Merge branch '88-change-password' into 87-inviting-user

This commit is contained in:
Artem.Arefev 2019-05-17 03:59:28 +04:00
commit b9748905d1
14 changed files with 130 additions and 59 deletions

View File

@ -6,6 +6,7 @@ public class Constants {
public static final String MAIL_ACTIVATE = "Account activation"; public static final String MAIL_ACTIVATE = "Account activation";
public static final String MAIL_RESET = "Password reset"; public static final String MAIL_RESET = "Password reset";
public static final String MAIL_INVITE = "Account registration"; public static final String MAIL_INVITE = "Account registration";
public static final String MAIL_CHANGE_PASSWORD = "Password has been changed";
public static final int MIN_PASSWORD_LENGTH = 6; public static final int MIN_PASSWORD_LENGTH = 6;
public static final int MAX_PASSWORD_LENGTH = 32; public static final int MAX_PASSWORD_LENGTH = 32;

View File

@ -8,7 +8,7 @@ public enum ErrorConstants {
USER_ACTIVATION_ERROR(101, "Invalid activation key"), USER_ACTIVATION_ERROR(101, "Invalid activation key"),
USER_EMAIL_EXISTS(102, "User with same email already exists"), USER_EMAIL_EXISTS(102, "User with same email already exists"),
USER_LOGIN_EXISTS(103, "User with same login already exists"), USER_LOGIN_EXISTS(103, "User with same login already exists"),
USER_PASSWORDS_NOT_VALID_OR_NOT_MATCH(104, "User passwords is not valid or not match"), USER_PASSWORDS_NOT_VALID_OR_NOT_MATCH(104, "Пароли введены неверно"),
USER_NOT_FOUND(105, "User is not found"), USER_NOT_FOUND(105, "User is not found"),
USER_NOT_ACTIVATED(106, "User is not activated"), USER_NOT_ACTIVATED(106, "User is not activated"),
USER_RESET_ERROR(107, "Invalid reset key"), USER_RESET_ERROR(107, "Invalid reset key"),

View File

@ -11,6 +11,6 @@ public class Response<D> extends ResponseEntity<Object> {
} }
public Response(ErrorConstants error) { public Response(ErrorConstants error) {
super(new ControllerResponse<Void, Void>(new ControllerResponseError<>(error, null)), HttpStatus.OK); super(new ControllerResponse<Void, Void>(new ControllerResponseError<>(error, null)), HttpStatus.BAD_REQUEST);
} }
} }

View File

@ -7,6 +7,6 @@ import ru.ulstu.core.model.ErrorConstants;
public class ResponseExtended<E> extends ResponseEntity<Object> { public class ResponseExtended<E> extends ResponseEntity<Object> {
public ResponseExtended(ErrorConstants error, E errorData) { public ResponseExtended(ErrorConstants error, E errorData) {
super(new ControllerResponse<Void, E>(new ControllerResponseError<E>(error, errorData)), HttpStatus.OK); super(new ControllerResponse<Void, E>(new ControllerResponseError<E>(error, errorData)), HttpStatus.BAD_REQUEST);
} }
} }

