Merge pull request #135 from AZhiKai/feature/issue-98

v1.3: Mask password
CS2103-AY1819S1-F10-4 · Oct 24, 2018 · 0d36a52 · 0d36a52
2 parents a6a6a17 + 2818612
commit 0d36a52
Show file tree

Hide file tree

Showing 9 changed files with 44 additions and 24 deletions.
diff --git a/src/main/java/seedu/address/logic/CommandHistory.java b/src/main/java/seedu/address/logic/CommandHistory.java
@@ -24,7 +24,6 @@ public CommandHistory(CommandHistory commandHistory) {
      */
     public void add(String userInput) {
         requireNonNull(userInput);
-        //TODO: Should not show the password here
         userInputHistory.add(userInput);
     }
 

diff --git a/src/main/java/seedu/address/logic/LogicManager.java b/src/main/java/seedu/address/logic/LogicManager.java
@@ -1,5 +1,7 @@
 package seedu.address.logic;
 
+import static seedu.address.logic.parser.CliSyntax.PREFIX_PASSWORD;
+
 import java.util.logging.Logger;
 
 import javafx.collections.ObservableList;
@@ -17,6 +19,7 @@
 import seedu.address.logic.parser.exceptions.ParseException;
 import seedu.address.model.Model;
 import seedu.address.model.accounts.Account;
+import seedu.address.model.accounts.Password;
 import seedu.address.model.ingredient.Ingredient;
 import seedu.address.model.menu.Item;
 import seedu.address.model.person.Person;
@@ -49,10 +52,15 @@ private boolean isPublicCommand(Command command) {
 
     @Override
     public CommandResult execute(String commandText) throws CommandException, ParseException {
-        logger.info("----------------[USER COMMAND][" + commandText + "]");
+        String commandTextToLog = commandText;
+        if (commandText.contains(PREFIX_PASSWORD.getPrefix())) {
+            commandTextToLog = Password.maskPassword(commandText);
+        }
+        logger.info("----------------[USER COMMAND][" + commandTextToLog + "]");
 
         try {
             Command command = addressBookParser.parseCommand(commandText);
+
             if (!isPublicCommand(command) && !UserSession.isAuthenticated()) {
                 throw new CommandException(Messages.MESSAGE_COMMAND_FORBIDDEN);
             }

diff --git a/src/main/java/seedu/address/logic/commands/accounts/DeregisterCommand.java b/src/main/java/seedu/address/logic/commands/accounts/DeregisterCommand.java
@@ -24,8 +24,8 @@ public class DeregisterCommand extends Command {
             + "Example: " + COMMAND_WORD + " "
             + PREFIX_ID + "azhikai";
 
-    public static final String MESSAGE_SUCCESS = "Account deregistered: %1$s!";
-    public static final String MESSAGE_USERNAME_NOT_FOUND = "This username does not exists.";
+    public static final String MESSAGE_SUCCESS = "Account deregistered: %1$s";
+    public static final String MESSAGE_USERNAME_NOT_FOUND = "This username does not exist";
 
     private final Account account;
 

diff --git a/src/main/java/seedu/address/logic/commands/accounts/LoginCommand.java b/src/main/java/seedu/address/logic/commands/accounts/LoginCommand.java
@@ -30,10 +30,10 @@ public class LoginCommand extends Command {
             + PREFIX_ID + "azhikai "
             + PREFIX_PASSWORD + "1122qq";
 
-    public static final String MESSAGE_SUCCESS = "Successfully logged in to '%s'!";
-    public static final String MESSAGE_ACCOUNT_NOT_FOUND = "The account does not exist.";
-    public static final String MESSAGE_WRONG_PASSWORD = "The credential is invalid.";
-    public static final String MESSAGE_ALREADY_AUTHENTICATED = "You are already logged in.";
+    public static final String MESSAGE_SUCCESS = "Successfully logged in to %s";
+    public static final String MESSAGE_ACCOUNT_NOT_FOUND = "The account does not exist";
+    public static final String MESSAGE_WRONG_PASSWORD = "The credential is invalid";
+    public static final String MESSAGE_ALREADY_AUTHENTICATED = "You are already logged in";
 
     private final Account toLogin;
 
@@ -60,7 +60,7 @@ public CommandResult execute(Model model, CommandHistory history) throws Command
                 retrievedAccount.getPassword().toString().getBytes());
 
         if (!isVerified) {
-            return new CommandResult(MESSAGE_WRONG_PASSWORD);
+            throw new CommandException(MESSAGE_WRONG_PASSWORD);
         }
 
         EventsCenter.getInstance().post(new LoginEvent(toLogin));

diff --git a/src/main/java/seedu/address/logic/commands/accounts/LogoutCommand.java b/src/main/java/seedu/address/logic/commands/accounts/LogoutCommand.java
@@ -21,8 +21,8 @@ public class LogoutCommand extends Command {
     public static final String MESSAGE_USAGE = COMMAND_WORD + ": Logout of the system. "
             + "Example: " + COMMAND_WORD;
 
-    public static final String MESSAGE_SUCCESS = "You have been logged out.";
-    public static final String MESSAGE_NOT_AUTHENTICATED = "You are not logged in.";
+    public static final String MESSAGE_SUCCESS = "You have been logged out";
+    public static final String MESSAGE_NOT_AUTHENTICATED = "You are not logged in";
 
