|
@@ -0,0 +1,192 @@
|
|
1
|
+package rocks.zipcode.io.web.rest;
|
|
2
|
+
|
|
3
|
+import com.codahale.metrics.annotation.Timed;
|
|
4
|
+
|
|
5
|
+import rocks.zipcode.io.domain.User;
|
|
6
|
+import rocks.zipcode.io.repository.ProfileRepository;
|
|
7
|
+import rocks.zipcode.io.repository.UserRepository;
|
|
8
|
+import rocks.zipcode.io.security.SecurityUtils;
|
|
9
|
+import rocks.zipcode.io.service.MailService;
|
|
10
|
+import rocks.zipcode.io.service.UserService;
|
|
11
|
+import rocks.zipcode.io.service.dto.PasswordChangeDTO;
|
|
12
|
+import rocks.zipcode.io.service.dto.UserDTO;
|
|
13
|
+import rocks.zipcode.io.web.rest.errors.*;
|
|
14
|
+import rocks.zipcode.io.web.rest.vm.KeyAndPasswordVM;
|
|
15
|
+import rocks.zipcode.io.web.rest.vm.ManagedUserVM;
|
|
16
|
+
|
|
17
|
+import org.apache.commons.lang3.StringUtils;
|
|
18
|
+import org.slf4j.Logger;
|
|
19
|
+import org.slf4j.LoggerFactory;
|
|
20
|
+import org.springframework.http.HttpStatus;
|
|
21
|
+import org.springframework.web.bind.annotation.*;
|
|
22
|
+
|
|
23
|
+import javax.servlet.http.HttpServletRequest;
|
|
24
|
+import javax.validation.Valid;
|
|
25
|
+import java.util.*;
|
|
26
|
+
|
|
27
|
+
|
|
28
|
+/**
|
|
29
|
+ * REST controller for managing the current user's account.
|
|
30
|
+ */
|
|
31
|
+@RestController
|
|
32
|
+@RequestMapping("/api")
|
|
33
|
+public class AccountResource {
|
|
34
|
+
|
|
35
|
+ private final Logger log = LoggerFactory.getLogger(AccountResource.class);
|
|
36
|
+
|
|
37
|
+ private final UserRepository userRepository;
|
|
38
|
+
|
|
39
|
+ private final UserService userService;
|
|
40
|
+
|
|
41
|
+ private final MailService mailService;
|
|
42
|
+
|
|
43
|
+ public AccountResource(UserRepository userRepository, UserService userService, MailService mailService) {
|
|
44
|
+
|
|
45
|
+ this.userRepository = userRepository;
|
|
46
|
+ this.userService = userService;
|
|
47
|
+ this.mailService = mailService;
|
|
48
|
+ }
|
|
49
|
+
|
|
50
|
+ /**
|
|
51
|
+ * POST /register : register the user.
|
|
52
|
+ *
|
|
53
|
+ * @param managedUserVM the managed user View Model
|
|
54
|
+ * @throws InvalidPasswordException 400 (Bad Request) if the password is incorrect
|
|
55
|
+ * @throws EmailAlreadyUsedException 400 (Bad Request) if the email is already used
|
|
56
|
+ * @throws LoginAlreadyUsedException 400 (Bad Request) if the login is already used
|
|
57
|
+ */
|
|
58
|
+ @PostMapping("/register")
|
|
59
|
+ @Timed
|
|
60
|
+ @ResponseStatus(HttpStatus.CREATED)
|
|
61
|
+ public void registerAccount(@Valid @RequestBody ManagedUserVM managedUserVM) {
|
|
62
|
+ if (!checkPasswordLength(managedUserVM.getPassword())) {
|
|
63
|
+ throw new InvalidPasswordException();
|
|
64
|
+ }
|
|
65
|
+ User user = userService.registerUser(managedUserVM, managedUserVM.getPassword());
|
|
66
|
+ mailService.sendActivationEmail(user);
|
|
67
|
+ System.out.println("1");
|
|
68
|
+ }
|
|
69
|
+
|
|
70
|
+ /**
|
|
71
|
+ * GET /activate : activate the registered user.
|
|
72
|
+ *
|
|
73
|
+ * @param key the activation key
|
|
74
|
+ * @throws RuntimeException 500 (Internal Server Error) if the user couldn't be activated
|
|
75
|
+ */
|
|
76
|
+ @GetMapping("/activate")
|
|
77
|
+ @Timed
|
|
78
|
+ public void activateAccount(@RequestParam(value = "key") String key) {
|
|
79
|
+ Optional<User> user = userService.activateRegistration(key);
|
|
80
|
+ if (!user.isPresent()) {
|
|
81
|
+ throw new InternalServerErrorException("No user was found for this activation key");
|
|
82
|
+ }
|
|
83
|
+ }
|
|
84
|
+
|
|
85
|
+ /**
|
|
86
|
+ * GET /authenticate : check if the user is authenticated, and return its login.
|
|
87
|
+ *
|
|
88
|
+ * @param request the HTTP request
|
|
89
|
+ * @return the login if the user is authenticated
|
|
90
|
+ */
|
|
91
|
+ @GetMapping("/authenticate")
|
|
92
|
+ @Timed
|
|
93
|
+ public String isAuthenticated(HttpServletRequest request) {
|
|
94
|
+ log.debug("REST request to check if the current user is authenticated");
|
|
95
|
+ System.out.println("3");
|
|
96
|
+ return request.getRemoteUser();
|
|
97
|
+ }
|
|
98
|
+
|
|
99
|
+ /**
|
|
100
|
+ * GET /account : get the current user.
