Merge branch '89-restore-password' into 'dev'

Resolve "Восстановление пароля" Closes #89 See merge request romanov73/ng-tracker!101
2019-05-24 06:34:18 +00:00 · 2019-05-24 06:34:18 +00:00 · d4364b9767
commit d4364b9767
parent 82ae42f7fc 8bb9e3a844
13 changed files with 163 additions and 84 deletions
--- a/src/main/java/ru/ulstu/configuration/Constants.java
+++ b/src/main/java/ru/ulstu/configuration/Constants.java
@ -21,4 +21,5 @@ public class Constants {
    public static final String PASSWORD_RESET_REQUEST_PAGE = "/resetRequest";
    public static final String PASSWORD_RESET_PAGE = "/reset";

+    public static final int RESET_KEY_LENGTH = 6;
 }
--- a/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java
+++ b/src/main/java/ru/ulstu/configuration/SecurityConfiguration.java
@ -104,7 +104,8 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
                .antMatchers("/css/**")
                .antMatchers("/js/**")
                .antMatchers("/templates/**")
-                .antMatchers("/webjars/**");
+                .antMatchers("/webjars/**")
+                .antMatchers("/img/**");
    }

    @Autowired
--- a/src/main/java/ru/ulstu/core/controller/AdviceController.java
+++ b/src/main/java/ru/ulstu/core/controller/AdviceController.java
@ -35,11 +35,6 @@ public class AdviceController {
        this.userService = userService;
    }

-    @ModelAttribute("currentUser")
-    public String getCurrentUser() {
-        return userService.getCurrentUser().getUserAbbreviate();
-    }
-
    @ModelAttribute("flashMessage")
    public String getFlashMessage() {
        return null;
--- a/src/main/java/ru/ulstu/core/model/ErrorConstants.java
+++ b/src/main/java/ru/ulstu/core/model/ErrorConstants.java
@ -9,9 +9,9 @@ public enum ErrorConstants {
    USER_EMAIL_EXISTS(102, "Пользователь с таким почтовым ящиком уже существует"),
    USER_LOGIN_EXISTS(103, "Пользователь с таким логином уже существует"),
    USER_PASSWORDS_NOT_VALID_OR_NOT_MATCH(104, "Пароли введены неверно"),
-    USER_NOT_FOUND(105, "User is not found"),
+    USER_NOT_FOUND(105, "Аккаунт не найден"),
    USER_NOT_ACTIVATED(106, "User is not activated"),
-    USER_RESET_ERROR(107, "Invalid reset key"),
+    USER_RESET_ERROR(107, "Некорректный ключ подтверждения"),
    USER_UNDEAD_ERROR(108, "Can't edit/delete that user"),
    FILE_UPLOAD_ERROR(110, "File upload error"),
    USER_SENDING_MAIL_EXCEPTION(111, "Во время отправки приглашения пользователю произошла ошибка");
--- a/src/main/java/ru/ulstu/user/controller/UserController.java
+++ b/src/main/java/ru/ulstu/user/controller/UserController.java
@ -148,16 +148,15 @@ public class UserController extends OdinController<UserListDto, UserDto> {
    }

    @PostMapping(PASSWORD_RESET_REQUEST_URL)
-    public Response<Boolean> requestPasswordReset(@RequestParam("email") String email) {
+    public void requestPasswordReset(@RequestParam("email") String email) {
        log.debug("REST: UserController.requestPasswordReset( {} )", email);
-        return new Response<>(userService.requestUserPasswordReset(email));
+        userService.requestUserPasswordReset(email);
    }

    @PostMapping(PASSWORD_RESET_URL)
-    public Response<Boolean> finishPasswordReset(@RequestParam("key") String key,
-                                                 @RequestBody UserResetPasswordDto userResetPasswordDto) {
-        log.debug("REST: UserController.requestPasswordReset( {} )", key);
-        return new Response<>(userService.completeUserPasswordReset(key, userResetPasswordDto));
+    public Response<Boolean> finishPasswordReset(@RequestBody UserResetPasswordDto userResetPasswordDto) {
+        log.debug("REST: UserController.requestPasswordReset( {} )", userResetPasswordDto.getResetKey());
+        return new Response<>(userService.completeUserPasswordReset(userResetPasswordDto));
    }

    @PostMapping("/changePassword")
--- a/src/main/java/ru/ulstu/user/model/UserResetPasswordDto.java
+++ b/src/main/java/ru/ulstu/user/model/UserResetPasswordDto.java
@ -14,6 +14,10 @@ public class UserResetPasswordDto {
    @Size(min = Constants.MIN_PASSWORD_LENGTH, max = 50)
    private String passwordConfirm;