View File

@ -19,6 +19,7 @@ import ru.ulstu.odin.controller.OdinController;
import ru.ulstu.odin.model.OdinMetadata; import ru.ulstu.odin.model.OdinMetadata;
import ru.ulstu.odin.model.OdinVoid; import ru.ulstu.odin.model.OdinVoid;
import ru.ulstu.odin.service.OdinService; import ru.ulstu.odin.service.OdinService;
import ru.ulstu.user.model.User;
import ru.ulstu.user.model.UserDto; import ru.ulstu.user.model.UserDto;
import ru.ulstu.user.model.UserListDto; import ru.ulstu.user.model.UserListDto;
import ru.ulstu.user.model.UserResetPasswordDto; import ru.ulstu.user.model.UserResetPasswordDto;
@ -28,8 +29,12 @@ import ru.ulstu.user.model.UserSessionListDto;
import ru.ulstu.user.service.UserService; import ru.ulstu.user.service.UserService;
import ru.ulstu.user.service.UserSessionService; import ru.ulstu.user.service.UserSessionService;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.validation.Valid; import javax.validation.Valid;
import java.util.Map;
import static ru.ulstu.user.controller.UserController.URL; import static ru.ulstu.user.controller.UserController.URL;
@RestController @RestController
@ -141,13 +146,6 @@ public class UserController extends OdinController<UserListDto, UserDto> {
return new Response<>(userService.activateUser(activationKey)); return new Response<>(userService.activateUser(activationKey));
} }
// TODO: add page for user password change (user-profile)
@PostMapping("/change-password")
public Response<UserDto> changePassword(@Valid @RequestBody UserDto userDto) {
log.debug("REST: UserController.changePassword( {} )", userDto.getLogin());
return new Response<>(userService.changeUserPassword(userDto));
}
@PostMapping(PASSWORD_RESET_REQUEST_URL) @PostMapping(PASSWORD_RESET_REQUEST_URL)
public Response<Boolean> requestPasswordReset(@RequestParam("email") String email) { public Response<Boolean> requestPasswordReset(@RequestParam("email") String email) {
log.debug("REST: UserController.requestPasswordReset( {} )", email); log.debug("REST: UserController.requestPasswordReset( {} )", email);
@ -160,4 +158,12 @@ public class UserController extends OdinController<UserListDto, UserDto> {
log.debug("REST: UserController.requestPasswordReset( {} )", key); log.debug("REST: UserController.requestPasswordReset( {} )", key);
return new Response<>(userService.completeUserPasswordReset(key, userResetPasswordDto)); return new Response<>(userService.completeUserPasswordReset(key, userResetPasswordDto));
} }
@PostMapping("/changePassword")
public void changePassword(@RequestBody Map<String, String> payload, HttpServletRequest request) {
HttpSession session = request.getSession(false);
final String sessionId = session.getAttribute(Constants.SESSION_ID_ATTR).toString();
User user = userSessionService.getUserBySessionId(sessionId);
userService.changeUserPassword(user, payload);
}
} }

View File

@ -3,9 +3,7 @@ package ru.ulstu.user.controller;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.ui.ModelMap; import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
@ -37,12 +35,6 @@ public class UserMvcController extends OdinController<UserListDto, UserDto> {
this.userSessionService = userSessionService; this.userSessionService = userSessionService;
} }
@ExceptionHandler(Exception.class)
public String errorHandler(Model model, Exception exception) {
model.addAttribute("error", exception.getMessage());
return "/error/error";
}
@GetMapping("/profile") @GetMapping("/profile")
public void getUserProfile(ModelMap modelMap, HttpServletRequest request) { public void getUserProfile(ModelMap modelMap, HttpServletRequest request) {
HttpSession session = request.getSession(false); HttpSession session = request.getSession(false);

View File

@ -1,6 +1,7 @@
package ru.ulstu.user.error; package ru.ulstu.user.error;
public class UserPasswordsNotValidOrNotMatchException extends RuntimeException { public class UserPasswordsNotValidOrNotMatchException extends RuntimeException {
public UserPasswordsNotValidOrNotMatchException() { public UserPasswordsNotValidOrNotMatchException(String message) {
super(message);
} }
} }

View File

@ -114,4 +114,10 @@ public class MailService {
public void sendInviteMail(Map<String, Object> variables, String email) throws MessagingException { public void sendInviteMail(Map<String, Object> variables, String email) throws MessagingException {
sendEmailFromTemplate(variables, "userInviteEmail", Constants.MAIL_INVITE, email); sendEmailFromTemplate(variables, "userInviteEmail", Constants.MAIL_INVITE, email);
} }
@Async
public void sendChangePasswordMail(User user) {
sendEmailFromTemplate(user, "passwordChangeEmail", Constants.MAIL_CHANGE_PASSWORD);
}
} }

