From 0bb2df135b122cca42126bc702b50b4e8c18bdbf Mon Sep 17 00:00:00 2001 From: Anthony Stirling <77850077+Frooodle@users.noreply.github.com> Date: Sun, 3 Sep 2023 19:44:16 +0100 Subject: [PATCH] testing messages --- .../security/UserAuthenticationFilter.java | 11 +++--- .../SPDF/controller/api/UserController.java | 30 ++++++++-------- src/main/resources/messages_en_GB.properties | 6 +++- src/main/resources/templates/account.html | 16 ++++++++- .../resources/templates/change-creds.html | 12 +++++++ src/main/resources/templates/login.html | 35 +++++++++++-------- 6 files changed, 74 insertions(+), 36 deletions(-) diff --git a/src/main/java/stirling/software/SPDF/config/security/UserAuthenticationFilter.java b/src/main/java/stirling/software/SPDF/config/security/UserAuthenticationFilter.java index 1d5aab88..eca7f70e 100644 --- a/src/main/java/stirling/software/SPDF/config/security/UserAuthenticationFilter.java +++ b/src/main/java/stirling/software/SPDF/config/security/UserAuthenticationFilter.java @@ -44,7 +44,7 @@ public class UserAuthenticationFilter extends OncePerRequestFilter { filterChain.doFilter(request, response); return; } - + String requestURI = request.getRequestURI(); Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); // Check for API key in the request headers if no authentication exists @@ -74,13 +74,14 @@ public class UserAuthenticationFilter extends OncePerRequestFilter { // If we still don't have any authentication, deny the request if (authentication == null || !authentication.isAuthenticated()) { String method = request.getMethod(); - if ("GET".equalsIgnoreCase(method)) { + if ("GET".equalsIgnoreCase(method) && !"/login".equals(requestURI)) { response.sendRedirect("/login"); // redirect to the login page return; + } else { + response.setStatus(HttpStatus.UNAUTHORIZED.value()); + response.getWriter().write("Authentication required. Please provide a X-API-KEY in request header.\nThis is found in Settings -> Account Settings -> API Key\nAlternativly you can disable authentication if this is unexpected"); + return; } - response.setStatus(HttpStatus.UNAUTHORIZED.value()); - response.getWriter().write("Authentication required. Please provide a X-API-KEY in request header.\nThis is found in Settings -> Account Settings -> API Key\nAlternativly you can disable authentication if this is unexpected"); - return; } filterChain.doFilter(request, response); diff --git a/src/main/java/stirling/software/SPDF/controller/api/UserController.java b/src/main/java/stirling/software/SPDF/controller/api/UserController.java index f232daf1..647dca6b 100644 --- a/src/main/java/stirling/software/SPDF/controller/api/UserController.java +++ b/src/main/java/stirling/software/SPDF/controller/api/UserController.java @@ -50,26 +50,26 @@ public class UserController { HttpServletResponse response, RedirectAttributes redirectAttributes) { if (principal == null) { - redirectAttributes.addFlashAttribute("error", "User not authenticated."); - return new RedirectView("/error"); + redirectAttributes.addFlashAttribute("notAuthenticated", true); + return new RedirectView("/change-creds"); } Optional userOpt = userService.findByUsername(principal.getName()); if (userOpt == null || userOpt.isEmpty()) { - redirectAttributes.addFlashAttribute("error", "User not found."); - return new RedirectView("/error"); + redirectAttributes.addFlashAttribute("userNotFound", true); + return new RedirectView("/change-creds"); } User user = userOpt.get(); if (!userService.isPasswordCorrect(user, currentPassword)) { - redirectAttributes.addFlashAttribute("error", "Current password is incorrect."); - return new RedirectView("/error"); + redirectAttributes.addFlashAttribute("incorrectPassword", true); + return new RedirectView("/change-creds"); } if (!user.getUsername().equals(newUsername) && userService.usernameExists(newUsername)) { - redirectAttributes.addFlashAttribute("error", "New username already exists."); - return new RedirectView("/error"); + redirectAttributes.addFlashAttribute("usernameExists", true); + return new RedirectView("/change-creds"); } userService.changePassword(user, newPassword); @@ -95,25 +95,25 @@ public class UserController { HttpServletResponse response, RedirectAttributes redirectAttributes) { if (principal == null) { - redirectAttributes.addFlashAttribute("error", "User not authenticated."); + redirectAttributes.addFlashAttribute("notAuthenticated", true); return new RedirectView("/account"); } Optional userOpt = userService.findByUsername(principal.getName()); if (userOpt == null || userOpt.isEmpty()) { - redirectAttributes.addFlashAttribute("error", "User not found."); + redirectAttributes.addFlashAttribute("userNotFound", true); return new RedirectView("/account"); } User user = userOpt.get(); if (!userService.isPasswordCorrect(user, currentPassword)) { - redirectAttributes.addFlashAttribute("error", "Current password is incorrect."); + redirectAttributes.addFlashAttribute("incorrectPassword", true); return new RedirectView("/account"); } if (userService.usernameExists(newUsername)) { - redirectAttributes.addFlashAttribute("error", "New username already exists."); + redirectAttributes.addFlashAttribute("usernameExists", true); return new RedirectView("/account"); } @@ -134,20 +134,20 @@ public class UserController { HttpServletResponse response, RedirectAttributes redirectAttributes) { if (principal == null) { - redirectAttributes.addFlashAttribute("error", "User not authenticated."); + redirectAttributes.addFlashAttribute("notAuthenticated", true); return new RedirectView("/account"); } Optional userOpt = userService.findByUsername(principal.getName()); if (userOpt == null || userOpt.isEmpty()) { - redirectAttributes.addFlashAttribute("error", "User not found."); + redirectAttributes.addFlashAttribute("userNotFound", true); return new RedirectView("/account"); } User user = userOpt.get(); if (!userService.isPasswordCorrect(user, currentPassword)) { - redirectAttributes.addFlashAttribute("error", "Current password is incorrect."); + redirectAttributes.addFlashAttribute("incorrectPassword", true); return new RedirectView("/account"); } diff --git a/src/main/resources/messages_en_GB.properties b/src/main/resources/messages_en_GB.properties index a5620aa1..88284dec 100644 --- a/src/main/resources/messages_en_GB.properties +++ b/src/main/resources/messages_en_GB.properties @@ -42,8 +42,12 @@ red=Red green=Green blue=Blue custom=Custom... -changeCredsMessage=First time login, Please change your username and/or password! +changedCredsMessage=Credentials changed! +notAuthenticatedMessage=User not authenticated. +userNotFoundMessage=User not found. +incorrectPasswordMessage=Current password is incorrect. +usernameExistsMessage=New Username already exists. diff --git a/src/main/resources/templates/account.html b/src/main/resources/templates/account.html index ba104b86..ac855d1b 100644 --- a/src/main/resources/templates/account.html +++ b/src/main/resources/templates/account.html @@ -16,7 +16,21 @@