     @Override
     public CommandResult execute(Model model, CommandHistory history) throws CommandException {

diff --git a/src/main/java/seedu/address/logic/commands/accounts/RegisterCommand.java b/src/main/java/seedu/address/logic/commands/accounts/RegisterCommand.java
@@ -27,8 +27,8 @@ public class RegisterCommand extends Command {
             + PREFIX_ID + "azhikai "
             + PREFIX_PASSWORD + "1122qq";
 
-    public static final String MESSAGE_SUCCESS = "New account registered: %1$s!";
-    public static final String MESSAGE_DUPLICATE_USERNAME = "This username already exists.";
+    public static final String MESSAGE_SUCCESS = "New account registered: %1$s";
+    public static final String MESSAGE_DUPLICATE_USERNAME = "This username already exists";
 
     private final Account account;
 

diff --git a/src/main/java/seedu/address/model/accounts/Password.java b/src/main/java/seedu/address/model/accounts/Password.java
@@ -2,6 +2,7 @@
 
 import static java.util.Objects.requireNonNull;
 import static seedu.address.commons.util.AppUtil.checkArgument;
+import static seedu.address.logic.parser.CliSyntax.PREFIX_PASSWORD;
 
 import java.nio.charset.StandardCharsets;
 import java.util.Arrays;
@@ -26,6 +27,8 @@ public class Password {
      */
     private static final String PASSWORD_VALIDATION_REGEX = "[\\p{ASCII}&&[\\S]]{6,20}";
 
+    private static final String PASSWORD_MASK = "*****";
+
     private static final int MAX_SALT_LENGTH = 16;
 
     private String password;
@@ -75,6 +78,17 @@ public static boolean isHashed(String password) {
         return password.contains("$2a$06$") && password.length() > 20;
     }
 
+    /**
+     * Mask the password in the command
+     *
+     * @param commandText the command that contains the password.
+     * @return the commandText with the masked password.
+     */
+    public static String maskPassword(String commandText) {
+        String[] splitCommandText = commandText.split(PREFIX_PASSWORD.getPrefix());
+        return splitCommandText[0] + PREFIX_PASSWORD + PASSWORD_MASK;
+    }
+
     /**
      * Hash the password.
      *

diff --git a/src/main/java/seedu/address/ui/CommandBox.java b/src/main/java/seedu/address/ui/CommandBox.java
@@ -61,8 +61,8 @@ private void handleKeyPress(KeyEvent keyEvent) {
     }
 
     /**
-     * Updates the text field with the previous input in {@code historySnapshot},
-     * if there exists a previous input in {@code historySnapshot}
+     * Updates the text field with the previous input in {@code historySnapshot}, if there exists a previous input in
+     * {@code historySnapshot}
      */
     private void navigateToPreviousInput() {
         assert historySnapshot != null;
@@ -74,8 +74,8 @@ private void navigateToPreviousInput() {
     }
 
     /**
-     * Updates the text field with the next input in {@code historySnapshot},
-     * if there exists a next input in {@code historySnapshot}
+     * Updates the text field with the next input in {@code historySnapshot}, if there exists a next input in {@code
+     * historySnapshot}
      */
     private void navigateToNextInput() {
         assert historySnapshot != null;
@@ -87,8 +87,7 @@ private void navigateToNextInput() {
     }
 
     /**
-     * Sets {@code CommandBox}'s text field with {@code text} and
-     * positions the caret to the end of the {@code text}.
+     * Sets {@code CommandBox}'s text field with {@code text} and positions the caret to the end of the {@code text}.
      */
     private void replaceText(String text) {
         commandTextField.setText(text);
@@ -113,7 +112,7 @@ private void handleCommandEntered() {
             initHistory();
             // handle command failure
             setStyleToIndicateCommandFailure();
-            logger.info("Invalid command: " + commandTextField.getText());
+            logger.info("Exception: " + e.getMessage());
             raise(new NewResultAvailableEvent(e.getMessage()));
         }
     }

diff --git a/src/test/java/seedu/address/logic/commands/accounts/LoginCommandTest.java b/src/test/java/seedu/address/logic/commands/accounts/LoginCommandTest.java
@@ -67,11 +67,11 @@ public void execute_loginIfAlreadyLoggedIn() throws CommandException {
 
     @Test
     public void execute_invalidPassword() throws CommandException {
-        Account invalidAccount = new AccountBuilder().withPassword("1122qq!@#123").build();
-        CommandResult commandResult = new LoginCommand(invalidAccount).execute(model, commandHistory);
+        thrown.expect(CommandException.class);
+        thrown.expectMessage(LoginCommand.MESSAGE_WRONG_PASSWORD);
 
-        assertEquals(LoginCommand.MESSAGE_WRONG_PASSWORD, commandResult.feedbackToUser);
-        assertEquals(EMPTY_COMMAND_HISTORY, commandHistory);
+        Account invalidAccount = new AccountBuilder().withPassword("1122qq!@#123").build();
+        new LoginCommand(invalidAccount).execute(model, commandHistory);
     }
 
     @Test