Merge pull request #4 from APSN4/feature/password

feature: encrypt code snippets with a password

Author: nuromirzak

.gitignore

@@ -37,4 +37,7 @@ out/
 .vscode/
 
 ### H2 Database ###
-*.db
+*.db
+
+### macOS files ###
+.DS_Store

src/main/java/codes/sharing/sharingcodes/controller/GetController.java

@@ -20,9 +20,16 @@ public GetController(@Autowired CodeService codeService) {
     }
 
     @GetMapping("/code/{N}")
-    public String getNthCode(@PathVariable String N, Model model) {
+    public String getNthCode(@PathVariable String N, @RequestParam(value = "password", required = false) String password, Model model) {
         try {
             Code currentCode = codeService.getById(N);
+
+            if (password == null) password = "";
+            if (!password.equals(currentCode.getPassword())) {
+                return "password";
+            }
+            codeService.refreshCode(currentCode);
+
             DateDTO dateDTO = codeService.formatDate(currentCode.getDate());
             model.addAttribute("pieceOfCode", currentCode);
             model.addAttribute("dateDTO", dateDTO);

src/main/java/codes/sharing/sharingcodes/controller/PostController.java

@@ -1,12 +1,15 @@
 package codes.sharing.sharingcodes.controller;
 
+import codes.sharing.sharingcodes.dto.PasswordDTO;
 import codes.sharing.sharingcodes.model.Code;
 import codes.sharing.sharingcodes.service.CodeService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.stereotype.Controller;
 
+import java.util.HashMap;
 import java.util.Map;
 
 @Controller
@@ -40,4 +43,15 @@ public Map<String, String> createApiCode(@RequestBody Code newCode) {
     public Object getLatestApiCodes() {
         return codeService.getLatestNCode(10);
     }
+
+    @PostMapping(value = "/api/code/password", produces = MediaType.APPLICATION_JSON_VALUE)
+    @ResponseBody
+    public ResponseEntity<Object> checkPassword(@RequestBody PasswordDTO passwordDTO) {
+        Code currentCode = codeService.getById(passwordDTO.getId());
+        if (currentCode.getPassword().equals(passwordDTO.getPassword())) {
+            return ResponseEntity.ok().build();
+        } else {
+            return ResponseEntity.badRequest().build();
+        }
+    }
 }

src/main/java/codes/sharing/sharingcodes/dto/PasswordDTO.java

@@ -0,0 +1,35 @@
+package codes.sharing.sharingcodes.dto;
+
+public class PasswordDTO {
+
+    public PasswordDTO(String password, String id) {
+        this.password = password;
+        this.id = id;
+    }
+
+    public PasswordDTO(String password) {
+        this.password = password;
+    }
+    public PasswordDTO() {
+        this.password = "";
+    }
+
+    private String password;
+    private String id;
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
+
+    public String getId() {
+        return id;
+    }
+
+    public void setId(String id) {
+        this.id = id;
+    }
+}

src/main/java/codes/sharing/sharingcodes/model/Code.java

@@ -36,6 +36,9 @@ public class Code {
     @Column(name = "timelimit")
     private boolean timeLimit;
 
+    @Column(name = "password")
+    private String password;
+
     public Code() {
 
     }
@@ -53,6 +56,7 @@ public Code(Code code) {
         if (this.time > 0) {
             this.timeLimit = true;
         }
+        this.password = code.getPassword() == null ? "" : code.getPassword();
     }
 
     public String getId() {
@@ -131,4 +135,12 @@ public String shortCode() {
             return getCode();
         }
     }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
 }

src/main/java/codes/sharing/sharingcodes/service/CodeService.java

@@ -1,6 +1,7 @@
 package codes.sharing.sharingcodes.service;
 
 import codes.sharing.sharingcodes.dto.DateDTO;
+import codes.sharing.sharingcodes.dto.PasswordDTO;
 import codes.sharing.sharingcodes.model.Code;
 
 import java.util.List;
@@ -11,6 +12,8 @@ public interface CodeService {
 
     public void putCode(Code newCode);
 