View File

@ -128,7 +128,7 @@ public class UserService implements UserDetailsService {
throw new UserEmailExistsException(userDto.getEmail()); throw new UserEmailExistsException(userDto.getEmail());
} }
if (!userDto.isPasswordsValid()) { if (!userDto.isPasswordsValid()) {
throw new UserPasswordsNotValidOrNotMatchException(); throw new UserPasswordsNotValidOrNotMatchException("");
} }
User user = userMapper.userDtoToUserEntity(userDto); User user = userMapper.userDtoToUserEntity(userDto);
user.setActivated(false); user.setActivated(false);
@ -198,10 +198,10 @@ public class UserService implements UserDetailsService {
: roles); : roles);
if (!StringUtils.isEmpty(userDto.getOldPassword())) { if (!StringUtils.isEmpty(userDto.getOldPassword())) {
if (!userDto.isPasswordsValid() || !userDto.isOldPasswordValid()) { if (!userDto.isPasswordsValid() || !userDto.isOldPasswordValid()) {
throw new UserPasswordsNotValidOrNotMatchException(); throw new UserPasswordsNotValidOrNotMatchException("");
} }
if (!passwordEncoder.matches(userDto.getOldPassword(), user.getPassword())) { if (!passwordEncoder.matches(userDto.getOldPassword(), user.getPassword())) {
throw new UserPasswordsNotValidOrNotMatchException(); throw new UserPasswordsNotValidOrNotMatchException("");
} }
user.setPassword(passwordEncoder.encode(userDto.getPassword())); user.setPassword(passwordEncoder.encode(userDto.getPassword()));
log.debug("Changed password for User: {}", user.getLogin()); log.debug("Changed password for User: {}", user.getLogin());
@ -221,24 +221,18 @@ public class UserService implements UserDetailsService {
return userMapper.userEntityToUserDto(user); return userMapper.userEntityToUserDto(user);
} }
public UserDto changeUserPassword(UserDto userDto) { public void changeUserPassword(User user, Map<String, String> payload) {
if (userDto.getId() == null) { if (!payload.get("password").equals(payload.get("confirmPassword"))) {
throw new EntityIdIsNullException(); throw new UserPasswordsNotValidOrNotMatchException("");
} }
if (!userDto.isPasswordsValid() || !userDto.isOldPasswordValid()) { if (!passwordEncoder.matches(payload.get("oldPassword"), user.getPassword())) {
throw new UserPasswordsNotValidOrNotMatchException(); throw new UserPasswordsNotValidOrNotMatchException("Старый пароль введен неправильно");
} }
final String login = UserUtils.getCurrentUserLogin(); user.setPassword(passwordEncoder.encode(payload.get("password")));
final User user = userRepository.findOneByLoginIgnoreCase(login);
if (user == null) {
throw new UserNotFoundException(login);
}
if (!passwordEncoder.matches(userDto.getOldPassword(), user.getPassword())) {
throw new UserPasswordsNotValidOrNotMatchException();
}
user.setPassword(passwordEncoder.encode(userDto.getPassword()));
log.debug("Changed password for User: {}", user.getLogin()); log.debug("Changed password for User: {}", user.getLogin());
return userMapper.userEntityToUserDto(userRepository.save(user)); userRepository.save(user);
mailService.sendChangePasswordMail(user);
} }
public boolean requestUserPasswordReset(String email) { public boolean requestUserPasswordReset(String email) {
@ -259,7 +253,7 @@ public class UserService implements UserDetailsService {
public boolean completeUserPasswordReset(String key, UserResetPasswordDto userResetPasswordDto) { public boolean completeUserPasswordReset(String key, UserResetPasswordDto userResetPasswordDto) {
if (!userResetPasswordDto.isPasswordsValid()) { if (!userResetPasswordDto.isPasswordsValid()) {
throw new UserPasswordsNotValidOrNotMatchException(); throw new UserPasswordsNotValidOrNotMatchException("");
} }
User user = userRepository.findOneByResetKey(key); User user = userRepository.findOneByResetKey(key);
if (user == null) { if (user == null) {

View File

@ -0,0 +1,21 @@
<!DOCTYPE html>
<html xmlns:th="http://www.thymeleaf.org">
<head>
<title>Password reset</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
<link rel="shortcut icon" th:href="@{|${baseUrl}/favicon.ico|}"/>
</head>
<body>
<p>
Dear <span th:text="${user.firstName + ' ' + user.lastName}">Ivan Ivanov</span>
</p>
<p>
Your password has been changed.
</p>
<p>
Regards,
<br/>
<em>Balance Team.</em>
</p>
</body>
</html>

