[page title]

From 20165d234037cb62640e4d9a3fe285260a6a2444 Mon Sep 17 00:00:00 2001 From: James Moger Date: Wed, 20 Jul 2011 16:01:58 -0400 Subject: [PATCH] Change password feature (issue 1) --- resources/gitblit.css | 4 + .../gitblit/wicket/GitBlitWebApp.properties | 8 +- src/com/gitblit/wicket/pages/BasePage.html | 9 ++ src/com/gitblit/wicket/pages/BasePage.java | 44 ++++-- .../wicket/pages/ChangePasswordPage.html | 40 ++++++ .../wicket/pages/ChangePasswordPage.java | 133 ++++++++++++++++++ 6 files changed, 227 insertions(+), 11 deletions(-) create mode 100644 src/com/gitblit/wicket/pages/ChangePasswordPage.html create mode 100644 src/com/gitblit/wicket/pages/ChangePasswordPage.java diff --git a/resources/gitblit.css b/resources/gitblit.css index e4d291a4..061fef5c 100644 --- a/resources/gitblit.css +++ b/resources/gitblit.css @@ -174,6 +174,10 @@ div.page_footer { font-style: italic; } +span.userPanel a, span.userPanel a span { + font-size: 11px; +} + div.page_nav { color: #ddd; background-color: #000070; diff --git a/src/com/gitblit/wicket/GitBlitWebApp.properties b/src/com/gitblit/wicket/GitBlitWebApp.properties index 2ed61fa6..dab5fa03 100644 --- a/src/com/gitblit/wicket/GitBlitWebApp.properties +++ b/src/com/gitblit/wicket/GitBlitWebApp.properties @@ -40,8 +40,8 @@ gb.pagePrevious prev gb.pageNext = next gb.head = HEAD gb.blame = blame -gb.login = Login -gb.logout = Logout +gb.login = login +gb.logout = logout gb.username = username gb.password = password gb.tagger = tagger @@ -99,4 +99,6 @@ gb.blob = blob gb.commitActivityTrend = commit activity trend gb.commitActivityDOW = commit activity by day of week gb.commitActivityAuthors = primary authors by commit activity -gb.feed = feed \ No newline at end of file +gb.feed = feed +gb.cancel = cancel +gb.changePassword = change password \ No newline at end of file diff --git a/src/com/gitblit/wicket/pages/BasePage.html b/src/com/gitblit/wicket/pages/BasePage.html index cc19fbcc..aaf3a353 100644 --- a/src/com/gitblit/wicket/pages/BasePage.html +++ b/src/com/gitblit/wicket/pages/BasePage.html @@ -33,4 +33,13 @@

[user panel]

+ + + + + + + + + \ No newline at end of file diff --git a/src/com/gitblit/wicket/pages/BasePage.java b/src/com/gitblit/wicket/pages/BasePage.java index 06d54837..e95aee32 100644 --- a/src/com/gitblit/wicket/pages/BasePage.java +++ b/src/com/gitblit/wicket/pages/BasePage.java @@ -22,12 +22,15 @@ import java.util.TimeZone; import javax.servlet.http.Cookie; import javax.servlet.http.HttpServletRequest; +import org.apache.wicket.MarkupContainer; import org.apache.wicket.PageParameters; import org.apache.wicket.RestartResponseAtInterceptPageException; import org.apache.wicket.RestartResponseException; import org.apache.wicket.markup.html.WebPage; import org.apache.wicket.markup.html.basic.Label; +import org.apache.wicket.markup.html.link.BookmarkablePageLink; import org.apache.wicket.markup.html.panel.FeedbackPanel; +import org.apache.wicket.markup.html.panel.Fragment; import org.apache.wicket.protocol.http.WebRequest; import org.apache.wicket.protocol.http.WebResponse; import org.apache.wicket.protocol.http.servlet.ServletWebRequest; @@ -105,17 +108,12 @@ public abstract class BasePage extends WebPage { // footer if (GitBlit.getBoolean(Keys.web.authenticateViewPages, true) || GitBlit.getBoolean(Keys.web.authenticateAdminPages, true)) { - if (GitBlitWebSession.get().isLoggedIn()) { - // logout - add(new LinkPanel("userPanel", null, getString("gb.logout") + " " - + GitBlitWebSession.get().getUser().toString(), LogoutPage.class)); - } else { - // login - add(new LinkPanel("userPanel", null, getString("gb.login"), LoginPage.class)); - } + UserFragment userFragment = new UserFragment("userPanel", "userFragment", BasePage.this); + add(userFragment); } else { add(new Label("userPanel", "")); } + add(new Label("gbVersion", "v" + Constants.VERSION)); if (GitBlit.getBoolean(Keys.web.aggressiveHeapManagement, false)) { System.gc(); @@ -186,4 +184,34 @@ public abstract class BasePage extends WebPage { throw new RestartResponseAtInterceptPageException(LoginPage.class); } } + + /** + * Panel fragment for displaying login or logout/change_password links. + * + */ + class UserFragment extends Fragment { + + private static final long serialVersionUID = 1L; + + public UserFragment(String id, String markupId, MarkupContainer markupProvider) { + super(id, markupId, markupProvider); + + if (GitBlitWebSession.get().isLoggedIn()) { + // username, logout, and change password + add(new Label("username", GitBlitWebSession.get().getUser().toString() + ":")); + add(new LinkPanel("loginLink", null, markupProvider.getString("gb.logout"), + LogoutPage.class)); + // quick and dirty hack for showing a separator + add(new Label("separator", "|")); + add(new BookmarkablePageLink("changePasswordLink", ChangePasswordPage.class)); + } else { + // login + add(new Label("username").setVisible(false)); + add(new LinkPanel("loginLink", null, markupProvider.getString("gb.login"), + LoginPage.class)); + add(new Label("separator").setVisible(false)); + add(new Label("changePasswordLink").setVisible(false)); + } + } + } } diff --git a/src/com/gitblit/wicket/pages/ChangePasswordPage.html b/src/com/gitblit/wicket/pages/ChangePasswordPage.html new file mode 100644 index 00000000..031352eb --- /dev/null +++ b/src/com/gitblit/wicket/pages/ChangePasswordPage.html @@ -0,0 +1,40 @@ + + + + + + [page title] + + + + + +

