diff --git a/src/main/java/com/loafle/overflow/module/email/exception/EmailOverAuthException.java b/src/main/java/com/loafle/overflow/module/email/exception/EmailOverAuthException.java new file mode 100644 index 0000000..d34e6b5 --- /dev/null +++ b/src/main/java/com/loafle/overflow/module/email/exception/EmailOverAuthException.java @@ -0,0 +1,17 @@ +package com.loafle.overflow.module.email.exception; + +import com.loafle.overflow.commons.exception.OverflowRuntimeException; +import io.grpc.Status; + +/** + * Created by geek on 17. 11. 22. + */ +public class EmailOverAuthException extends OverflowRuntimeException { + public EmailOverAuthException() { + super(); + } + + public EmailOverAuthException(String message) { + super(message); + } +} diff --git a/src/main/java/com/loafle/overflow/module/email/service/EmailAuthService.java b/src/main/java/com/loafle/overflow/module/email/service/EmailAuthService.java index 10e398b..8451e1f 100644 --- a/src/main/java/com/loafle/overflow/module/email/service/EmailAuthService.java +++ b/src/main/java/com/loafle/overflow/module/email/service/EmailAuthService.java @@ -8,6 +8,7 @@ import com.loafle.overflow.module.domain.model.DomainMember; import com.loafle.overflow.module.domain.service.DomainMemberService; import com.loafle.overflow.module.domain.service.DomainService; import com.loafle.overflow.module.email.dao.EmailAuthDAO; +import com.loafle.overflow.module.email.exception.EmailOverAuthException; import com.loafle.overflow.module.email.model.EmailAuth; import com.loafle.overflow.module.member.dao.MemberDAO; import com.loafle.overflow.module.member.model.Member; @@ -19,6 +20,7 @@ import org.springframework.stereotype.Service; import java.io.UnsupportedEncodingException; import java.net.URLDecoder; import java.net.URLEncoder; +import java.util.Calendar; import java.util.Date; import java.util.List; @@ -74,7 +76,23 @@ public class EmailAuthService { EmailAuth auth = this.emailAuthDAO.findByEmailAuthKey(deStr); + // Todo Compare email date and current date + if (auth != null) { + + // Over 12 hours of validity of e-mail authentication. + Calendar cal = Calendar.getInstance(); + + cal.setTime(auth.getCreateDate()); + cal.add(Calendar.HOUR, 12); + Date futureDate = cal.getTime(); + + Date nowDate = new Date(); + + if (!nowDate.before(futureDate)) { + throw new EmailOverAuthException("The authentication expiration time has passed."); + } + auth.setAuthConfirmDate(new Date()); this.emailAuthDAO.save(auth); auth.getMember().setStatus(new MetaMemberStatus((short)2)); diff --git a/src/main/java/com/loafle/overflow/module/member/exception/PasswordNotStrongException.java b/src/main/java/com/loafle/overflow/module/member/exception/PasswordNotStrongException.java new file mode 100644 index 0000000..814558a --- /dev/null +++ b/src/main/java/com/loafle/overflow/module/member/exception/PasswordNotStrongException.java @@ -0,0 +1,16 @@ +package com.loafle.overflow.module.member.exception; + +import com.loafle.overflow.commons.exception.OverflowRuntimeException; + +/** + * Created by geek on 17. 11. 22. + */ +public class PasswordNotStrongException extends OverflowRuntimeException { + public PasswordNotStrongException() { + super(); + } + + public PasswordNotStrongException(String message) { + super(message); + } +} diff --git a/src/main/java/com/loafle/overflow/module/member/service/MemberService.java b/src/main/java/com/loafle/overflow/module/member/service/MemberService.java index 0ff766d..f9c8283 100644 --- a/src/main/java/com/loafle/overflow/module/member/service/MemberService.java +++ b/src/main/java/com/loafle/overflow/module/member/service/MemberService.java @@ -23,6 +23,8 @@ import java.io.UnsupportedEncodingException; import java.net.URLDecoder; import java.net.URLEncoder; import java.util.List; +import java.util.regex.Matcher; +import java.util.regex.Pattern; /** * Created by geek on 17. 6. 28. @@ -77,6 +79,15 @@ public class MemberService { throw new JoinedEmailException(); } + // Todo Password Check + boolean checkPass = this.isPasswordStrong(pw); + + if (!checkPass) { + throw new PasswordNotStrongException( + "Passwords must contain at least one uppercase letter, " + + "special character, lowercase letter, and number, " + + "and must be at least 6 characters long."); + } member.setPw(passwordEncoder.encode(pw)); if (member.getStatus() == null) { @@ -126,6 +137,14 @@ public class MemberService { throw new SignInIdNotExistException(); } + boolean checkPass = this.isPasswordStrong(pw); + + if (!checkPass) { + throw new PasswordNotStrongException( + "Passwords must contain at least one uppercase letter, " + + "special