Updated to new WebServer-Version

src/main/java/org/openautonomousconnection/oac2web/frontend/register.java

@@ -0,0 +1,96 @@
+package org.openautonomousconnection.oac2web.frontend;
+
+import org.openautonomousconnection.oac2web.utils.Oac2WebApp;
+import org.openautonomousconnection.oac2web.utils.Sha256;
+import org.openautonomousconnection.protocol.packets.v1_0_0.beta.web.WebResponsePacket;
+import org.openautonomousconnection.protocol.side.web.ProtocolWebServer;
+import org.openautonomousconnection.protocol.side.web.managers.SessionManager;
+import org.openautonomousconnection.protocol.versions.v1_0_0.beta.WebRequestMethod;
+import org.openautonomousconnection.webserver.api.Route;
+import org.openautonomousconnection.webserver.api.WebPage;
+import org.openautonomousconnection.webserver.api.WebPageContext;
+import org.openautonomousconnection.webserver.utils.Html;
+import org.openautonomousconnection.webserver.utils.RequestParams;
+
+import java.util.HashMap;
+import java.util.Map;
+
+/**
+ * Registration page.
+ *
+ * POST headers expected:
+ * - username
+ * - password
+ *
+ * Stores:
+ * - users.username = sha256(username)
+ * - users.password = PBKDF2$sha256$...
+ */
+@Route(path = "ins/register")
+public final class register implements WebPage {
+
+    @Override
+    public WebResponsePacket handle(WebPageContext ctx) throws Exception {
+        if (ctx.request.getMethod() != WebRequestMethod.POST) {
+            return renderForm(null, null);
+        }
+
+        RequestParams p = new RequestParams(ctx.request);
+
+        String username = p.get("username");
+        String password = p.get("password");
+
+        if (username == null || username.isBlank() || password == null || password.isBlank()) {
+            return renderForm("Missing username/password (send via headers).", null);
+        }
+
+        Oac2WebApp app = Oac2WebApp.get();
+
+        String usernameHash = Sha256.hex(username.trim());
+        String passwordEnc = app.passwordHasher().hash(password);
+
+        try {
+            int userId = app.dao().createUser(usernameHash, passwordEnc);
+
+            String ip = (ctx.client.getConnection().getSocket() != null && ctx.client.getConnection().getSocket().getInetAddress() != null)
+                    ? ctx.client.getConnection().getSocket().getInetAddress().getHostAddress()
+                    : "";
+
+            String ua = ctx.request.getHeaders() != null ? ctx.request.getHeaders().getOrDefault("user-agent", "") : "";
+
+            // SessionManager user string: we store numeric users.id as string.
+            String session = SessionManager.create(String.valueOf(userId), ip, ua, (ProtocolWebServer) ctx.client.getServer());
+
+            Map<String, String> headers = new HashMap<>();
+            headers.put("session", session);
+            headers.put("location", "/dashboard");
+
+            return new WebResponsePacket(302, "text/plain", headers, new byte[0]);
+
+        } catch (Exception e) {
+            // likely UNIQUE violation on users.username (hashed)
+            return renderForm("Register failed: " + e.getMessage(), null);
+        }
+    }
+
+    private WebResponsePacket renderForm(String err, String ok) {
+        String body = """
+                <div class="card">
+                  <h2>Register</h2>
+                  %s
+                  %s
+                  <p class="muted">Send a POST request with headers <code>username</code> and <code>password</code>.</p>
+                  <div class="row">
+                    <div class="col"><a href="/login">Login</a></div>
+                    <div class="col"><a href="/">Home</a></div>
+                  </div>
+                </div>
+                """.formatted(
+                err == null ? "" : "<p class='err'>" + Html.esc(err) + "</p>",
+                ok == null ? "" : "<p class='ok'>" + Html.esc(ok) + "</p>"
+        );
+
+        String html = Html.page("Register", body);
+        return new WebResponsePacket(200, "text/html", new HashMap<>(), Html.utf8(html));
+    }
+}