(
long
userId
,
String
rawPassword
)
throws
UserException
{
User
user
=
userPersistence
.
findOne
(
userId
);
setPassword
(
user
,
rawPassword
);
userPersistence
.
save
(
user
);
}
private
void
setPassword
(
User
user
,
String
rawPassword
)
{
// encrypt password
user
.
setPassword
(
passwordEncoder
.
encode
(
rawPassword
));
userPersistence
.
save
(
user
);
}
@Override
...
...
src/main/java/org/genesys2/server/servlet/controller/HtmlController.java
View file @
854af0c1
...
...
@@ -16,6 +16,8 @@
package
org.genesys2.server.servlet.controller
;
import
java.net.InetAddress
;
import
java.net.UnknownHostException
;
import
java.util.Arrays
;
import
java.util.List
;
import
java.util.Locale
;
...
...
@@ -25,7 +27,6 @@ import javax.servlet.http.HttpServletRequest;
import
net.tanesha.recaptcha.ReCaptchaImpl
;
import
net.tanesha.recaptcha.ReCaptchaResponse
;
import
org.genesys2.server.aspect.AsAdmin
;
import
org.genesys2.server.model.Permissions
;
import
org.genesys2.server.model.UserRole
;
import
org.genesys2.server.model.impl.User
;
...
...
@@ -34,8 +35,6 @@ import org.genesys2.server.service.CropService;
import
org.genesys2.server.service.UserService
;
import
org.springframework.beans.factory.annotation.Autowired
;
import
org.springframework.beans.factory.annotation.Value
;
import
org.springframework.security.authentication.UsernamePasswordAuthenticationToken
;
import
org.springframework.security.core.context.SecurityContextHolder
;
import
org.springframework.stereotype.Controller
;
import
org.springframework.ui.ModelMap
;
import
org.springframework.validation.BindingResult
;
...
...
@@ -100,38 +99,51 @@ public class HtmlController extends BaseController {
}
@RequestMapping
(
value
=
"new-user"
)
@AsAdmin
public
String
addUser
(
@ModelAttribute
User
user
,
BindingResult
bindingResult
,
HttpServletRequest
req
,
@RequestParam
(
"recaptcha_challenge_field"
)
String
challenge
,
@RequestParam
(
"recaptcha_response_field"
)
String
response
)
{
@RequestParam
(
value
=
"recaptcha_challenge_field"
,
required
=
false
)
String
challenge
,
@RequestParam
(
value
=
"recaptcha_response_field"
,
required
=
false
)
String
response
)
{
user
.
getRoles
().
add
(
UserRole
.
USER
);
validator
.
validate
(
user
,
bindingResult
);
// Validate the reCAPTCHA
String
remoteAddr
=
req
.
getRemoteAddr
();
ReCaptchaImpl
reCaptcha
=
new
ReCaptchaImpl
()
;
boolean
isLocalRequest
=
false
;
reCaptcha
.
setPrivateKey
(
captchaPrivateKey
);
try
{
InetAddress
remoteInetAddr
=
InetAddress
.
getByName
(
remoteAddr
);
isLocalRequest
=
remoteInetAddr
.
isAnyLocalAddress
()
||
remoteInetAddr
.
isLoopbackAddress
();
_logger
.
debug
(
"Remote addr: "
+
remoteAddr
+
" "
+
remoteInetAddr
+
" isLocal="
+
isLocalRequest
);
}
catch
(
UnknownHostException
e1
)
{
_logger
.
warn
(
e1
.
getMessage
());
}
if
(!
isLocalRequest
)
{
ReCaptchaImpl
reCaptcha
=
new
ReCaptchaImpl
();
reCaptcha
.
setPrivateKey
(
captchaPrivateKey
);
ReCaptchaResponse
reCaptchaResponse
=
reCaptcha
.
checkAnswer
(
remoteAddr
,
challenge
,
response
);
ReCaptchaResponse
reCaptchaResponse
=
reCaptcha
.
checkAnswer
(
remoteAddr
,
challenge
,
response
);
if
(!
reCaptchaResponse
.
isValid
())
{
FieldError
fieldError
=
new
FieldError
(
"comment"
,
"captcha"
,
response
,
false
,
new
String
[]
{
"errors.badCaptcha"
},
null
,
"Please try again."
);
bindingResult
.
addError
(
fieldError
);
if
(!
reCaptchaResponse
.
isValid
())
{
_logger
.
warn
(
"Invalid captcha."
);
FieldError
fieldError
=
new
FieldError
(
"comment"
,
"captcha"
,
response
,
false
,
new
String
[]
{
"errors.badCaptcha"
},
null
,
"Please try again."
);
bindingResult
.
addError
(
fieldError
);
}
}
try
{
if
(!
bindingResult
.
hasErrors
())
{
if
(!
userService
.
exists
(
user
.
getEmail
()))
{
userService
.
addUser
(
user
);
userService
.
createAccount
(
user
.
getEmail
(),
user
.
getPassword
(),
user
.
getName
());
return
"redirect:/content/account-created"
;
}
else
{
return
"redirect:/registration.html?exist=true"
;
}
SecurityContextHolder
.
getContext
().
setAuthentication
(
new
UsernamePasswordAuthenticationToken
(
user
.
getEmail
(),
user
.
getPassword
()));
return
"redirect:/"
;
}
else
{
_logger
.
warn
(
"New account form has errors: "
+
bindingResult
.
getErrorCount
());
}
}
catch
(
Exception
e
)
{
simpleExceptionHandler
(
e
);
_logger
.
error
(
e
.
getMessage
(),
e
);
// simpleExceptionHandler(e);
}
return
"redirect:/registration.html?error=true"
;
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment