Registrace uživatelů. TODO:
authorFrantišek Kučera <franta-hg@frantovo.cz>
Thu, 04 Mar 2010 12:02:41 +0100
changeset 51d01685a7e07d
parent 50 d259a2dfea67
child 52 4c0408690ebf
Registrace uživatelů. TODO:
- hashovat heslo, aby se mohl přihlásit
- generovat náhodný token (csrf)
java/nekurak.net-web/src/java/cz/frantovo/nekurak/preklady_cs.properties
java/nekurak.net-web/src/java/cz/frantovo/nekurak/preklady_en.properties
java/nekurak.net-web/src/java/cz/frantovo/nekurak/preklady_sk.properties
java/nekurak.net-web/src/java/cz/frantovo/nekurak/web/HledacSluzby.java
java/nekurak.net-web/src/java/cz/frantovo/nekurak/web/RegistraceUzivatele.java
java/nekurak.net-web/src/java/cz/frantovo/nekurak/web/UzivatelPredRegistraci.java
java/nekurak.net-web/web/WEB-INF/casti/registrovatUzivatele.jsp
java/nekurak.net-web/web/index.jsp
     1.1 --- a/java/nekurak.net-web/src/java/cz/frantovo/nekurak/preklady_cs.properties	Thu Mar 04 11:00:19 2010 +0100
     1.2 +++ b/java/nekurak.net-web/src/java/cz/frantovo/nekurak/preklady_cs.properties	Thu Mar 04 12:02:41 2010 +0100
     1.3 @@ -5,6 +5,7 @@
     1.4  licence=\u00A9 2010 nekurak.net. Licence: Affero GPL.
     1.5  
     1.6  uvod=\u00DAvod
     1.7 +registrovatSe=Registrovat se
     1.8  prihlasitSe=P\u0159ihl\u00E1sit se
     1.9  odhlasitSe=Odhl\u00E1sit se
    1.10  pridatPodnik=P\u0159idat podnik
    1.11 @@ -48,3 +49,19 @@
    1.12  dto.podnik.cisloPopisne=\u010D.p.
    1.13  dto.podnik.cisloPopisne.tip=\u010D\u00EDslo popisn\u00E9
    1.14  dto.podnik.mesto=M\u011Bsto
    1.15 +
    1.16 +registrace.nadpis=Registrace nov\u00E9ho u\u017Eivatele
    1.17 +registrace.kontrola=Zkontrolujte pros\u00EDm zadan\u00E9 \u00FAdaje
    1.18 +registrace.hotovo=\u00DA\u010Det byl \u00FAsp\u011B\u0161n\u011B zalo\u017Een, m\u016F\u017Eete se
    1.19 +registrace.hotovo.prihlasit=p\u0159ihl\u00E1sit
    1.20 +registrace.tlacitko=Registrovat se
    1.21 +registrace.potvrdit=Potvrdit registraci
    1.22 +registrace.chybnyToken=Relace vypr\u0161ela, registraci nelze dokon\u010Dit. Vypl\u0148te pros\u00EDm formul\u00E1\u0159 znovu.
    1.23 +
    1.24 +dto.uzivatel.prezdivka=P\u0159ezd\u00EDvka
    1.25 +dto.uzivatel.prezdivka.tip=U\u017Eivatelsk\u00E9 jm\u00E9no
    1.26 +dto.uzivatel.heslo=Heslo
    1.27 +dto.uzivatel.heslo.kontrola=Heslo znovu
    1.28 +dto.uzivatel.jmeno=Jm\u00E9no
    1.29 +dto.uzivatel.prijmeni=P\u0159\u00EDjmen\u00ED
    1.30 +dto.uzivatel.email=e-mail
    1.31 \ No newline at end of file
     2.1 --- a/java/nekurak.net-web/src/java/cz/frantovo/nekurak/preklady_en.properties	Thu Mar 04 11:00:19 2010 +0100
     2.2 +++ b/java/nekurak.net-web/src/java/cz/frantovo/nekurak/preklady_en.properties	Thu Mar 04 12:02:41 2010 +0100
     2.3 @@ -5,6 +5,7 @@
     2.4  licence=\u00A9 2010 nekurak.net. License: Affero GPL.
