| commit | author | age | ||
| 20165d | 1 | /* |
| JM | 2 | * Copyright 2011 gitblit.com. |
| 3 | * | |
| 4 | * Licensed under the Apache License, Version 2.0 (the "License"); | |
| 5 | * you may not use this file except in compliance with the License. | |
| 6 | * You may obtain a copy of the License at | |
| 7 | * | |
| 8 | * http://www.apache.org/licenses/LICENSE-2.0 | |
| 9 | * | |
| 10 | * Unless required by applicable law or agreed to in writing, software | |
| 11 | * distributed under the License is distributed on an "AS IS" BASIS, | |
| 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
| 13 | * See the License for the specific language governing permissions and | |
| 14 | * limitations under the License. | |
| 15 | */ | |
| 16 | package com.gitblit.wicket.pages; | |
| 17 | ||
| 18 | import java.text.MessageFormat; | |
| 19 | ||
| 20 | import org.apache.wicket.RestartResponseException; | |
| 21 | import org.apache.wicket.markup.html.form.Button; | |
| 22 | import org.apache.wicket.markup.html.form.PasswordTextField; | |
| 23 | import org.apache.wicket.markup.html.form.StatelessForm; | |
| 24 | import org.apache.wicket.model.IModel; | |
| 25 | import org.apache.wicket.model.Model; | |
| 26 | import org.apache.wicket.protocol.http.WebResponse; | |
| 27 | ||
| 28 | import com.gitblit.GitBlit; | |
| 29 | import com.gitblit.GitBlitException; | |
| 30 | import com.gitblit.Keys; | |
| 31 | import com.gitblit.models.UserModel; | |
| 32 | import com.gitblit.utils.StringUtils; | |
| 33 | import com.gitblit.wicket.GitBlitWebSession; | |
| 34 | ||
| d376ab | 35 | public class ChangePasswordPage extends RootSubPage { |
| 20165d | 36 | |
| JM | 37 | IModel<String> password = new Model<String>(""); |
| 38 | IModel<String> confirmPassword = new Model<String>(""); | |
| 39 | ||
| 40 | public ChangePasswordPage() { | |
| 41 | super(); | |
| 42 | ||
| 43 | if (!GitBlitWebSession.get().isLoggedIn()) { | |
| 44 | // Change password requires a login | |
| 45 | throw new RestartResponseException(getApplication().getHomePage()); | |
| 46 | } | |
| 47 | ||
| 88598b | 48 | if (!GitBlit.getBoolean(Keys.web.authenticateAdminPages, true) |
| JM | 49 | && !GitBlit.getBoolean(Keys.web.authenticateViewPages, false)) { |
| 20165d | 50 | // no authentication enabled |
| JM | 51 | throw new RestartResponseException(getApplication().getHomePage()); |
| 52 | } | |
| 6cca86 | 53 | |
| JM | 54 | if (!GitBlit.self().supportsCredentialChanges()) { |
| 55 | error(MessageFormat.format(getString("gb.userServiceDoesNotPermitPasswordChanges"), | |
| 56 | GitBlit.getString(Keys.realm.userService, "users.conf")), true); | |
| 57 | } | |
| 58 | ||
| d97e52 | 59 | setupPage(getString("gb.changePassword"), GitBlitWebSession.get().getUsername()); |
| 20165d | 60 | |
| JM | 61 | StatelessForm<Void> form = new StatelessForm<Void>("passwordForm") { |
| 62 | ||
| 63 | private static final long serialVersionUID = 1L; | |
| 64 | ||
| 65 | @Override | |
| 66 | public void onSubmit() { | |
| 67 | String password = ChangePasswordPage.this.password.getObject(); | |
| 68 | String confirmPassword = ChangePasswordPage.this.confirmPassword.getObject(); | |
| 69 | // ensure passwords match | |
| 70 | if (!password.equals(confirmPassword)) { | |
| 6caa93 | 71 | error(getString("gb.passwordsDoNotMatch")); |
| 20165d | 72 | return; |
| JM | 73 | } |
| 74 | ||
| 75 | // ensure password satisfies minimum length requirement | |
| 76 | int minLength = GitBlit.getInteger(Keys.realm.minPasswordLength, 5); | |
| 77 | if (minLength < 4) { | |
| 78 | minLength = 4; | |
| 79 | } | |
| 80 | if (password.length() < minLength) { | |
| 6caa93 | 81 | error(MessageFormat.format(getString("gb.passwordTooShort"), minLength)); |
| 20165d | 82 | return; |
| JM | 83 | } |
| 84 | ||
| d5623a | 85 | UserModel user = GitBlitWebSession.get().getUser(); |
| JM | 86 | |
| 20165d | 87 | // convert to MD5 digest, if appropriate |
| JM | 88 | String type = GitBlit.getString(Keys.realm.passwordStorage, "md5"); |
| 89 | if (type.equalsIgnoreCase("md5")) { | |
| 90 | // store MD5 digest of password | |
| 91 | password = StringUtils.MD5_TYPE + StringUtils.getMD5(password); | |
| d5623a | 92 | } else if (type.equalsIgnoreCase("combined-md5")) { |
| JM | 93 | // store MD5 digest of username+password |
| 94 | password = StringUtils.COMBINED_MD5_TYPE | |
| 95 | + StringUtils.getMD5(user.username.toLowerCase() + password); | |
| 20165d | 96 | } |
| JM | 97 | |
| 98 | user.password = password; | |
| 99 | try { | |
| 100 | GitBlit.self().updateUserModel(user.username, user, false); | |
| 101 | if (GitBlit.getBoolean(Keys.web.allowCookieAuthentication, false)) { | |
| 102 | WebResponse response = (WebResponse) getRequestCycle().getResponse(); | |
| 103 | GitBlit.self().setCookie(response, user); | |
| 104 | } | |
| 105 | } catch (GitBlitException e) { | |
| 106 | error(e.getMessage()); | |
| 107 | return; | |
| 108 | } | |
| 109 | setRedirect(false); | |
| 6caa93 | 110 | info(getString("gb.passwordChanged")); |
| 20165d | 111 | setResponsePage(RepositoriesPage.class); |
| JM | 112 | } |
| 113 | }; | |
| 114 | PasswordTextField passwordField = new PasswordTextField("password", password); | |
| 115 | passwordField.setResetPassword(false); | |
| 116 | form.add(passwordField); | |
| 117 | PasswordTextField confirmPasswordField = new PasswordTextField("confirmPassword", | |
| 118 | confirmPassword); | |
| 119 | confirmPasswordField.setResetPassword(false); | |
| 120 | form.add(confirmPasswordField); | |
| 88598b | 121 | |
| 719798 | 122 | form.add(new Button("save")); |
| JM | 123 | Button cancel = new Button("cancel") { |
| 20165d | 124 | private static final long serialVersionUID = 1L; |
| JM | 125 | |
| 126 | @Override | |
| 127 | public void onSubmit() { | |
| 5cc40c | 128 | setRedirect(false); |
| 6caa93 | 129 | error(getString("gb.passwordChangeAborted")); |
| 88598b | 130 | setResponsePage(RepositoriesPage.class); |
| JM | 131 | } |
| 132 | }; | |
| 133 | cancel.setDefaultFormProcessing(false); | |
| 134 | form.add(cancel); | |
| 135 | ||
| 20165d | 136 | add(form); |
| JM | 137 | } |
| 138 | } | |
