feat[AuthController]: add restrictions for user input that's too long

Add checks for user input that's too long and show corresponding error messages in GUI
Group-5 · Apr 21, 2026 · 9fbe278 · 9fbe278
1 parent 8d24050
commit 9fbe278
Showing 1 changed file with 88 additions and 18 deletions.
diff --git a/src/main/java/edu/group5/app/control/AuthController.java b/src/main/java/edu/group5/app/control/AuthController.java
@@ -9,6 +9,10 @@
 import javafx.scene.control.Alert;
 import javafx.scene.control.ButtonType;
 
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
 /**
@@ -74,44 +78,110 @@ public User getCurrentUser() {
    * @param passwordChars the user's password
    */
   public void handleSignUp(SignUpPageView view, String firstName, String lastName, String email, char[] passwordChars) {
-    if (firstName == null || firstName.trim().isEmpty() ||
-        lastName == null || lastName.trim().isEmpty() ||
-        email == null || email.trim().isEmpty() ||
-        passwordChars == null || passwordChars.length == 0) {
+    if (firstName == null || firstName.trim().isEmpty()
+        || lastName == null || lastName.trim().isEmpty()
+        || email == null || email.trim().isEmpty()
+        || passwordChars == null || passwordChars.length == 0) {
       view.showError("All fields are required");
       return;
     }
 
-    BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
-
-    // Clears password char array after creating a hash.
-    String hashedPassword = encoder.encode(new String(passwordChars));
-    for (int i = 0; i < passwordChars.length; i++) {
-      passwordChars[i] = '\u0000';
+    if (firstName.length() > 32 || lastName.length() > 32
+        || email.length() > 32 || passwordChars.length > 72) {
+
+      HashMap<String, List<String>> fields = new HashMap<String, List<String>>();
+      List<String> fields32 = new ArrayList<String>();
+      List<String> fields72 = new ArrayList<String>();
+      fields.put("32", fields32);
+      fields.put("72", fields72);
+
+      if (firstName.length() > 32) {
+        fields32.add("First Name");
+      }
+      if (lastName.length() > 32) {
+        fields32.add("Last Name");
+      }
+      if (email.length() > 32) {
+        fields32.add("Email");
+      }
+      if (passwordChars.length > 72) {
+        fields72.add("Password");
+      }
+
+      int length32 = fields.get("32").size();
+      int length72 = fields.get("72").size();
+
+      String string32 = "";
+      if (length32 > 0) {
+        if (length32 > 1) {
+          for (int i = 0; i < length32; i++) {
+            if (i == length32 - 1) {
+              string32 += String.format("and %s", fields.get("32").get(i));
+            } else {
+              string32 += String.format("%s, ", fields.get("32").get(i));
+            }
+          }
+          string32 = string32 + " must have lengths of 32 characters.\n";
+        } else {
+          string32 = fields.get("32").getFirst() + " must have a length of 32 characters.\n";
+        }
+      }
+
+      String string72 = "";
+      if (length72 > 0) {
+        if (length72 > 1) {
+          for (int i = 0; i < length72; i++) {
+            if (i == length72 - 1) {
+              string72 += String.format("and %s", fields.get("72").get(i));
+            } else {
+              string72 += String.format("%s, ", fields.get("72").get(i));
+            }
+          }
+          string72 = string72 + " must have lengths of 72 characters.\n";
+        } else {
+          string72 = fields.get("72").getFirst()
+              + " must have a length of 72 characters.\n";
+        }
+      }
+
+      view.showError(string32 + string72 + "Try again.");
+      return;
     }
 
     Alert privacyPolicy = new Alert(Alert.AlertType.CONFIRMATION);
     privacyPolicy.setTitle("Accept Privacy Policy");
     privacyPolicy.setHeaderText("Accept Privacy Policy");
     privacyPolicy.setContentText(
-        "Your user information like:\n" +
-        "Name and email—as well as donations tied to your account—will be saved locally on your machine.\n" +
-        "This information is only used to create your account, and no data will be sold to third parties.\n" +
-        "By creating an account, you accept the right of our app to store this information on your computer.");
+        "Your user information like:\n"
+        + "Name and email—as well as donations tied to your account—"
+        + "will be saved locally on your machine.\n"
+        + "This information is only used to create your account,"
+        + "and no data will be sold to third parties.\n"
+        + "By creating an account,"
+        + "you accept the right of our app to store this information on your computer.");
+
+    BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
+    // Clears password char array after creating a hash.
+    String hashedPassword = encoder.encode(new String(passwordChars));
+    for (int i = 0; i < passwordChars.length; i++) {
+      passwordChars[i] = '\u0000';
+    }
 
     if (privacyPolicy.showAndWait().orElse(ButtonType.CANCEL) == ButtonType.OK) {
       boolean success = userService.registerUser(
           "Customer", firstName, lastName, email, hashedPassword);
 
       if (success) {
+
         User user = userService.getUserByEmail(email);
         appState.setCurrentUser(user);
-        nav.showHomePage();
-    } else {
-      view.showError("Registration failed. Email may already be in use.");
+        nav.showHomePage(); 
+      } else {
+        view.showError("Registration failed. Email may already be in use.");
+      }
     }
   }
-}
+
 
   /**
    * Handles the login of a {@link User}.