Added better error logging and validation

Co-authored-by: LarsVomMars <lars@kroenner.eu>
author: Marvin Borner 2019-05-10 23:33:25 +0200
committer: Marvin Borner 2019-05-10 23:33:25 +0200
commit: 72073df2c225f96889620e30c963dd807ca01a90 (patch)
tree: c9469d05c358e38f10c983f63d332afcece37b19 /src/main
parent: 30ff9ecdd80f64b6eb6688bc8e688ed230fa55af (diff)
5 files changed, 66 insertions, 44 deletions
diff --git a/src/main/kotlin/App.kt b/src/main/kotlin/App.kt
index 0bd15b2..df845a1 100644
--- a/src/main/kotlin/App.kt
+++ b/src/main/kotlin/App.kt
@@ -18,6 +18,7 @@ val fileHome = if (System.getProperty("os.name") != "Linux") "files" else "/usr/
 val databaseController = DatabaseController()
 val userHandler = UserHandler()
 val fileController = FileController()
+const val debug = false
 private val log = Logger.getLogger("App.kt")
 
 fun main(args: Array<String>) {
@@ -48,7 +49,7 @@ fun main(args: Array<String>) {
                 try {
                     ctx.result(Thread.currentThread().contextClassLoader.getResourceAsStream("css/" + ctx.splat(0)))
                 } catch (_: Exception) {
-                    ctx.status(404)
+                    throw NotFoundResponse()
                 }
             },
             roles(Roles.GUEST, Roles.USER)
@@ -59,7 +60,7 @@ fun main(args: Array<String>) {
                 try {
                     ctx.result(Thread.currentThread().contextClassLoader.getResourceAsStream("js/" + ctx.splat(0)))
                 } catch (_: Exception) {
-                    ctx.status(404)
+                    throw NotFoundResponse()
                 }
             },
             roles(Roles.GUEST, Roles.USER)
@@ -69,7 +70,7 @@ fun main(args: Array<String>) {
                 try {
                     ctx.result(Thread.currentThread().contextClassLoader.getResourceAsStream("fonts/" + ctx.splat(0)))
                 } catch (_: Exception) {
-                    ctx.status(404)
+                    throw NotFoundResponse()
                 }
             },
             roles(Roles.GUEST, Roles.USER)
@@ -205,8 +206,7 @@ fun startServer(args: Array<String>): Javalin {
                 disableStartupBanner()
             }.start()
         } catch (_: Exception) {
-            log.warning("Port already in use!")
-            exitProcess(1)
+            throw PortUnreachableException("Port already in use!")
         }
     } else exitProcess(1)
 }
diff --git a/src/main/kotlin/DatabaseController.kt b/src/main/kotlin/DatabaseController.kt
index 8d48008..24a8278 100644
--- a/src/main/kotlin/DatabaseController.kt
+++ b/src/main/kotlin/DatabaseController.kt
@@ -10,7 +10,8 @@ import java.sql.*
 import java.util.logging.*
 
 class DatabaseController {
-    private val dbFileLocation = if (System.getProperty("os.name") != "Linux") "main.db" else "/usr/share/kloud/main.db"
+    private val dbFileLocation =
+        if (System.getProperty("os.name") != "Linux" || debug) "main.db" else "/usr/share/kloud/main.db"
     val db: Database = Database.connect("jdbc:sqlite:$dbFileLocation", "org.sqlite.JDBC")
     private val log = Logger.getLogger(this.javaClass.name)
 
@@ -144,26 +145,29 @@ class DatabaseController {
      */
     fun indexUserRegistration(ctx: Context) {
         val usernameString = ctx.formParam("username", "").toString()
-        val tokenString = generateRandomString()
-        var error = false
 
-        transaction {
-            try {
-                UserRegistration.insert {
-                    it[username] = usernameString
-                    it[token] = tokenString
+        if (usernameString.matches("[a-zA-Z0-9]+".toRegex()) && usernameString.length > 3) {
+            val tokenString = generateRandomString()
+            var error = false
+
+            transaction {
+                try {
+                    UserRegistration.insert {
+                        it[username] = usernameString
+                        it[token] = tokenString
+                    }
+                } catch (_: Exception) {
+                    error = true
                 }
-            } catch (_: Exception) {
-                error = true
             }
-        }
 
-        if (error) ctx.render("admin.rocker.html", model("message", "User already exists!"))
-        else ctx.render(
-            "admin.rocker.html", model(
-                "message", "http://${ctx.host()}/user/register?username=$usernameString&token=$tokenString"
+            if (error) ctx.render("admin.rocker.html", model("message", "User already exists!"))
+            else ctx.render(
+                "admin.rocker.html", model(
+                    "message", "http://${ctx.host()}/user/register?username=$usernameString&token=$tokenString"
+                )
             )
-        )
+        } else ctx.render("admin.rocker.html", model("message", "Please only use alphabetical characters!"))
     }
 