View File

@ -0,0 +1,33 @@
function changePassword() {
oldPassword = document.getElementById("oldPassword").value
password = document.getElementById("password").value
confirmPassword = document.getElementById("confirmPassword").value
if ([oldPassword.length, password.length, confirmPassword.length].includes(0)) {
alert("Заполните все поля");
return;
}
if (password != confirmPassword) {
alert("Повторный пароль введен неверно");
return;
}
$.ajax({
url:"/api/1.0/users/changePassword",
contentType: "application/json; charset=utf-8",
data: JSON.stringify({
"oldPassword": document.getElementById("oldPassword").value,
"password": document.getElementById("password").value,
"confirmPassword": document.getElementById("confirmPassword").value,
}),
method: "POST",
success: function() {
document.getElementById("closeModalPassword").click();
alert("Пароль был обновлен");
},
error: function(errorData) {
alert(errorData.responseJSON.error.message)
}
})
}

View File

@ -70,6 +70,7 @@
<a class="dropdown-item" href="/users/profile">Личный кабинет</a> <a class="dropdown-item" href="/users/profile">Личный кабинет</a>
<a class="dropdown-item" href="/logout">Выход</a> <a class="dropdown-item" href="/logout">Выход</a>
<a class="dropdown-item" data-toggle="modal" href="invite.html" data-target="#inviteModal">Пригласить</a> <a class="dropdown-item" data-toggle="modal" href="invite.html" data-target="#inviteModal">Пригласить</a>
<a class="dropdown-item" data-toggle="modal" data-target="#changePasswordModal">Сменить пароль</a>
</div> </div>
</li> </li>
</ul> </ul>
@ -77,6 +78,7 @@
</div> </div>
</nav> </nav>
<div th:replace="users/inviteModal"/> <div th:replace="users/inviteModal"/>
<div th:replace="users/changePassword"/>
<div class="container-fluid"> <div class="container-fluid">
<div class="container"> <div class="container">
<ul id="messages" class="feedback-panel"> <ul id="messages" class="feedback-panel">

View File

@ -1,21 +0,0 @@
<!DOCTYPE html>
<html lang="en"
xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
layout:decorator="default" xmlns:th="http://www.w3.org/1999/xhtml">
<head>
</head>
<body>
<div class="container" layout:fragment="content">
<section id="services">
<div class="container">
<div class="row">
<div class="col-lg-12 text-center">
<h2 class="section-heading text-uppercase"><span th:text="${error}"></span></h2>
<a href="/"><h3>Вернуться на главную</h3></a>
</div>
</div>
</div>
</section>
</div>
</body>
</html>

View File

@ -0,0 +1,36 @@
<!DOCTYPE HTML>
<html xmlns:th="http://www.thymeleaf.org">
<head th:fragment="headerfiles">
<meta charset="UTF-8"/>
<script type='text/javascript' src="js/users.js"></script>
</head>
<body>
<div id="changePasswordModal" class="modal fade text-center">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<h5 class="modal-title" id="label">Пригласить пользователя</h5>
<button type="button" class="close" data-dismiss="modal" aria-label="Close">
<span aria-hidden="true">&times;</span>
</button>
</div>
<div class="modal-body">
<input class="form-control" id="oldPassword" type="password"
placeholder="Старый пароль" required="required" name="oldPassword"/>
<br/>
<input class="form-control" id="password" type="password"
placeholder="Новый пароль" required="required" name="password"/>
<br/>
<input class="form-control" id="confirmPassword" type="password"
placeholder="Подтверждение нового пароля" required="required" name="confirmPassword"/>
</div>
<div class="modal-footer">
<button id="closeModalPassword" type="button" class="btn btn-secondary" data-dismiss="modal">Закрыть
</button>
<button type="button" onclick="changePassword()" class="btn btn-primary">Сохранить</button>
</div>
</div>
</div>
</div>
</body>
</html>