User Settings


-
+ + + + + + +

User!

diff --git a/src/main/resources/templates/change-creds.html b/src/main/resources/templates/change-creds.html index c6d94c66..8f64eb49 100644 --- a/src/main/resources/templates/change-creds.html +++ b/src/main/resources/templates/change-creds.html @@ -16,6 +16,18 @@

User Settings


+ + + +
diff --git a/src/main/resources/templates/login.html b/src/main/resources/templates/login.html index 1ddea6ec..a82205d8 100644 --- a/src/main/resources/templates/login.html +++ b/src/main/resources/templates/login.html @@ -179,11 +179,13 @@ document.addEventListener('DOMContentLoaded', function() { const urlParams = currentURL.searchParams; const currentLangParam = urlParams.get('lang') || defaultLocale; - console.log("defaultLocale", defaultLocale) - console.log("storedLocale", storedLocale) - console.log("currentLangParam", currentLangParam) + console.log("defaultLocale", defaultLocale); + console.log("storedLocale", storedLocale); + console.log("currentLangParam", currentLangParam); - if (currentLangParam !== storedLocale) { + if (defaultLocale !== storedLocale && currentLangParam !== storedLocale) { + console.log("currentLangParam", currentLangParam) + console.log("storedLocale", storedLocale) urlParams.set('lang', storedLocale); currentURL.search = urlParams.toString(); @@ -235,17 +237,20 @@ function handleDropdownItemClick(event) { event.preventDefault(); const languageCode = event.currentTarget.dataset.bsLanguageCode; const dropdown = document.getElementById('languageDropdown'); - + if (languageCode) { - localStorage.setItem('languageCode', languageCode); - - const currentUrl = window.location.href; - if (currentUrl.indexOf('?lang=') === -1) { - window.location.href = currentUrl + '?lang=' + languageCode; - } else { - window.location.href = currentUrl.replace(/\?lang=\w{2,}/, '?lang=' + languageCode); - } - + localStorage.setItem('languageCode', languageCode); + const currentLang = document.documentElement.getAttribute('lang'); + if (currentLang !== languageCode) { + console.log("currentLang", currentLang) + console.log("languageCode", languageCode) + const currentUrl = window.location.href; + if (currentUrl.indexOf('?lang=') === -1) { + window.location.href = currentUrl + '?lang=' + languageCode; + } else { + window.location.href = currentUrl.replace(/\?lang=\w{2,}/, '?lang=' + languageCode); + } + } dropdown.innerHTML = event.currentTarget.innerHTML; // Update the dropdown button's content } else { console.error("Language code is not set for this item."); @@ -258,6 +263,8 @@ function handleDropdownItemClick(event) {
+ +

Stirling-PDF