     2.5  
     2.6  uvod=Overview
     2.7 +registrovatSe=New user
     2.8  prihlasitSe=Log in
     2.9  odhlasitSe=Log out
    2.10  pridatPodnik=Add place
     3.1 --- a/java/nekurak.net-web/src/java/cz/frantovo/nekurak/preklady_sk.properties	Thu Mar 04 11:00:19 2010 +0100
     3.2 +++ b/java/nekurak.net-web/src/java/cz/frantovo/nekurak/preklady_sk.properties	Thu Mar 04 12:02:41 2010 +0100
     3.3 @@ -5,6 +5,7 @@
     3.4  licence=\u00A9 2010 nekurak.net. Licence: Affero GPL.
     3.5  
     3.6  uvod=\u00DAvod
     3.7 +registrovatSe=Registrovat sa
     3.8  prihlasitSe=P\u0159ihl\u00E1sit sa
     3.9  odhlasitSe=Odhl\u00E1sit sa
    3.10  pridatPodnik=P\u0159idat podnik
     4.1 --- a/java/nekurak.net-web/src/java/cz/frantovo/nekurak/web/HledacSluzby.java	Thu Mar 04 11:00:19 2010 +0100
     4.2 +++ b/java/nekurak.net-web/src/java/cz/frantovo/nekurak/web/HledacSluzby.java	Thu Mar 04 12:02:41 2010 +0100
     4.3 @@ -1,6 +1,7 @@
     4.4  package cz.frantovo.nekurak.web;
     4.5  
     4.6  import cz.frantovo.nekurak.ejb.PodnikRemote;
     4.7 +import cz.frantovo.nekurak.ejb.UzivatelRemote;
     4.8  import java.io.Serializable;
     4.9  import java.util.logging.Level;
    4.10  import java.util.logging.Logger;
    4.11 @@ -15,6 +16,7 @@
    4.12  public class HledacSluzby implements Serializable {
    4.13  
    4.14      private PodnikRemote podnikEJB;
    4.15 +    private UzivatelRemote uzivatelEJB;
    4.16      private static final Logger log = Logger.getLogger(HledacSluzby.class.getSimpleName());
    4.17  
    4.18      public PodnikRemote getPodnikEJB() {
    4.19 @@ -29,4 +31,17 @@
    4.20  	}
    4.21  	return podnikEJB;
    4.22      }
    4.23 +
    4.24 +    public UzivatelRemote getUzivatelEJB() {
    4.25 +	if (uzivatelEJB == null) {
    4.26 +	    try {
    4.27 +		Context c = new InitialContext();
    4.28 +		uzivatelEJB = (UzivatelRemote) c.lookup("cz.frantovo.nekurak.ejb.UzivatelRemote");
    4.29 +	    } catch (NamingException e) {
    4.30 +		log.log(Level.SEVERE, "Chyba při hledání UzivatelRemote", e);
    4.31 +		throw new RuntimeException(e);
    4.32 +	    }
    4.33 +	}
    4.34 +	return uzivatelEJB;
    4.35 +    }
    4.36  }
     5.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.2 +++ b/java/nekurak.net-web/src/java/cz/frantovo/nekurak/web/RegistraceUzivatele.java	Thu Mar 04 12:02:41 2010 +0100
     5.3 @@ -0,0 +1,37 @@
     5.4 +package cz.frantovo.nekurak.web;
     5.5 +
     5.6 +import java.util.Collections;
     5.7 +import java.util.HashMap;
     5.8 +import java.util.Map;
     5.9 +
    5.10 +/**
    5.11 + *
    5.12 + * @author fiki
    5.13 + */
    5.14 +public class RegistraceUzivatele {
    5.15 +
    5.16 +    private HledacSluzby hledac = new HledacSluzby();
    5.17 +    private Map<String, UzivatelPredRegistraci> uzivatele = Collections.synchronizedMap(new HashMap<String, UzivatelPredRegistraci>());
    5.18 +    private String token;
    5.19 +
    5.20 +    public void setUzivatel(UzivatelPredRegistraci uzivatel) {
    5.21 +	uzivatele.put(uzivatel.getToken(), uzivatel);
    5.22 +    }
    5.23 +
    5.24 +    public void setToken(String token) {
    5.25 +	this.token = token;
    5.26 +    }
    5.27 +
    5.28 +    public boolean getDokonciRegistraci() {
    5.29 +
    5.30 +	UzivatelPredRegistraci u = uzivatele.get(token);
    5.31 +
    5.32 +	if (u == null) {
    5.33 +	    /** Chybný token – uživatel se snaží dokončit neexistující registraci */
    5.34 +	    return false;
    5.35 +	} else {
    5.36 +	    hledac.getUzivatelEJB().zalozUzivatele(u.getUzivatel());
    5.37 +	    return true;
    5.38 +	}
    5.39 +    }
    5.40 +}
     6.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.2 +++ b/java/nekurak.net-web/src/java/cz/frantovo/nekurak/web/UzivatelPredRegistraci.java	Thu Mar 04 12:02:41 2010 +0100