     /**
@@ -291,8 +295,8 @@ class DatabaseController {
                     if (!isDirectoryBool) log.warning("File already exists!")
                     false
                 }
-            } catch (_: Exception) {
-                if (!isDirectoryBool) log.warning("Error during indexing of the file!")
+            } catch (err: Exception) {
+                if (!isDirectoryBool) error(err)
                 true // Ugly solution
             }
         }
diff --git a/src/main/kotlin/FileController.kt b/src/main/kotlin/FileController.kt
index 806cb59..32c9369 100644
--- a/src/main/kotlin/FileController.kt
+++ b/src/main/kotlin/FileController.kt
@@ -46,8 +46,7 @@ class FileController {
                     ctx.result(FileInputStream(File(fileLocation)))
                 }
             }
-        } catch (err: Exception) {
-            log.warning(err.toString())
+        } catch (_: Exception) {
             throw NotFoundResponse("Error: File or directory does not exist.")
         }
     }
diff --git a/src/main/kotlin/UserHandler.kt b/src/main/kotlin/UserHandler.kt
index 42c4fcc..33f3f14 100644
--- a/src/main/kotlin/UserHandler.kt
+++ b/src/main/kotlin/UserHandler.kt
@@ -103,14 +103,24 @@ class UserHandler {
             val username = ctx.formParam("username").toString()
             val password = ctx.formParam("password").toString()
             val verifyPassword = ctx.formParam("verifyPassword").toString()
-            if (password == verifyPassword) {
-                if (databaseController.createUser(username, password, "ADMIN")) {
-                    databaseController.toggleSetup()
-                    ctx.redirect("/user/login")
-                } else ctx.status(400).render("setup.rocker.html", model("message", "User already exists!"))
-            } else ctx.status(400).render("setup.rocker.html", model("message", "Passwords do not match!"))
-        } catch (_: Exception) {
+
+            // TODO: Clean up ugly if statements in validation
+            if (!username.matches("[a-zA-Z0-9]+".toRegex()) || username.length <= 3) {
+                if (password == verifyPassword) {
+                    if (password.length >= 8)
+                        if (databaseController.createUser(username, password, "ADMIN")) {
+                            databaseController.toggleSetup()
+                            ctx.redirect("/user/login")
+                        } else ctx.status(400).render("setup.rocker.html", model("message", "User already exists!"))
+                    else ctx.status(400).render("setup.rocker.html", model("message", "Password is too short!"))
+                } else ctx.status(400).render("setup.rocker.html", model("message", "Passwords do not match!"))
+            } else ctx.status(400).render(
+                "setup.rocker.html",
+                model("message", "Username must only use alphabetical characters!")
+            )
+        } catch (err: Exception) {
             ctx.status(400).render("setup.rocker.html", model("message", "An error occurred!"))
+            error(err)
         }
     }
 
@@ -121,8 +131,8 @@ class UserHandler {
         val username = ctx.queryParam("username", "")
         val token = ctx.queryParam("token", "")
 
-        if (username.isNullOrEmpty()) ctx.status(403).result("Please provide a valid username!")
-        else if (token.isNullOrEmpty()) ctx.status(403).result("Please provide a valid token!")
+        if (username.isNullOrEmpty()) throw ForbiddenResponse("Please provide a valid username!")
+        else if (token.isNullOrEmpty()) throw ForbiddenResponse("Please provide a valid token!")
         else {
             if (databaseController.isUserRegistrationValid(username, token))
                 ctx.render("register.rocker.html", model("username", username, "token", token, "message", ""))
@@ -141,20 +151,29 @@ class UserHandler {
             val verifyPassword = ctx.formParam("verifyPassword").toString()
 
             if (password == verifyPassword) {
-                if (databaseController.isUserRegistrationValid(username, token)) {
-                    databaseController.createUser(username, password, "USER")
-                    databaseController.removeRegistrationIndex(username)
-                    ctx.redirect("/user/login")
-                } else ctx.render(
+                if (password.length >= 8)
+                    if (databaseController.isUserRegistrationValid(username, token)) {
+                        databaseController.createUser(username, password, "USER")
+                        databaseController.removeRegistrationIndex(username)
+                        ctx.redirect("/user/login")
+                    } else ctx.render(
+                        "register.rocker.html",
+                        model("username", username, "token", token, "message", "Not authorized!")
+                    )
+                else ctx.render(
                     "register.rocker.html",
-                    model("username", username, "token", token, "message", "Not authorized!")
+                    model(
+                        "username", username,
+                        "token", token,
+                        "message", "Please make sure that your password is at least 8 digits long!"
+                    )
                 )
             } else ctx.render(
                 "register.rocker.html",
                 model("username", username, "token", token, "message", "The passwords don't match!")
             )
-        } catch (_: Exception) {
-            ctx.status(400).result("An exception occurred.")
+        } catch (err: Exception) {
+            throw BadRequestResponse()
         }
     }
 
diff --git a/src/main/resources/views/register.rocker.html b/src/main/resources/views/register.rocker.html
index 131f406..b86c2e0 100644
--- a/src/main/resources/views/register.rocker.html
+++ b/src/main/resources/views/register.rocker.html
@@ -12,11 +12,11 @@
         </div>
         <div>
             <label for="password">Password:</label>
-            <input autocomplete="off" autofocus id="password" name="password" required type="password"/>
+            <input autocomplete="off" autofocus id="password" minlength="8" name="password" required type="password"/>
         </div>
         <div>
             <label for="verifyPassword">Verify password:</label>
-            <input autocomplete="off" id="verifyPassword" name="verifyPassword" required type="password"/>
+            <input autocomplete="off" id="verifyPassword" minlength="8" name="verifyPassword" required type="password"/>
         </div>
 
         <div>
author	Marvin Borner	2019-05-10 23:33:25 +0200
committer	Marvin Borner	2019-05-10 23:33:25 +0200
commit	72073df2c225f96889620e30c963dd807ca01a90 (patch)
tree	c9469d05c358e38f10c983f63d332afcece37b19 /src/main
parent	30ff9ecdd80f64b6eb6688bc8e688ed230fa55af (diff)