character, lowercase letter, and number, " + + "and must be at least 6 characters long."); + } member.setPw(passwordEncoder.encode(pw)); return this.memberDAO.save(member); @@ -138,6 +157,15 @@ public class MemberService { public Member modify(Member member, String pw) { String email = SessionMetadata.getEmail(); + boolean checkPass = this.isPasswordStrong(pw); + + if (!checkPass) { + throw new PasswordNotStrongException( + "Passwords must contain at least one uppercase letter, " + + "special character, lowercase letter, and number, " + + "and must be at least 6 characters long."); + } + Member preMember = this.memberDAO.findByEmail(member.getEmail()); if (null != pw && !pw.equals("")) { @@ -175,10 +203,9 @@ public class MemberService { throw new SignInIdNotExistException(); } - preMember.setPw(this.passwordEncoder.encode(newPw)); - this.memberDAO.save(preMember); + Member cMember = this.modify(preMember, newPw); - return preMember; + return cMember; } public Member read(long memberId) { @@ -187,8 +214,6 @@ public class MemberService { } Member resMember = this.memberDAO.findOne(memberId); - - return resMember; } @@ -228,4 +253,19 @@ public class MemberService { return this.domainMemberService.readAllMemberByDomain(domain); } + + private static final String PASSWORD_REGEXP = "(" + + "(?=.*[a-z])" + + "(?=.*\\d)" + + "(?=.*[A-Z])" + + "(?=.*[!@#$%^&*()_+\\-=\\[\\]{};':\"\\\\|,.<>\\/?])" + + "." + + "{6,40}" + + ")"; + private Pattern pattern = Pattern.compile(PASSWORD_REGEXP); + + protected boolean isPasswordStrong(String pass) { + Matcher m = pattern.matcher(pass); + return m.matches(); + } } diff --git a/src/test/java/com/loafle/overflow/module/email/service/EmailAuthServiceTest.java b/src/test/java/com/loafle/overflow/module/email/service/EmailAuthServiceTest.java index c95647e..51a9699 100644 --- a/src/test/java/com/loafle/overflow/module/email/service/EmailAuthServiceTest.java +++ b/src/test/java/com/loafle/overflow/module/email/service/EmailAuthServiceTest.java @@ -1,5 +1,6 @@ package com.loafle.overflow.module.email.service; +import com.loafle.overflow.module.email.model.EmailAuth; import com.loafle.overflow.spring.AppConfigTest; import org.junit.Ignore; import org.junit.Test; @@ -8,6 +9,9 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.test.context.ContextConfiguration; import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; +import java.util.Calendar; +import java.util.Date; + /** * Created by geek on 17. 6. 28. */ @@ -26,4 +30,25 @@ public class EmailAuthServiceTest { this.emailAuthService.sendEmailByMember((long)1, "geek@loafle.com"); } + @Test + public void TestCompareDate() throws Exception { + + Calendar cal = Calendar.getInstance(); + EmailAuth auth = emailAuthService.read(1); + + cal.setTime(auth.getCreateDate()); + cal.add(Calendar.HOUR, 12); + Date futureDate = cal.getTime(); + + Date nowDate = new Date(); + + if (nowDate.before(futureDate)) { + System.out.println("futureDate = " + futureDate); + }else{ + System.out.println("nowDate = " + nowDate); + } +// int dd = nowDate.compareTo(auth.getCreateDate()); +// System.out.println("dd = " + dd); + } + } \ No newline at end of file diff --git a/src/test/java/com/loafle/overflow/module/member/service/MemberServiceTest.java b/src/test/java/com/loafle/overflow/module/member/service/MemberServiceTest.java index 32d36cb..3a46185 100644 --- a/src/test/java/com/loafle/overflow/module/member/service/MemberServiceTest.java +++ b/src/test/java/com/loafle/overflow/module/member/service/MemberServiceTest.java @@ -15,6 +15,8 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; import java.util.Date; import java.util.List; +import java.util.regex.Matcher; +import java.util.regex.Pattern; /** * Created by insanity on 17. 6. 28. @@ -79,5 +81,36 @@ public class MemberServiceTest { } + @Test + public void TestPasswordStrong() { + String arrpw[] = new String[]{"!@#$Qwer1234", "Zxasqw12!!","@Cosmos@5795"}; +// String pass = "!@#$Qwer1234"; + + boolean check = false; + for (int i = 0; i < arrpw.length; i++) { + check = this.memberService.isPasswordStrong(arrpw[i]); +// System.out.println("check = " + check); + Assert.assertTrue(check); + } + } + +// +// String regex = "(" + +// "(?=.*[a-z])" + +// "(?=.*\\d)" + +// "(?=.*[A-Z])" + +// "(?=.*[!@#$%^&*()_+\\-=\\[\\]{};':\"\\\\|,.<>\\/?])" + +// "." + +// "{6,40}" + +// ")"; + +// @Test +// public void TestPassword() { +// Pattern pattern = Pattern.compile(regex); +// Matcher matcher = pattern.matcher("qwe1231@Q\\"); +// System.out.println("Length"+"qwe1231@Q\\".length()); +// +// System.out.println("matcher.matches() = " + matcher.matches()); +// } }