69 |
69 |
String confirmEmail = request.getParameter("email_conf").trim();
|
70 |
70 |
String password = request.getParameter("password");
|
71 |
71 |
String confirmPassword = request.getParameter("password_conf");
|
|
72 |
|
72 |
73 |
String gRecaptchaResponse = request.getParameter("g-recaptcha-response");
|
73 |
74 |
|
|
75 |
boolean isRecaptchaVerified = VerifyRecaptcha.verify(gRecaptchaResponse, secret);
|
74 |
76 |
//System.out.println("RESPONSE " + gRecaptchaResponse);
|
75 |
77 |
|
76 |
78 |
if (organization == null){
|
... | ... | |
79 |
81 |
|
80 |
82 |
if (firstName != null && lastName != null && username != null && email!= null &&
|
81 |
83 |
email.equals(confirmEmail) && password!= null && password.equals(confirmPassword) &&
|
82 |
|
!EmailValidator.getInstance().isValid(email) && isValidPassword(password) && VerifyRecaptcha.verify(gRecaptchaResponse, secret)) {
|
83 |
|
|
|
84 |
EmailValidator.getInstance().isValid(email) && isValidPassword(password) && isRecaptchaVerified) {
|
84 |
85 |
try {
|
85 |
86 |
|
86 |
|
if (username.matches("^[a-zA-Z0-9\\.\\_\\-]{4,150}") && !ldapActions.usernameExists(username) && !ldapActions.emailExists(email)
|
|
87 |
if (username.matches("^[a-zA-Z0-9][a-zA-Z0-9\\.\\_\\-]{4,150}") && !ldapActions.usernameExists(username) && !ldapActions.emailExists(email)
|
87 |
88 |
&& !ldapActions.isZombieUsersEmail(email) && !ldapActions.isZombieUsersUsername(username) && EmailValidator.getInstance().isValid(email)) {
|
88 |
89 |
|
89 |
90 |
ldapActions.createZombieUser(username, email, firstName, lastName, organization, password);
|
... | ... | |
122 |
123 |
|
123 |
124 |
} else {
|
124 |
125 |
|
125 |
|
if(!username.matches("^[a-zA-Z0-9\\.\\_\\-]{4,150}")) {
|
|
126 |
validateUsername(request, username);
|
126 |
127 |
|
127 |
|
validateUsername(request, username);
|
128 |
|
|
129 |
|
}
|
130 |
|
|
131 |
128 |
if (ldapActions.usernameExists(username) || ldapActions.isZombieUsersUsername(username)) {
|
132 |
129 |
request.getSession().setAttribute("username_message", "Username already exists! Choose another one.");
|
133 |
130 |
logger.info("Username already exists");
|
134 |
131 |
}
|
135 |
132 |
|
|
133 |
if (!EmailValidator.getInstance().isValid(email)) {
|
|
134 |
request.getSession().setAttribute("email_message", "Please enter a valid email.");
|
|
135 |
logger.info("Invalid email.");
|
|
136 |
}
|
|
137 |
|
136 |
138 |
if (ldapActions.emailExists(email)) {
|
137 |
139 |
request.getSession().setAttribute("email_message", "There is another user with this email.");
|
138 |
140 |
logger.info("There is another user with this email");
|
139 |
141 |
}
|
140 |
142 |
|
141 |
|
if (!EmailValidator.getInstance().isValid(email)) {
|
142 |
|
request.getSession().setAttribute("email_message", "Please enter a valid email.");
|
143 |
|
logger.info("Invalid email.");
|
144 |
|
}
|
145 |
|
|
146 |
143 |
if (ldapActions.isZombieUsersEmail(email)) {
|
147 |
144 |
request.getSession().setAttribute("email_message", "You have already registered with this email address! Please check your email to activate your account or contact OpenAIRE <a href=\"https://www.openaire.eu/support/helpdesk\">helpdesk</a>.");
|
148 |
145 |
logger.info("There is another user with this email");
|
... | ... | |
176 |
173 |
