Milestone 3

due at midnight on   +125

For this milestone, we will investigate HTML form processing and password authentication.

You can continue working in your sparkdemo project, but I will ask you to create new classes and programs within that project. Please pay close attention to class and method names — following my instructions accurately will make it more convenient and less error-prone for me to evaluate your code.

Commit and push to the Git server as often as you like — it’s a good way to keep backups of your work. When you have a commit candidate that you think is your final submission, please include #milestone3 in the first line of the commit message — I will search for that when figuring out what to grade.

  1. Following the AuthDemo created in class, further validate that a new user’s password meets specific requirements. For example:

    • Length must be >= 7
    • Must contain a digit
    • Must contain both upper and lower-case letters

  2. On the set-password form, assuming that both passwords match and meet other requirements (above), salt and hash the password and store the combined string in the database along with the email address.

  3. To process the login form, take the email address, look it up in the DB to get the combined (salted/hashed) password. Then check whether the password matches by rerunning the salt/hash procedure (second half of the program in SaltAndHash). Accept or reject the login.

Whatever database table you created to store users’ email addresses and passwords, paste the CREATE TABLE statement into a comment in your AuthDemo class. Then it’s easy for me to recreate the same table on my database.

CREATE TABLE user
  ( email  varchar(255) not null primary key
  , saltPwd  varchar(255) not null default ''
  -- other fields up to you
  );
PDF