diff --git a/src/main/java/seedu/address/logic/CommandHistory.java b/src/main/java/seedu/address/logic/CommandHistory.java index 516d60527573..39bca9b8df57 100644 --- a/src/main/java/seedu/address/logic/CommandHistory.java +++ b/src/main/java/seedu/address/logic/CommandHistory.java @@ -24,7 +24,6 @@ public CommandHistory(CommandHistory commandHistory) { */ public void add(String userInput) { requireNonNull(userInput); - //TODO: Should not show the password here userInputHistory.add(userInput); } diff --git a/src/main/java/seedu/address/logic/LogicManager.java b/src/main/java/seedu/address/logic/LogicManager.java index df40eb185201..9211151dda46 100644 --- a/src/main/java/seedu/address/logic/LogicManager.java +++ b/src/main/java/seedu/address/logic/LogicManager.java @@ -1,5 +1,7 @@ package seedu.address.logic; +import static seedu.address.logic.parser.CliSyntax.PREFIX_PASSWORD; + import java.util.logging.Logger; import javafx.collections.ObservableList; @@ -17,6 +19,7 @@ import seedu.address.logic.parser.exceptions.ParseException; import seedu.address.model.Model; import seedu.address.model.accounts.Account; +import seedu.address.model.accounts.Password; import seedu.address.model.ingredient.Ingredient; import seedu.address.model.menu.Item; import seedu.address.model.person.Person; @@ -49,10 +52,15 @@ private boolean isPublicCommand(Command command) { @Override public CommandResult execute(String commandText) throws CommandException, ParseException { - logger.info("----------------[USER COMMAND][" + commandText + "]"); + String commandTextToLog = commandText; + if (commandText.contains(PREFIX_PASSWORD.getPrefix())) { + commandTextToLog = Password.maskPassword(commandText); + } + logger.info("----------------[USER COMMAND][" + commandTextToLog + "]"); try { Command command = addressBookParser.parseCommand(commandText); + if (!isPublicCommand(command) && !UserSession.isAuthenticated()) { throw new CommandException(Messages.MESSAGE_COMMAND_FORBIDDEN); } diff --git a/src/main/java/seedu/address/logic/commands/accounts/DeregisterCommand.java b/src/main/java/seedu/address/logic/commands/accounts/DeregisterCommand.java index 483df772be87..172195ddc9d0 100644 --- a/src/main/java/seedu/address/logic/commands/accounts/DeregisterCommand.java +++ b/src/main/java/seedu/address/logic/commands/accounts/DeregisterCommand.java @@ -24,8 +24,8 @@ public class DeregisterCommand extends Command { + "Example: " + COMMAND_WORD + " " + PREFIX_ID + "azhikai"; - public static final String MESSAGE_SUCCESS = "Account deregistered: %1$s!"; - public static final String MESSAGE_USERNAME_NOT_FOUND = "This username does not exists."; + public static final String MESSAGE_SUCCESS = "Account deregistered: %1$s"; + public static final String MESSAGE_USERNAME_NOT_FOUND = "This username does not exist"; private final Account account; diff --git a/src/main/java/seedu/address/logic/commands/accounts/LoginCommand.java b/src/main/java/seedu/address/logic/commands/accounts/LoginCommand.java index fb166eea8b2e..0c02f6f955fa 100644 --- a/src/main/java/seedu/address/logic/commands/accounts/LoginCommand.java +++ b/src/main/java/seedu/address/logic/commands/accounts/LoginCommand.java @@ -30,10 +30,10 @@ public class LoginCommand extends Command { + PREFIX_ID + "azhikai " + PREFIX_PASSWORD + "1122qq"; - public static final String MESSAGE_SUCCESS = "Successfully logged in to '%s'!"; - public static final String MESSAGE_ACCOUNT_NOT_FOUND = "The account does not exist."; - public static final String MESSAGE_WRONG_PASSWORD = "The credential is invalid."; - public static final String MESSAGE_ALREADY_AUTHENTICATED = "You are already logged in."; + public static final String MESSAGE_SUCCESS = "Successfully logged in to %s"; + public static final String MESSAGE_ACCOUNT_NOT_FOUND = "The account does not exist"; + public static final String MESSAGE_WRONG_PASSWORD = "The credential is invalid"; + public static final String MESSAGE_ALREADY_AUTHENTICATED = "You are already logged in"; private final Account toLogin; @@ -60,7 +60,7 @@ public CommandResult execute(Model model, CommandHistory history) throws Command retrievedAccount.getPassword().toString().getBytes()); if (!isVerified) { - return new CommandResult(MESSAGE_WRONG_PASSWORD); + throw new CommandException(MESSAGE_WRONG_PASSWORD); } EventsCenter.getInstance().post(new LoginEvent(toLogin)); diff --git a/src/main/java/seedu/address/logic/commands/accounts/LogoutCommand.java b/src/main/java/seedu/address/logic/commands/accounts/LogoutCommand.java index d89227f541ce..da24097ef8ce 100644 --- a/src/main/java/seedu/address/logic/commands/accounts/LogoutCommand.java +++ b/src/main/java/seedu/address/logic/commands/accounts/LogoutCommand.java @@ -21,8 +21,8 @@ public class LogoutCommand extends Command { public static final String MESSAGE_USAGE = COMMAND_WORD + ": Logout of the system. " + "Example: " + COMMAND_WORD; - public static final String MESSAGE_SUCCESS = "You have been logged out."; - public static final String MESSAGE_NOT_AUTHENTICATED = "You are not logged in."; + public static final String MESSAGE_SUCCESS = "You have been logged out"; + public static final String MESSAGE_NOT_AUTHENTICATED = "You are