     6.3 @@ -0,0 +1,31 @@
     6.4 +package cz.frantovo.nekurak.web;
     6.5 +
     6.6 +import cz.frantovo.nekurak.dto.Uzivatel;
     6.7 +
     6.8 +/**
     6.9 + * Pomocná třída obalujícího uživatele a token (kvůli CSRF)
    6.10 + * @author fiki
    6.11 + */
    6.12 +public class UzivatelPredRegistraci {
    6.13 +
    6.14 +    private Uzivatel uzivatel;
    6.15 +    private final String token = generujToken();
    6.16 +
    6.17 +    public Uzivatel getUzivatel() {
    6.18 +	return uzivatel;
    6.19 +    }
    6.20 +
    6.21 +    public void setUzivatel(Uzivatel uzivatel) {
    6.22 +	this.uzivatel = uzivatel;
    6.23 +    }
    6.24 +
    6.25 +    public String getToken() {
    6.26 +	return token;
    6.27 +    }
    6.28 +
    6.29 +    private static String generujToken() {
    6.30 +	/** TODO: generovat náhodný. */
    6.31 +	return "XXX_TODO_generovat_nahodny_token";
    6.32 +    }
    6.33 +
    6.34 +}
     7.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     7.2 +++ b/java/nekurak.net-web/web/WEB-INF/casti/registrovatUzivatele.jsp	Thu Mar 04 12:02:41 2010 +0100
     7.3 @@ -0,0 +1,80 @@
     7.4 +<?xml version="1.0" encoding="UTF-8"?>
     7.5 +<jsp:root xmlns:jsp="http://java.sun.com/JSP/Page"
     7.6 +	  xmlns:c="http://java.sun.com/jsp/jstl/core"
     7.7 +	  xmlns:fmt="http://java.sun.com/jsp/jstl/fmt"
     7.8 +	  xmlns:fn="http://java.sun.com/jsp/jstl/functions"
     7.9 +	  version="2.0">
    7.10 +
    7.11 +    <jsp:useBean id="uzivatel" class="cz.frantovo.nekurak.dto.Uzivatel" scope="request"/>
    7.12 +    <jsp:useBean id="uzivatelPredRegistraci" class="cz.frantovo.nekurak.web.UzivatelPredRegistraci" scope="request"/>
    7.13 +    <jsp:useBean id="registraceUzivatele" class="cz.frantovo.nekurak.web.RegistraceUzivatele" scope="session"/>
    7.14 +
    7.15 +    <h1><fmt:message key="registrace.nadpis"/></h1>
    7.16 +
    7.17 +    <c:choose>
    7.18 +	<c:when test="${param.akceRegistrace == 'kontrola'}">
    7.19 +	    <jsp:setProperty name="uzivatel" property="*"/>
    7.20 +	    <jsp:setProperty name="uzivatelPredRegistraci" property="uzivatel" value="${uzivatel}"/>
    7.21 +	    <jsp:setProperty name="registraceUzivatele" property="uzivatel" value="${uzivatelPredRegistraci}"/>
    7.22 +
    7.23 +	    <p><fmt:message key="registrace.kontrola"/></p>
    7.24 +
    7.25 +	    <p>
    7.26 +		<fmt:message key="dto.uzivatel.prezdivka"/>: <c:out value="${uzivatel.prezdivka}"/><br/>
    7.27 +		<fmt:message key="dto.uzivatel.jmeno"/>: <c:out value="${uzivatel.jmeno}"/><br/>
    7.28 +		<fmt:message key="dto.uzivatel.prijmeni"/>: <c:out value="${uzivatel.prijmeni}"/><br/>
    7.29 +		<fmt:message key="dto.uzivatel.email"/>: <c:out value="${uzivatel.email}"/><br/>
    7.30 +	    </p>
    7.31 +
    7.32 +	    <p>
    7.33 +		<a href="?akce=registrovatUzivatele&amp;amp;akceRegistrace=dokonceni&amp;amp;token=${fn:escapeXml(uzivatelPredRegistraci.token)}">
    7.34 +		    <fmt:message key="registrace.potvrdit"/>
    7.35 +		</a>
    7.36 +	    </p>
    7.37 +
    7.38 +	</c:when>
    7.39 +	<c:when test="${param.akceRegistrace == 'dokonceni'}">
    7.40 +
    7.41 +	    <jsp:setProperty name="registraceUzivatele" property="token" value="${param.token}"/>
    7.42 +
    7.43 +	    <c:choose>
    7.44 +		<c:when test="${registraceUzivatele.dokonciRegistraci}">
    7.45 +		    <p>
    7.46 +			<fmt:message key="registrace.hotovo"/>&amp;#160;
    7.47 +			<a href="?akce=prihlaseni">
    7.48 +			    <fmt:message key="registrace.hotovo.prihlasit"/>
    7.49 +			</a>
    7.50 +		    </p>
    7.51 +		</c:when>
    7.52 +		<c:otherwise>
    7.53 +		    <!--
    7.54 +		    Zaznamenali jsme pokus o CSRF nebo vypršela relace
    7.55 +		    a uživatel se pokouší dokončit registraci po dlouhé době.
