From cf0d59ab6104f80dc4fb96e818ec122c710ef9aa Mon Sep 17 00:00:00 2001 From: zzz Date: Tue, 6 Feb 2018 14:36:31 +0000 Subject: [PATCH] Password change form handling --- .../i2pcontrol/servlets/JSONRPC2Servlet.java | 28 +++++++++++++++---- 1 file changed, 23 insertions(+), 5 deletions(-) diff --git a/src/java/net/i2p/i2pcontrol/servlets/JSONRPC2Servlet.java b/src/java/net/i2p/i2pcontrol/servlets/JSONRPC2Servlet.java index a5e8212..51e4976 100644 --- a/src/java/net/i2p/i2pcontrol/servlets/JSONRPC2Servlet.java +++ b/src/java/net/i2p/i2pcontrol/servlets/JSONRPC2Servlet.java @@ -167,13 +167,31 @@ public class JSONRPC2Servlet extends HttpServlet { } /** @since 0.12 */ - private void doPasswordChange(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException { + private void doPasswordChange(HttpServletRequest req, HttpServletResponse httpServletResponse) throws ServletException, IOException { httpServletResponse.setContentType("text/html"); PrintWriter out = httpServletResponse.getWriter(); - if (true) { - out.println("

API Password not changed"); - } else { - out.println("

API Password changed"); + String pw = req.getParameter("password"); + if (pw == null) + pw = _secMan.DEFAULT_AUTH_PASSWORD; + else + pw = pw.trim(); + String pw2 = req.getParameter("password2"); + String pw3 = req.getParameter("password3"); + if (pw2 == null || pw3 == null) { + out.println("

Enter new password twice!"); + } else { + pw2 = pw2.trim(); + pw3 = pw3.trim(); + if (!pw2.equals(pw3)) { + out.println("

New passwords don't match!"); + } else if (pw2.length() <= 0) { + out.println("

Enter new password twice!"); + } else if (_secMan.isValid(pw)) { + _secMan.setPasswd(pw2); + out.println("

API Password changed"); + } else { + out.println("

Incorrect old password, not changed"); + } } out.println("

Change API Password"); }