not logged in"; @Override public CommandResult execute(Model model, CommandHistory history) throws CommandException { diff --git a/src/main/java/seedu/address/logic/commands/accounts/RegisterCommand.java b/src/main/java/seedu/address/logic/commands/accounts/RegisterCommand.java index 43b3a3fa3d0d..f08450e1c6b0 100644 --- a/src/main/java/seedu/address/logic/commands/accounts/RegisterCommand.java +++ b/src/main/java/seedu/address/logic/commands/accounts/RegisterCommand.java @@ -27,8 +27,8 @@ public class RegisterCommand extends Command { + PREFIX_ID + "azhikai " + PREFIX_PASSWORD + "1122qq"; - public static final String MESSAGE_SUCCESS = "New account registered: %1$s!"; - public static final String MESSAGE_DUPLICATE_USERNAME = "This username already exists."; + public static final String MESSAGE_SUCCESS = "New account registered: %1$s"; + public static final String MESSAGE_DUPLICATE_USERNAME = "This username already exists"; private final Account account; diff --git a/src/main/java/seedu/address/model/accounts/Password.java b/src/main/java/seedu/address/model/accounts/Password.java index 63a50c880e06..1990c17e6f3e 100644 --- a/src/main/java/seedu/address/model/accounts/Password.java +++ b/src/main/java/seedu/address/model/accounts/Password.java @@ -2,6 +2,7 @@ import static java.util.Objects.requireNonNull; import static seedu.address.commons.util.AppUtil.checkArgument; +import static seedu.address.logic.parser.CliSyntax.PREFIX_PASSWORD; import java.nio.charset.StandardCharsets; import java.util.Arrays; @@ -26,6 +27,8 @@ public class Password { */ private static final String PASSWORD_VALIDATION_REGEX = "[\\p{ASCII}&&[\\S]]{6,20}"; + private static final String PASSWORD_MASK = "*****"; + private static final int MAX_SALT_LENGTH = 16; private String password; @@ -75,6 +78,17 @@ public static boolean isHashed(String password) { return password.contains("$2a$06$") && password.length() > 20; } + /** + * Mask the password in the command + * + * @param commandText the command that contains the password. + * @return the commandText with the masked password. + */ + public static String maskPassword(String commandText) { + String[] splitCommandText = commandText.split(PREFIX_PASSWORD.getPrefix()); + return splitCommandText[0] + PREFIX_PASSWORD + PASSWORD_MASK; + } + /** * Hash the password. * diff --git a/src/main/java/seedu/address/ui/CommandBox.java b/src/main/java/seedu/address/ui/CommandBox.java index 3d7aaded5640..b54e15db7300 100644 --- a/src/main/java/seedu/address/ui/CommandBox.java +++ b/src/main/java/seedu/address/ui/CommandBox.java @@ -61,8 +61,8 @@ private void handleKeyPress(KeyEvent keyEvent) { } /** - * Updates the text field with the previous input in {@code historySnapshot}, - * if there exists a previous input in {@code historySnapshot} + * Updates the text field with the previous input in {@code historySnapshot}, if there exists a previous input in + * {@code historySnapshot} */ private void navigateToPreviousInput() { assert historySnapshot != null; @@ -74,8 +74,8 @@ private void navigateToPreviousInput() { } /** - * Updates the text field with the next input in {@code historySnapshot}, - * if there exists a next input in {@code historySnapshot} + * Updates the text field with the next input in {@code historySnapshot}, if there exists a next input in {@code + * historySnapshot} */ private void navigateToNextInput() { assert historySnapshot != null; @@ -87,8 +87,7 @@ private void navigateToNextInput() { } /** - * Sets {@code CommandBox}'s text field with {@code text} and - * positions the caret to the end of the {@code text}. + * Sets {@code CommandBox}'s text field with {@code text} and positions the caret to the end of the {@code text}. */ private void replaceText(String text) { commandTextField.setText(text); @@ -113,7 +112,7 @@ private void handleCommandEntered() { initHistory(); // handle command failure setStyleToIndicateCommandFailure(); - logger.info("Invalid command: " + commandTextField.getText()); + logger.info("Exception: " + e.getMessage()); raise(new NewResultAvailableEvent(e.getMessage())); } } diff --git a/src/test/java/seedu/address/logic/commands/accounts/LoginCommandTest.java b/src/test/java/seedu/address/logic/commands/accounts/LoginCommandTest.java index da7aa9db7939..1679b5d71838 100644 --- a/src/test/java/seedu/address/logic/commands/accounts/LoginCommandTest.java +++ b/src/test/java/seedu/address/logic/commands/accounts/LoginCommandTest.java @@ -67,11 +67,11 @@ public void execute_loginIfAlreadyLoggedIn() throws CommandException { @Test public void execute_invalidPassword() throws CommandException { - Account invalidAccount = new AccountBuilder().withPassword("1122qq!@#123").build(); - CommandResult commandResult = new LoginCommand(invalidAccount).execute(model, commandHistory); + thrown.expect(CommandException.class); + thrown.expectMessage(LoginCommand.MESSAGE_WRONG_PASSWORD); - assertEquals(LoginCommand.MESSAGE_WRONG_PASSWORD, commandResult.feedbackToUser); - assertEquals(EMPTY_COMMAND_HISTORY, commandHistory); + Account invalidAccount = new AccountBuilder().withPassword("1122qq!@#123").build(); + new LoginCommand(invalidAccount).execute(model, commandHistory); } @Test