|
|
101
|
+ *
|
|
102
|
+ * @return the current user
|
|
103
|
+ * @throws RuntimeException 500 (Internal Server Error) if the user couldn't be returned
|
|
104
|
+ */
|
|
105
|
+ @GetMapping("/account")
|
|
106
|
+ @Timed
|
|
107
|
+ public UserDTO getAccount() {
|
|
108
|
+ System.out.println("4");
|
|
109
|
+ return userService.getUserWithAuthorities()
|
|
110
|
+ .map(UserDTO::new)
|
|
111
|
+ .orElseThrow(() -> new InternalServerErrorException("User could not be found"));
|
|
112
|
+ }
|
|
113
|
+
|
|
114
|
+ /**
|
|
115
|
+ * POST /account : update the current user information.
|
|
116
|
+ *
|
|
117
|
+ * @param userDTO the current user information
|
|
118
|
+ * @throws EmailAlreadyUsedException 400 (Bad Request) if the email is already used
|
|
119
|
+ * @throws RuntimeException 500 (Internal Server Error) if the user login wasn't found
|
|
120
|
+ */
|
|
121
|
+ @PostMapping("/account")
|
|
122
|
+ @Timed
|
|
123
|
+ public void saveAccount(@Valid @RequestBody UserDTO userDTO) {
|
|
124
|
+ final String userLogin = SecurityUtils.getCurrentUserLogin().orElseThrow(() -> new InternalServerErrorException("Current user login not found"));
|
|
125
|
+ Optional<User> existingUser = userRepository.findOneByEmailIgnoreCase(userDTO.getEmail());
|
|
126
|
+ if (existingUser.isPresent() && (!existingUser.get().getLogin().equalsIgnoreCase(userLogin))) {
|
|
127
|
+ throw new EmailAlreadyUsedException();
|
|
128
|
+ }
|
|
129
|
+ Optional<User> user = userRepository.findOneByLogin(userLogin);
|
|
130
|
+ if (!user.isPresent()) {
|
|
131
|
+ throw new InternalServerErrorException("User could not be found");
|
|
132
|
+ }
|
|
133
|
+ userService.updateUser(userDTO.getFirstName(), userDTO.getLastName(), userDTO.getEmail(), userDTO.getLangKey(), userDTO.getImageUrl());
|
|
134
|
+ }
|
|
135
|
+
|
|
136
|
+ /**
|
|
137
|
+ * POST /account/change-password : changes the current user's password
|
|
138
|
+ *
|
|
139
|
+ * @param passwordChangeDto current and new password
|
|
140
|
+ * @throws InvalidPasswordException 400 (Bad Request) if the new password is incorrect
|
|
141
|
+ */
|
|
142
|
+ @PostMapping(path = "/account/change-password")
|
|
143
|
+ @Timed
|
|
144
|
+ public void changePassword(@RequestBody PasswordChangeDTO passwordChangeDto) {
|
|
145
|
+ if (!checkPasswordLength(passwordChangeDto.getNewPassword())) {
|
|
146
|
+ throw new InvalidPasswordException();
|
|
147
|
+ }
|
|
148
|
+ userService.changePassword(passwordChangeDto.getCurrentPassword(), passwordChangeDto.getNewPassword());
|
|
149
|
+ }
|
|
150
|
+
|
|
151
|
+ /**
|
|
152
|
+ * POST /account/reset-password/init : Send an email to reset the password of the user
|
|
153
|
+ *
|
|
154
|
+ * @param mail the mail of the user
|
|
155
|
+ * @throws EmailNotFoundException 400 (Bad Request) if the email address is not registered
|
|
156
|
+ */
|
|
157
|
+ @PostMapping(path = "/account/reset-password/init")
|
|
158
|
+ @Timed
|
|
159
|
+ public void requestPasswordReset(@RequestBody String mail) {
|
|
160
|
+ mailService.sendPasswordResetMail(
|
|
161
|
+ userService.requestPasswordReset(mail)
|
|
162
|
+ .orElseThrow(EmailNotFoundException::new)
|
|
163
|
+ );
|
|
164
|
+ }
|
|
165
|
+
|
|
166
|
+ /**
|
|
167
|
+ * POST /account/reset-password/finish : Finish to reset the password of the user
|
|
168
|
+ *
|
|
169
|
+ * @param keyAndPassword the generated key and the new password
|
|
170
|
+ * @throws InvalidPasswordException 400 (Bad Request) if the password is incorrect
|
|
171
|
+ * @throws RuntimeException 500 (Internal Server Error) if the password could not be reset
|
|
172
|
+ */
|
|
173
|
+ @PostMapping(path = "/account/reset-password/finish")
|
|
174
|
+ @Timed
|
|
175
|
+ public void finishPasswordReset(@RequestBody KeyAndPasswordVM keyAndPassword) {
|
|
176
|
+ if (!checkPasswordLength(keyAndPassword.getNewPassword())) {
|
|
177
|
+ throw new InvalidPasswordException();
|
|
178
|
+ }
|
|
179
|
+ Optional<User> user =
|
|
180
|
+ userService.completePasswordReset(keyAndPassword.getNewPassword(), keyAndPassword.getKey());
|
|
181
|
+
|
|
182
|
+ if (!user.isPresent()) {
|
|
183
|
+ throw new InternalServerErrorException("No user was found for this reset key");
|
|
184
|
+ }
|
|
185
|
+ }
|
|
186
|
+
|
|
187
|
+ private static boolean checkPasswordLength(String password) {
|
|
188
|
+ return !StringUtils.isEmpty(password) &&
|
|
189
|
+ password.length() >= ManagedUserVM.PASSWORD_MIN_LENGTH &&
|
|
190
|
+ password.length() <= ManagedUserVM.PASSWORD_MAX_LENGTH;
|
|
191
|
+ }
|
|
192
|
+}
|