+    public void refreshCode(Code code);
+
     public List<Code> getLatestNCode(int n);
 
     public boolean isExist(String id);

src/main/java/codes/sharing/sharingcodes/service/CodeServiceImpl.java

@@ -1,6 +1,7 @@
 package codes.sharing.sharingcodes.service;
 
 import codes.sharing.sharingcodes.dto.DateDTO;
+import codes.sharing.sharingcodes.dto.PasswordDTO;
 import codes.sharing.sharingcodes.exceptions.NotFoundSnippet;
 import codes.sharing.sharingcodes.model.Code;
 import codes.sharing.sharingcodes.repository.CodeRepository;
@@ -24,10 +25,6 @@ public CodeServiceImpl(@Autowired CodeRepository repo) {
 
     @Override
     public Code getById(String id) {
-        Code code = repo.findById(id).orElseThrow(() -> new NotFoundSnippet(id));
-        if (code.hasLimit()) {
-            refresh(code);
-        }
         return repo.findById(id).orElseThrow(() -> new NotFoundSnippet(id));
     }
 
@@ -38,6 +35,14 @@ public void putCode(Code newCode) {
         repo.save(code);
     }
 
+    @Override
+    public void refreshCode(Code code) {
+        if (code.hasLimit()) {
+            refresh(code);
+        }
+    }
+
+
     @Override
     public List<Code> getLatestNCode(int n) {
         List<Code> codes = (List<Code>) repo.findAll();
@@ -78,7 +83,7 @@ public List<Code> superGetAll() {
     private void refresh(Code code) {
         if (code.isViewsLimit() && code.getViews() >= 0) {
             code.setViews(code.getViews() - 1);
-            if (code.getViews() < 0) {
+            if (code.getViews() <= 0) {
                 repo.delete(code);
                 return;
             }

src/main/resources/static/js/myScript.js

@@ -22,7 +22,8 @@ function send() {
     let object = {
         "code": document.getElementById("code_snippet").value,
         "views": document.getElementById("views_restriction").value,
-        "time": document.getElementById("time_restriction").value
+        "time": document.getElementById("time_restriction").value,
+        "password": document.getElementById("password_field").value
     };
 
     let json = JSON.stringify(object);
@@ -55,4 +56,32 @@ function send() {
         errorCode.innerHTML = xhr.status + " " + xhr.statusText;
         return;
     }
-}
+}
+
+function check() {
+    const codeId = location.pathname.substring(6);
+    var object = {
+        "password": document.getElementById("password_field").value,
+        "id": codeId
+    };
+    let json = JSON.stringify(object);
+
+    try {
+        xhr = new XMLHttpRequest();
+        xhr.open("POST", '/api/code/password', false)
+        xhr.setRequestHeader('Content-type', 'application/json; charset=utf-8');
+        xhr.send(json);
+
+        var url = location.protocol + '//' + location.host + location.pathname + '?password=' + object.password;
+
+        if (xhr.status == 200) {
+            window.location.href = url;
+        } else if (xhr.status == 400){
+            dangerMessage.style.display = "block";
+        } else {
+            window.location.href = url;
+        }
+    } catch (error) {
+        console.error(error.message);
+    }
+}

src/main/resources/templates/getcode.ftlh

@@ -5,6 +5,7 @@
     <meta charset="UTF-8">
     <meta http-equiv="X-UA-Compatible" content="IE=edge">
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <meta name="page-status" content="available"/>
     <link rel="stylesheet" href="/css/bootstrap.min.css">
     <link rel="stylesheet" href="/css/styles.css">
     <script src="https://kit.fontawesome.com/224143ea2d.js" crossorigin="anonymous"></script>

src/main/resources/templates/index.ftlh

@@ -60,7 +60,18 @@
                     <small class="form-text text-muted">This will allow viewing a code snippet for a certain period of time, and after its expiration, the code snippet is deleted from the database.</small>
                 </div>
             </div>
+            <p></p>
             <button id="send_snippet" type="submit" class="btn btn-primary">Submit</button>
+            <button id="set_password" type="button" class="btn btn-outline-primary" data-toggle="collapse" href="#collapsePassword" role="button" aria-expanded="false" aria-controls="collapsePassword">Set password</button>
+            <p></p>
+            <div class="collapse" id="collapsePassword">
+                <div class="input-group mb-3">
+                    <div class="input-group-prepend">
+                        <span class="input-group-text" id="inputGroup-sizing-default">Password</span>
+                    </div>
+                    <input type="text" class="form-control" id="password_field" aria-label="Password input" aria-describedby="inputGroup-sizing-default">
+                </div>
+            </div>
         </div>
     </form>
 </div>