diff --git a/Mage.Client/src/main/java/mage/client/dialog/ConnectDialog.java b/Mage.Client/src/main/java/mage/client/dialog/ConnectDialog.java
index ddd4c10923..557e251042 100644
--- a/Mage.Client/src/main/java/mage/client/dialog/ConnectDialog.java
+++ b/Mage.Client/src/main/java/mage/client/dialog/ConnectDialog.java
@@ -346,10 +346,7 @@ public class ConnectDialog extends MageDialog {
JOptionPane.showMessageDialog(rootPane, "Please provide a user name");
return;
}
- if (txtPassword.getText().isEmpty()) {
- JOptionPane.showMessageDialog(rootPane, "Please provide a password");
- return;
- }
+ // txtPassword is not checked here, because authentication might be disabled by the server config.
if (Integer.valueOf(txtPort.getText()) < 1 || Integer.valueOf(txtPort.getText()) > 65535) {
JOptionPane.showMessageDialog(rootPane, "Invalid port number");
txtPort.setText(MageFrame.getPreferences().get("serverPort", Integer.toString(Config.port)));
diff --git a/Mage.Server/config/config.xml b/Mage.Server/config/config.xml
index 4070d1a7ea..7695e7a663 100644
--- a/Mage.Server/config/config.xml
+++ b/Mage.Server/config/config.xml
@@ -32,7 +32,9 @@
maxSecondsIdle="600"
minUserNameLength="3"
maxUserNameLength="14"
- userNamePattern="[^a-z0-9_]"
+ invalidUserNamePattern="[^a-z0-9_]"
+ minPasswordLength="8"
+ maxPasswordLength="100"
maxAiOpponents="15"
saveGameActivated="false"
authenticationActivated="false"
diff --git a/Mage.Server/src/main/java/mage/server/GmailClient.java b/Mage.Server/src/main/java/mage/server/GmailClient.java
index 2d0516d4b1..3edc2f307e 100644
--- a/Mage.Server/src/main/java/mage/server/GmailClient.java
+++ b/Mage.Server/src/main/java/mage/server/GmailClient.java
@@ -63,6 +63,10 @@ public class GmailClient {
}
public static boolean sendMessage(String email, String subject, String text) {
+ if (email.length() == 0) {
+ logger.info("Email is not sent because the address is empty");
+ return false;
+ }
try {
Gmail gmail = new Builder(httpTransport, JSON_FACTORY, credential).setApplicationName("XMage Server").build();
diff --git a/Mage.Server/src/main/java/mage/server/Session.java b/Mage.Server/src/main/java/mage/server/Session.java
index 6d7792c91b..891acc7283 100644
--- a/Mage.Server/src/main/java/mage/server/Session.java
+++ b/Mage.Server/src/main/java/mage/server/Session.java
@@ -55,6 +55,10 @@ import org.jboss.remoting.callback.InvokerCallbackHandler;
public class Session {
private static final Logger logger = Logger.getLogger(Session.class);
+ private static Pattern invalidUserNamePattern =
+ Pattern.compile(ConfigSettings.getInstance().getInvalidUserNamePattern(), Pattern.CASE_INSENSITIVE);
+ private static Pattern alphabetsPattern = Pattern.compile("[a-zA-Z]");
+ private static Pattern digitsPattern = Pattern.compile("[0-9]");
private final String sessionId;
private UUID userId;
@@ -76,7 +80,9 @@ public class Session {
public String registerUser(String userName, String password, String email) throws MageException {
if (!ConfigSettings.getInstance().isAuthenticationActivated()) {
- return "Registration is disabled by the server config.";
+ String returnMessage = "Registration is disabled by the server config";
+ sendErrorMessageToClient(returnMessage);
+ return returnMessage;
}
synchronized(AuthorizedUserRepository.instance) {
String returnMessage = validateUserName(userName);
@@ -84,7 +90,7 @@ public class Session {
sendErrorMessageToClient(returnMessage);
return returnMessage;
}
- returnMessage = validatePassword(password);
+ returnMessage = validatePassword(password, userName);