} catch (MessagingException e) {
|
177 |
174 |
logger.error("Error in sending email", e);
|
178 |
175 |
request.getSession().setAttribute("message","Error sending email");
|
179 |
|
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "./remindUsername.jsp"));
|
|
176 |
response.sendRedirect(UrlConstructor.getRedirectUrl(request, "./register.jsp"));
|
180 |
177 |
//response.sendRedirect("./error.jsp");
|
181 |
178 |
|
182 |
179 |
//TODO better handling of these exceprions
|
... | ... | |
196 |
193 |
request.getSession().setAttribute("email_conf", confirmEmail);
|
197 |
194 |
|
198 |
195 |
if (firstName == null || firstName.isEmpty()) {
|
|
196 |
logger.info("No first name");
|
199 |
197 |
request.getSession().setAttribute("msg_first_name_error_display", "display:block" );
|
200 |
198 |
}
|
201 |
199 |
|
202 |
200 |
if (lastName == null || lastName.isEmpty()) {
|
|
201 |
logger.info("No last name");
|
203 |
202 |
request.getSession().setAttribute("msg_last_name_error_display", "display:block" );
|
204 |
203 |
}
|
205 |
204 |
|
206 |
205 |
if (username == null || username.isEmpty()) {
|
207 |
206 |
request.getSession().setAttribute("username_message", "Minimum username length 5 characters.");
|
208 |
|
logger.info("Username does not exist.");
|
|
207 |
logger.info("No username");
|
209 |
208 |
|
210 |
209 |
} else {
|
211 |
210 |
validateUsername(request, username);
|
212 |
211 |
}
|
213 |
212 |
|
214 |
213 |
if (password == null || password.isEmpty()) {
|
|
214 |
logger.info("No valid password");
|
215 |
215 |
request.getSession().setAttribute("msg_password_error_display", "display:block" );
|
216 |
216 |
}
|
217 |
217 |
|
218 |
218 |
if(!EmailValidator.getInstance().isValid(email)) {
|
|
219 |
logger.info("No valid e-mail");
|
219 |
220 |
request.getSession().setAttribute("msg_email_validation_error_display", "display:block");
|
220 |
221 |
}
|
221 |
222 |
|
222 |
223 |
if (!email.equals(confirmEmail)) {
|
|
224 |
logger.info("No matching e-mails");
|
223 |
225 |
request.getSession().setAttribute("msg_email_conf_error_display", "display:block" );
|
224 |
226 |
}
|
225 |
227 |
|
|
228 |
if(!isValidPassword(password)) {
|
|
229 |
logger.info("No valid password");
|
|
230 |
request.getSession().setAttribute("msg_invalid_password_display", "display:block");
|
|
231 |
}
|
|
232 |
|
226 |
233 |
if (!password.equals(confirmPassword)){
|
|
234 |
logger.info("No matching passwords");
|
227 |
235 |
request.getSession().setAttribute("msg_pass_conf_error_display", "display:block" );
|
228 |
236 |
}
|
229 |
237 |
|
230 |
|
if(!isValidPassword(password)) {
|
231 |
|
request.getSession().setAttribute("msg_invalid_password_display", "display:block");
|
232 |
|
}
|
233 |
|
|
234 |
|
if (!VerifyRecaptcha.verify(gRecaptchaResponse, secret)) {
|
|
238 |
if (!isRecaptchaVerified) {
|
|
239 |
logger.info("No valid recaptcha");
|
235 |
240 |
request.getSession().setAttribute("recaptcha_error_display", "display:block" );
|
236 |
241 |
}
|
237 |
242 |
|
... | ... | |
244 |
249 |
}
|
245 |
250 |
|
246 |
251 |
private void validateUsername(HttpServletRequest request, String username) {
|
247 |
|
if (username.length() < 5) {
|
248 |
|
request.getSession().setAttribute("username_message", "Minimum username length 5 characters.");
|
249 |
|