    7.56 +		    -->
    7.57 +		    <p><fmt:message key="registrace.chybnyToken"/></p>
    7.58 +		</c:otherwise>
    7.59 +	    </c:choose>
    7.60 +
    7.61 +
    7.62 +	</c:when>
    7.63 +	<c:otherwise>
    7.64 +	    <form method="post" action="?akce=registrovatUzivatele&amp;amp;akceRegistrace=kontrola">
    7.65 +		<fieldset>
    7.66 +		    <fmt:message key="dto.uzivatel.prezdivka.tip" var="prezdivkaTip"/>
    7.67 +		    <label title="${prezdivkaTip}"><fmt:message key="dto.uzivatel.prezdivka"/>: <input type="text" name="prezdivka" maxlength="255"/></label><br/>
    7.68 +		    <label><fmt:message key="dto.uzivatel.heslo"/>: <input type="password" name="heslo" maxlength="255"/></label><br/>
    7.69 +		    <label><fmt:message key="dto.uzivatel.heslo.kontrola"/>: <input type="password" name="heslo_kontrola" maxlength="255"/></label><br/>
    7.70 +		    <br/>
    7.71 +		    <label><fmt:message key="dto.uzivatel.jmeno"/>: <input type="text" name="jmeno" maxlength="255"/></label><br/>
    7.72 +		    <label><fmt:message key="dto.uzivatel.prijmeni"/>: <input type="text" name="prijmeni" maxlength="255"/></label><br/>
    7.73 +		    <label><fmt:message key="dto.uzivatel.email"/>: <input type="text" name="email" maxlength="255"/></label><br/>
    7.74 +		    <button value="submit"><fmt:message key="registrace.tlacitko"/></button>
    7.75 +		</fieldset>
    7.76 +	    </form>
    7.77 +	</c:otherwise>
    7.78 +    </c:choose>
    7.79 +
    7.80 +
    7.81 +
    7.82 +
    7.83 +</jsp:root>
     8.1 --- a/java/nekurak.net-web/web/index.jsp	Thu Mar 04 11:00:19 2010 +0100
     8.2 +++ b/java/nekurak.net-web/web/index.jsp	Thu Mar 04 12:02:41 2010 +0100
     8.3 @@ -50,6 +50,7 @@
     8.4  		    <c:choose>
     8.5  			<c:when test="${prihlasenyUzivatel == null}">
     8.6  			    <li><a href="?akce=prihlaseni"><fmt:message key="prihlasitSe"/></a></li>
     8.7 +			    <li><a href="?akce=registrovatUzivatele"><fmt:message key="registrovatSe"/></a></li>
     8.8  			</c:when>
     8.9  			<c:otherwise>
    8.10  			    <li><a href="?akce=pridatPodnik"><fmt:message key="pridatPodnik"/></a></li>
    8.11 @@ -71,6 +72,9 @@
    8.12  			<c:when test="${param.akce == 'pridatPodnik'}">
    8.13  			    <jsp:include page="/WEB-INF/casti/pridatPodnik.jsp" flush="false"/>
    8.14  			</c:when>
    8.15 +			<c:when test="${param.akce == 'registrovatUzivatele'}">
    8.16 +			    <jsp:include page="/WEB-INF/casti/registrovatUzivatele.jsp" flush="false"/>
    8.17 +			</c:when>
    8.18  			<c:when test="${param.akce == 'prihlaseni'}">
    8.19  			    <jsp:include page="/WEB-INF/casti/prihlaseni.jsp" flush="false"/>
    8.20  			</c:when>