if (returnMessage != null) {
sendErrorMessageToClient(returnMessage);
return returnMessage;
@@ -104,14 +110,14 @@ public class Session {
if (userName.equals("Admin")) {
return "User name Admin already in use";
}
- if (userName.length() > ConfigSettings.getInstance().getMaxUserNameLength()) {
- return "User name may not be longer than " + ConfigSettings.getInstance().getMaxUserNameLength() + " characters";
+ ConfigSettings config = ConfigSettings.getInstance();
+ if (userName.length() < config.getMinUserNameLength()) {
+ return "User name may not be shorter than " + config.getMinUserNameLength() + " characters";
}
- if (userName.length() < ConfigSettings.getInstance().getMinUserNameLength()) {
- return "User name may not be shorter than " + ConfigSettings.getInstance().getMinUserNameLength() + " characters";
+ if (userName.length() > config.getMaxUserNameLength()) {
+ return "User name may not be longer than " + config.getMaxUserNameLength() + " characters";
}
- Pattern p = Pattern.compile(ConfigSettings.getInstance().getUserNamePattern(), Pattern.CASE_INSENSITIVE);
- Matcher m = p.matcher(userName);
+ Matcher m = invalidUserNamePattern.matcher(userName);
if (m.find()) {
return "User name '" + userName + "' includes not allowed characters: use a-z, A-Z and 0-9";
}
@@ -122,9 +128,21 @@ public class Session {
return null;
}
- static private String validatePassword(String password) {
- if (password.length() == 0) {
- return "Password needs to be non-empty";
+ static private String validatePassword(String password, String userName) {
+ ConfigSettings config = ConfigSettings.getInstance();
+ if (password.length() < config.getMinPasswordLength()) {
+ return "Password may not be shorter than " + config.getMinPasswordLength() + " characters";
+ }
+ if (password.length() > config.getMaxPasswordLength()) {
+ return "Password may not be longer than " + config.getMaxPasswordLength() + " characters";
+ }
+ if (password.equals(userName)) {
+ return "Password may not be the same as your username";
+ }
+ Matcher alphabetsMatcher = alphabetsPattern.matcher(password);
+ Matcher digitsMatcher = digitsPattern.matcher(password);
+ if (!alphabetsMatcher.find() || !digitsMatcher.find()) {
+ return "Password has to include at least one alphabet (a-zA-Z) and also at least one digit (0-9)";
}
return null;
}
diff --git a/Mage.Server/src/main/java/mage/server/util/ConfigSettings.java b/Mage.Server/src/main/java/mage/server/util/ConfigSettings.java
index c85f97c257..b73961956a 100644
--- a/Mage.Server/src/main/java/mage/server/util/ConfigSettings.java
+++ b/Mage.Server/src/main/java/mage/server/util/ConfigSettings.java
@@ -111,8 +111,16 @@ public class ConfigSettings {
return config.getServer().getMaxUserNameLength().intValue();
}
- public String getUserNamePattern() {
- return config.getServer().getUserNamePattern();
+ public String getInvalidUserNamePattern() {
+ return config.getServer().getInvalidUserNamePattern();
+ }
+
+ public int getMinPasswordLength() {
+ return config.getServer().getMinPasswordLength().intValue();
+ }
+
+ public int getMaxPasswordLength() {
+ return config.getServer().getMaxPasswordLength().intValue();
}
public String getMaxAiOpponents() {
diff --git a/Mage.Server/src/main/xml-resources/jaxb/Config/Config.xsd b/Mage.Server/src/main/xml-resources/jaxb/Config/Config.xsd
index 25adcc1e0e..c2fa00ef8a 100644
--- a/Mage.Server/src/main/xml-resources/jaxb/Config/Config.xsd
+++ b/Mage.Server/src/main/xml-resources/jaxb/Config/Config.xsd
@@ -29,7 +29,9 @@
-
+
+
+