logger.info("Minimum username length 5 characters.");
|
250 |
|
}
|
251 |
252 |
|
252 |
|
if (username.length() > 150) {
|
253 |
|
request.getSession().setAttribute("username_message", "Maximum username length 150 characters.");
|
254 |
|
logger.info("Maximum username length 150 characters.");
|
255 |
|
}
|
|
253 |
if(!username.matches("^[a-zA-Z0-9][a-zA-Z0-9\\.\\_\\-]{4,150}")) {
|
256 |
254 |
|
257 |
|
if (!username.matches("^[a-zA-Z0-9\\.\\_\\-]")) {
|
258 |
|
request.getSession().setAttribute("username_allowed_chars_message", "You can use letters, numbers, underscores, hyphens and periods.");
|
259 |
|
logger.info("Only letters, numbers, underscores, hyphens and periods.");
|
260 |
|
}
|
|
255 |
logger.info("No valid username");
|
|
256 |
if (username.length() < 5) {
|
|
257 |
request.getSession().setAttribute("username_message", "Minimum username length 5 characters.");
|
|
258 |
logger.info("Minimum username length 5 characters.");
|
|
259 |
}
|
261 |
260 |
|
262 |
|
if (!username.matches("^[a-zA-Z0-9].*")) {
|
263 |
|
request.getSession().setAttribute("username_first_char_message", "The username must start with letter or digit.");
|
264 |
|
logger.info("The username must start with letter or digit.");
|
265 |
|
}
|
|
261 |
if (username.length() > 150) {
|
|
262 |
request.getSession().setAttribute("username_message", "Maximum username length 150 characters.");
|
|
263 |
logger.info("Maximum username length 150 characters.");
|
|
264 |
}
|
|
265 |
|
|
266 |
if (!username.matches("^[a-zA-Z0-9\\.\\_\\-]")) {
|
|
267 |
request.getSession().setAttribute("username_allowed_chars_message", "You can use letters, numbers, underscores, hyphens and periods.");
|
|
268 |
logger.info("Only letters, numbers, underscores, hyphens and periods.");
|
|
269 |
}
|
|
270 |
|
|
271 |
if (!username.matches("^[a-zA-Z0-9].*")) {
|
|
272 |
request.getSession().setAttribute("username_first_char_message", "The username must start with letter or digit.");
|
|
273 |
logger.info("The username must start with letter or digit.");
|
|
274 |
}
|
|
275 |
}
|
266 |
276 |
}
|
267 |
277 |
|
268 |
278 |
public static boolean isValidPassword(String password) {
|
... | ... | |
271 |
281 |
(?=.*[0-9]) # a digit must occur at least once
|
272 |
282 |
(?=.*[a-z]) # a lower case letter must occur at least once
|
273 |
283 |
(?=.*[A-Z]) # an upper case letter must occur at least once
|
274 |
|
(?=.*[@#$%^&+=]) # a special character must occur at least once
|
|
284 |
(?=.*[@#$%^&+=]) # a special character must occur at least once. This has been removed.
|
|
285 |
# Please add if special character is needed.
|
275 |
286 |
(?=\S+$) # no whitespace allowed in the entire string
|
276 |
287 |
.{8,} # anything, at least eight places though
|
277 |
288 |
$ # end-of-string
|
278 |
289 |
*/
|
279 |
290 |
|
280 |
|
if (password.matches("^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=.*[@#$%^&+=])(?=\\S+$).{6,}$")) {
|
|
291 |
if (password.matches("^(?=.*[0-9])(?=.*[a-z])(?=.*[A-Z])(?=\\S+$).{6,}$")) {
|
281 |
292 |
logger.info("Valid password!");
|
282 |
293 |
return true;
|
283 |
294 |
}
|
... | ... | |
285 |
296 |
logger.info("Not valid password!");
|
286 |
297 |
return false;
|
287 |
298 |
}
|
288 |
|
|
289 |
|
|
290 |
|
|
291 |
299 |
}
|
292 |
300 |
|
changes in username and password checks