add: password reset after certificate login

author INOPIAE <m.maengel@inopiae.de>

Sun, 15 Sep 2019 09:40:01 +0000 (11:40 +0200)

committer INOPIAE <m.maengel@inopiae.de>

Mon, 30 Sep 2019 03:50:07 +0000 (05:50 +0200)
author INOPIAE <m.maengel@inopiae.de>
Sun, 15 Sep 2019 09:40:01 +0000 (11:40 +0200)
committer INOPIAE <m.maengel@inopiae.de>
Mon, 30 Sep 2019 03:50:07 +0000 (05:50 +0200)
diff --git a/src/club/wpia/gigi/dbObjects/User.java b/src/club/wpia/gigi/dbObjects/User.java

index e3beaf86cf65ba2bd6a38eb883996d48859a455b..4612d033f91d4d750700f77026913fc966417661 100644 (file)
--- a/src/club/wpia/gigi/dbObjects/User.java
+++ b/src/club/wpia/gigi/dbObjects/User.java
@@ -209,7 +209,7 @@ public class User extends CertificateOwner {
          setPassword(newPass);
      }
  
-    private void setPassword(String newPass) throws GigiApiException {
+    public void setPassword(String newPass) throws GigiApiException {
          Name[] names = getNames();
          TreeSet<String> nameParts = new TreeSet<>();
          for (int i = 0; i < names.length; i++) {
diff --git a/src/club/wpia/gigi/pages/account/ChangeForm.java b/src/club/wpia/gigi/pages/account/ChangeForm.java

index de2a182d6bd7aa1348670f91321a3b412fb28750..590597b44653920c333f2859bf01f079ecbff930 100644 (file)
--- a/src/club/wpia/gigi/pages/account/ChangeForm.java
+++ b/src/club/wpia/gigi/pages/account/ChangeForm.java
@@ -11,20 +11,28 @@ import club.wpia.gigi.localisation.Language;
  import club.wpia.gigi.output.template.Form;
  import club.wpia.gigi.output.template.Template;
  import club.wpia.gigi.output.template.TranslateCommand;
+import club.wpia.gigi.pages.LoginPage;
+import club.wpia.gigi.util.AuthorizationContext;
  
  public class ChangeForm extends Form {
  
      private User target;
  
+    private AuthorizationContext c;
+
      public ChangeForm(HttpServletRequest hsr, User target) {
          super(hsr);
          this.target = target;
+        c = LoginPage.getAuthorizationContext(hsr);
      }
  
      private static final Template t = new Template(ChangePasswordPage.class.getResource("ChangePasswordForm.templ"));
  
      @Override
      public void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
+        if ( !c.isStronglyAuthenticated()) {
+            vars.put("currentLoginMethod", "pw");
+        }
          t.output(out, l, vars);
      }
  
@@ -34,14 +42,18 @@ public class ChangeForm extends Form {
          String p1 = req.getParameter("pword1");
          String p2 = req.getParameter("pword2");
          GigiApiException error = new GigiApiException();
-        if (oldpassword == null || p1 == null || p2 == null) {
+        if ((oldpassword == null && !c.isStronglyAuthenticated()) || p1 == null || p2 == null) {
              throw new GigiApiException("All fields are required.");
          }
          if ( !p1.equals(p2)) {
              throw new GigiApiException("New passwords do not match.");
          }
          try {
-            target.changePassword(oldpassword, p1);
+            if (c.isStronglyAuthenticated()) {
+                target.setPassword(p1);
+            } else {
+                target.changePassword(oldpassword, p1);
+            }
              target.writeUserLog(target, "User triggered password reset");
          } catch (GigiApiException e) {
              error.mergeInto(e);
diff --git a/src/club/wpia/gigi/pages/account/ChangePasswordForm.templ b/src/club/wpia/gigi/pages/account/ChangePasswordForm.templ

index 4c350c560ce331c17bac58bdd4466b891309d5ea..8725dc3b0da702ffedf7b4580e4eb2081fd70f65 100644 (file)
--- a/src/club/wpia/gigi/pages/account/ChangePasswordForm.templ
+++ b/src/club/wpia/gigi/pages/account/ChangePasswordForm.templ
@@ -5,10 +5,12 @@
    </tr>
    </thead>
    <tbody>
+  <? if($currentLoginMethod){ ?>
    <tr>
      <td><?=_Old Password?>: </td>
      <td><input class="form-control" type="password" name="oldpassword" required></td>
    </tr>
+  <? } ?>
    <tr>
      <td><?=_New Password?><span class="formMandatory">*</span>: </td>
      <td><input class="form-control" type="password" name="pword1" required></td>
diff --git a/tests/club/wpia/gigi/pages/account/TestChangePassword.java b/tests/club/wpia/gigi/pages/account/TestChangePassword.java

index e18ec02a5ea5be4f108d1423fda46e0a3bc23f99..73d23c56e8e3e99403da209b1d267446787e5c1e 100644 (file)
--- a/tests/club/wpia/gigi/pages/account/TestChangePassword.java
+++ b/tests/club/wpia/gigi/pages/account/TestChangePassword.java
@@ -107,4 +107,19 @@ public class TestChangePassword extends ClientTest {
  
      }
  
+    @Test
+    public void testChangePasswordCertLogin() throws IOException, GigiApiException {
+        // no cert login
+        String np = URLEncoder.encode(TEST_PASSWORD + "v1", "UTF-8");
+        String error = executeBasicWebInteraction(cookie, path, "pword1=" + np + "&pword2=" + np);
+        assertNotNull(error);
+
+        // cert login
+        cookie = cookieWithCertificateLogin(u);
+        error = executeBasicWebInteraction(cookie, path, "pword1=" + np + "&pword2=" + np);
+        assertNull(error);
+
+        cookie = login(u.getEmail(), TEST_PASSWORD);
+        loginCertificate = null;
+    }
  }
author	INOPIAE <m.maengel@inopiae.de>
	Sun, 15 Sep 2019 09:40:01 +0000 (11:40 +0200)
committer	INOPIAE <m.maengel@inopiae.de>
	Mon, 30 Sep 2019 03:50:07 +0000 (05:50 +0200)
src/club/wpia/gigi/dbObjects/User.java		patch \| blob \| history
src/club/wpia/gigi/pages/account/ChangeForm.java		patch \| blob \| history
src/club/wpia/gigi/pages/account/ChangePasswordForm.templ		patch \| blob \| history
tests/club/wpia/gigi/pages/account/TestChangePassword.java		patch \| blob \| history