From 8a138b52d6c6d4f8a38728f70bbb4cc656c6e8d8 Mon Sep 17 00:00:00 2001 From: jeffcheasey88 Date: Tue, 19 Sep 2023 19:13:56 +0200 Subject: [PATCH 1/3] Re-add email & pseudo verification --- src/dev/peerat/backend/Main.java | 2 +- .../routes/users/MailConfirmation.java | 54 ++++++++++++++----- 2 files changed, 41 insertions(+), 15 deletions(-) diff --git a/src/dev/peerat/backend/Main.java b/src/dev/peerat/backend/Main.java index ebb8d8e..2c12dbb 100644 --- a/src/dev/peerat/backend/Main.java +++ b/src/dev/peerat/backend/Main.java @@ -116,7 +116,7 @@ public class Main{ router. register(new Register(repo, playersWaiting, mail)). - register(new MailConfirmation(repo, router, config.getUsersFiles(), config.getGitToken(), playersWaiting)). + register(new MailConfirmation(repo, router, config.getUsersFiles(), config.getGitToken(), playersWaiting, mail)). register(new Login(repo, router)). register(new ProfileSettings(repo)). register(new ChangePassword(repo)). diff --git a/src/dev/peerat/backend/routes/users/MailConfirmation.java b/src/dev/peerat/backend/routes/users/MailConfirmation.java index a34519a..f83adea 100644 --- a/src/dev/peerat/backend/routes/users/MailConfirmation.java +++ b/src/dev/peerat/backend/routes/users/MailConfirmation.java @@ -16,6 +16,7 @@ import java.security.interfaces.RSAPublicKey; import java.util.Base64; import java.util.Base64.Encoder; import java.util.Map; +import java.util.Random; import java.util.regex.Matcher; import javax.net.ssl.HttpsURLConnection; @@ -27,6 +28,7 @@ import dev.peerat.backend.bonus.extract.RouteDoc; import dev.peerat.backend.model.PeerAtUser; import dev.peerat.backend.repository.DatabaseRepository; import dev.peerat.backend.utils.FormResponse; +import dev.peerat.backend.utils.Mail; import dev.peerat.framework.Context; import dev.peerat.framework.HttpReader; import dev.peerat.framework.HttpWriter; @@ -43,18 +45,21 @@ public class MailConfirmation extends FormResponse { private Encoder encoder; private String gitToken; private Map playersWaiting; + private Mail mail; public MailConfirmation( DatabaseRepository databaseRepo, Router router, String initUsersFilesPath, String gitToken, - Map playersWaiting){ + Map playersWaiting, + Mail mail){ this.databaseRepo = databaseRepo; this.router = router; this.usersFilesPath = initUsersFilesPath; this.gitToken = gitToken; this.playersWaiting = playersWaiting; + this.mail = mail; try { generator = KeyPairGenerator.getInstance("RSA"); generator.initialize(4096); @@ -91,26 +96,47 @@ public class MailConfirmation extends FormResponse { context.response(400); return; } - if(code == checkCode.intValue()){ - playersWaiting.remove(email); - int id = databaseRepo.register(pseudo, email, password, firstname, lastname, "", "", ""); - if(id >= 0){ -// createFolderToSaveSourceCode(pseudo); -// generateGitKey(email, pseudo, password); - context.response(200, - "Access-Control-Expose-Headers: Authorization", - "Authorization: Bearer " + this.router.createAuthUser(new PeerAtUser(id))); + + boolean pseudoAvailable = databaseRepo.checkPseudoAvailability(pseudo); + boolean emailAvailable = databaseRepo.checkEmailAvailability(email); + if(pseudoAvailable && emailAvailable){ + if(code == checkCode.intValue()){ + playersWaiting.remove(email); + int id = databaseRepo.register(pseudo, email, password, firstname, lastname, "", "", ""); + if(id >= 0){ +// createFolderToSaveSourceCode(pseudo); +// generateGitKey(email, pseudo, password); + context.response(200, + "Access-Control-Expose-Headers: Authorization", + "Authorization: Bearer " + this.router.createAuthUser(new PeerAtUser(id))); + }else{ + context.response(400); + JsonMap error = new JsonMap(); + error.set("username_valid", pseudo); + error.set("email_valid", email); + writer.write(error.toString()); + int ncode = codeGenerator(); + playersWaiting.put(email, ncode); + mail.send(email, "Welcome @ Peer @ Code", "Your check code is "+ncode+" !"); + } }else{ context.response(400); - JsonMap error = new JsonMap(); - error.set("username_valid", pseudo); - error.set("email_valid", email); - writer.write(error.toString()); } }else{ context.response(400); + JsonMap error = new JsonMap(); + error.set("username_valid", pseudo); + error.set("email_valid", email); + writer.write(error.toString()); } } + + private int codeGenerator(){ + int min = 1000; + int max = 9999; + return new Random().nextInt((max-min)) + min; + + } private void createFolderToSaveSourceCode(String pseudo) throws IOException { From 26514c096145c4a9d0026e1521d3c67e188afe40 Mon Sep 17 00:00:00 2001 From: jeffcheasey88 Date: Tue, 19 Sep 2023 20:27:08 +0200 Subject: [PATCH 2/3] [tmp] remove score loss --- src/dev/peerat/backend/model/Completion.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/dev/peerat/backend/model/Completion.java b/src/dev/peerat/backend/model/Completion.java index f729bbb..7b75955 100644 --- a/src/dev/peerat/backend/model/Completion.java +++ b/src/dev/peerat/backend/model/Completion.java @@ -62,12 +62,13 @@ public class Completion{ return tries; } - public void addTry(Puzzle currentPuzzle, byte[] response) { + public void addTry(Puzzle currentPuzzle, byte[] response){ if (score <= 0){ tries++; - if (response != null && Arrays.equals(currentPuzzle.getSoluce(), response)) { + if (response != null && Arrays.equals(currentPuzzle.getSoluce(), response)){ if (tries > 1) { // Loose 5% each try with a minimum of 1 for score - score = (int) Math.ceil(currentPuzzle.getScoreMax() * (1 - ((tries - 1) / 20.))); +// score = (int) Math.ceil(currentPuzzle.getScoreMax() * (1 - ((tries - 1) / 20.))); + score = currentPuzzle.getScoreMax(); if (score < 1) score = 1; } else From e1a750cbe331eb97137a7ef14f3771e9c457a8e7 Mon Sep 17 00:00:00 2001 From: jeffcheasey88 Date: Tue, 19 Sep 2023 20:32:13 +0200 Subject: [PATCH 3/3] Limit ws logs to admin --- src/dev/peerat/backend/routes/admins/DynamicLogs.java | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/dev/peerat/backend/routes/admins/DynamicLogs.java b/src/dev/peerat/backend/routes/admins/DynamicLogs.java index 2e7f0ff..3719c23 100644 --- a/src/dev/peerat/backend/routes/admins/DynamicLogs.java +++ b/src/dev/peerat/backend/routes/admins/DynamicLogs.java @@ -2,9 +2,8 @@ package dev.peerat.backend.routes.admins; import java.util.regex.Matcher; -import org.jose4j.json.internal.json_simple.JSONObject; - import dev.peerat.backend.bonus.extract.RouteDoc; +import dev.peerat.backend.model.Group; import dev.peerat.backend.model.PeerAtUser; import dev.peerat.backend.repository.DatabaseRepository; import dev.peerat.framework.Context; @@ -29,9 +28,13 @@ public class DynamicLogs implements Response{ @RouteDoc(path = "/admin/logs", responseCode = 200, responseDescription = "L'utilisateur peux voir les logs en directe") @RouteDoc(responseCode = 401, responseDescription = "L'utilisateur n'a pas accès à cette ressource") - @Route(path = "^/admin/logs$", websocket = true) + @Route(path = "^/admin/logs$", needLogin = true, websocket = true) public void exec(Matcher matcher, Context context, HttpReader reader, HttpWriter writer) throws Exception { - //check if admin + Group group = this.repo.getPlayerGroup(context.getUser().getId(), 1); + if(!group.getName().equalsIgnoreCase("Quarter-Master - Battles PAC x CEI")){ + context.response(423); + return; + } Key key = new Key();