Fixed #644 - trim text inputs before save

ddd65c3d · Robert Goldmann · 63bd429b · ddd65c3d · ddd65c3d · ddd65c3d
Commit ddd65c3d authored Sep 26, 2021 by Robert Goldmann
--- a/src/main/java/de/deadlocker8/budgetmaster/advices/GlobalControllerAdvice.java
+++ b/src/main/java/de/deadlocker8/budgetmaster/advices/GlobalControllerAdvice.java
+package de.deadlocker8.budgetmaster.advices;
+import org.springframework.beans.propertyeditors.StringTrimmerEditor;
+import org.springframework.web.bind.WebDataBinder;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.InitBinder;
+@ControllerAdvice
+public class GlobalControllerAdvice
+{
+	@InitBinder
+	public void initBinder(WebDataBinder binder)
+	{
+		StringTrimmerEditor trimmer = new StringTrimmerEditor(false);
+		binder.registerCustomEditor(String.class, trimmer);
+	}
+}
--- a/src/main/java/de/deadlocker8/budgetmaster/authentication/WebSecurityConfig.java
+++ b/src/main/java/de/deadlocker8/budgetmaster/authentication/WebSecurityConfig.java
@@ -3,11 +3,13 @@ package de.deadlocker8.budgetmaster.authentication;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.annotation.web.configurers.FormLoginConfigurer;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.DefaultRedirectStrategy;

--- a/src/main/resources/static/js/main.js
+++ b/src/main/resources/static/js/main.js
@@ -119,3 +119,9 @@ function rgb2hex(rgb)
    return "#" + hex(rgb[1]) + hex(rgb[2]) + hex(rgb[3]);
 }
+function validateLoginForm()
+{
+    let passwordInput = document.getElementById('login-password');
+    passwordInput.value = passwordInput.value.trim();
+}
--- a/src/main/resources/templates/login.ftl
+++ b/src/main/resources/templates/login.ftl
@@ -15,7 +15,7 @@
                            <div class="card-title">
                                <div id="logo-container" class="center-align"><@header.logo "logo" ""/></div>
                            </div>
-                            <form action="<@s.url '/login'/>" method="post">
+                            <form action="<@s.url '/login'/>" method="post" onsubmit="return validateLoginForm()">
                                <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
                                <input type="hidden" name="username" value="Default">