+ + \ No newline at end of file diff --git a/src/com/gitblit/wicket/pages/ChangePasswordPage.java b/src/com/gitblit/wicket/pages/ChangePasswordPage.java new file mode 100644 index 00000000..42cd2b7d --- /dev/null +++ b/src/com/gitblit/wicket/pages/ChangePasswordPage.java @@ -0,0 +1,133 @@ +/* + * Copyright 2011 gitblit.com. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package com.gitblit.wicket.pages; + +import java.text.MessageFormat; + +import org.apache.wicket.RestartResponseException; +import org.apache.wicket.markup.html.WebPage; +import org.apache.wicket.markup.html.basic.Label; +import org.apache.wicket.markup.html.form.Button; +import org.apache.wicket.markup.html.form.PasswordTextField; +import org.apache.wicket.markup.html.form.StatelessForm; +import org.apache.wicket.markup.html.panel.FeedbackPanel; +import org.apache.wicket.model.IModel; +import org.apache.wicket.model.Model; +import org.apache.wicket.protocol.http.WebResponse; + +import com.gitblit.Constants; +import com.gitblit.GitBlit; +import com.gitblit.GitBlitException; +import com.gitblit.Keys; +import com.gitblit.models.UserModel; +import com.gitblit.utils.StringUtils; +import com.gitblit.wicket.GitBlitWebSession; + +public class ChangePasswordPage extends WebPage { + + IModel password = new Model(""); + IModel confirmPassword = new Model(""); + + public ChangePasswordPage() { + super(); + + if (!GitBlitWebSession.get().isLoggedIn()) { + // Change password requires a login + throw new RestartResponseException(getApplication().getHomePage()); + } + + if (!GitBlit.getBoolean(Keys.web.authenticateAdminPages, true) && !GitBlit.getBoolean(Keys.web.authenticateViewPages, false)) { + // no authentication enabled + throw new RestartResponseException(getApplication().getHomePage()); + } + + add(new Label("title", GitBlit.getString(Keys.web.siteName, Constants.NAME))); + add(new Label("name", getString("gb.changePassword") + ": " + + GitBlitWebSession.get().getUser().username)); + + StatelessForm form = new StatelessForm("passwordForm") { + + private static final long serialVersionUID = 1L; + + @Override + public void onSubmit() { + String password = ChangePasswordPage.this.password.getObject(); + String confirmPassword = ChangePasswordPage.this.confirmPassword.getObject(); + // ensure passwords match + if (!password.equals(confirmPassword)) { + error("Passwords do not match!"); + return; + } + + // ensure password satisfies minimum length requirement + int minLength = GitBlit.getInteger(Keys.realm.minPasswordLength, 5); + if (minLength < 4) { + minLength = 4; + } + if (password.length() < minLength) { + error(MessageFormat.format( + "Password is too short. Minimum length is {0} characters.", minLength)); + return; + } + + // convert to MD5 digest, if appropriate + String type = GitBlit.getString(Keys.realm.passwordStorage, "md5"); + if (type.equalsIgnoreCase("md5")) { + // store MD5 digest of password + password = StringUtils.MD5_TYPE + StringUtils.getMD5(password); + } + + UserModel user = GitBlitWebSession.get().getUser(); + user.password = password; + try { + GitBlit.self().updateUserModel(user.username, user, false); + if (GitBlit.getBoolean(Keys.web.allowCookieAuthentication, false)) { + WebResponse response = (WebResponse) getRequestCycle().getResponse(); + GitBlit.self().setCookie(response, user); + } + } catch (GitBlitException e) { + error(e.getMessage()); + return; + } + setRedirect(false); + info("Password successfully changed."); + setResponsePage(RepositoriesPage.class); + } + }; + PasswordTextField passwordField = new PasswordTextField("password", password); + passwordField.setResetPassword(false); + form.add(passwordField); + PasswordTextField confirmPasswordField = new PasswordTextField("confirmPassword", + confirmPassword); + confirmPasswordField.setResetPassword(false); + form.add(confirmPasswordField); + form.add(new FeedbackPanel("feedback")); + + form.add(new Button("save")); + Button cancel = new Button("cancel"){ + private static final long serialVersionUID = 1L; + + @Override + public void onSubmit() { + setResponsePage(RepositoriesPage.class); + } + }; + cancel.setDefaultFormProcessing(false); + form.add(cancel); + + add(form); + } +} -- 2.39.5