+    @NotEmpty
+    @Size(min = Constants.RESET_KEY_LENGTH)
+    private String resetKey;
+
    public String getPassword() {
        return password;
    }
@ -25,4 +29,8 @@ public class UserResetPasswordDto {
    public boolean isPasswordsValid() {
        return Objects.equals(password, passwordConfirm);
    }
+
+    public String getResetKey() {
+        return resetKey;
+    }
 }
--- a/src/main/java/ru/ulstu/user/service/MailService.java
+++ b/src/main/java/ru/ulstu/user/service/MailService.java
@ -106,8 +106,7 @@ public class MailService {
        sendEmailFromTemplate(user, "activationEmail", Constants.MAIL_ACTIVATE);
    }

-    @Async
-    public void sendPasswordResetMail(User user) {
+    public void sendPasswordResetMail(User user) throws MessagingException, MailException {
        sendEmailFromTemplate(user, "passwordResetEmail", Constants.MAIL_RESET);
    }

@ -118,6 +117,5 @@ public class MailService {
    @Async
    public void sendChangePasswordMail(User user) {
        sendEmailFromTemplate(user, "passwordChangeEmail", Constants.MAIL_CHANGE_PASSWORD);
-
    }
 }
--- a/src/main/java/ru/ulstu/user/service/UserService.java
+++ b/src/main/java/ru/ulstu/user/service/UserService.java
@ -236,7 +236,7 @@ public class UserService implements UserDetailsService {
        mailService.sendChangePasswordMail(user);
    }

-    public boolean requestUserPasswordReset(String email) {
+    public boolean requestUserPasswordReset(String email)  {
        User user = userRepository.findOneByEmailIgnoreCase(email);
        if (user == null) {
            throw new UserNotFoundException(email);
@ -247,23 +247,30 @@ public class UserService implements UserDetailsService {
        user.setResetKey(UserUtils.generateResetKey());
        user.setResetDate(new Date());
        user = userRepository.save(user);
-        mailService.sendPasswordResetMail(user);
+        try {
+            mailService.sendPasswordResetMail(user);
+        } catch (MessagingException | MailException e) {
+            throw new UserSendingMailException(email);
+        }
        log.debug("Created Reset Password Request for User: {}", user.getLogin());
        return true;
    }

-    public boolean completeUserPasswordReset(String key, UserResetPasswordDto userResetPasswordDto) {
+    public boolean completeUserPasswordReset(UserResetPasswordDto userResetPasswordDto) {
        if (!userResetPasswordDto.isPasswordsValid()) {
-            throw new UserPasswordsNotValidOrNotMatchException("");
+            throw new UserPasswordsNotValidOrNotMatchException("Пароли не совпадают");
        }
-        User user = userRepository.findOneByResetKey(key);
+        User user = userRepository.findOneByResetKey(userResetPasswordDto.getResetKey());
        if (user == null) {
-            throw new UserResetKeyError(key);
+            throw new UserResetKeyError(userResetPasswordDto.getResetKey());
        }
        user.setPassword(passwordEncoder.encode(userResetPasswordDto.getPassword()));
        user.setResetKey(null);
        user.setResetDate(null);
        user = userRepository.save(user);
+
+        mailService.sendChangePasswordMail(user);
+
        log.debug("Reset Password for User: {}", user.getLogin());
        return true;
    }
--- a/src/main/resources/mail_templates/passwordResetEmail.html
+++ b/src/main/resources/mail_templates/passwordResetEmail.html
@ -1,23 +1,19 @@
 <!DOCTYPE html>
 <html xmlns:th="http://www.thymeleaf.org">
 <head>
-    <title>Password reset</title>
+    <title>Восстановление пароля</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
    <link rel="shortcut icon" th:href="@{|${baseUrl}/favicon.ico|}"/>
 </head>
 <body>
 <p>
-    Dear <span th:text="${user.firstName + ' ' + user.lastName}">Ivan Ivanov</span>
+    Дорогой <span th:text="${user.firstName + ' ' + user.lastName}">Ivan Ivanov</span>
 </p>
 <p>
-    For your account a password reset was requested, please click on the URL below to
+    Ваш ключ для восстановления пароля <span th:text="${user.resetKey}"></span>
 </p>
 <p>
-    <a th:href="@{|${baseUrl}/reset?key=${user.resetKey}|}"
-       th:text="@{|${baseUrl}/reset?key=${user.resetKey}|}">Reset Link</a>
-</p>
-<p>
-    Regards,
+    С уважением,
    <br/>
    <em>Balance Team.</em>
 </p>
--- a/src/main/resources/public/css/base.css
+++ b/src/main/resources/public/css/base.css
@ -0,0 +1,3 @@
+.loader {
+    padding-left:50%
+}
--- a/src/main/resources/public/img/main/ajax-loader.gif
+++ b/src/main/resources/public/img/main/ajax-loader.gif
--- a/src/main/resources/public/js/users.js
+++ b/src/main/resources/public/js/users.js
@ -1,7 +1,7 @@
 function changePassword() {
-    oldPassword = document.getElementById("oldPassword").value
-    password = document.getElementById("password").value
-    confirmPassword = document.getElementById("confirmPassword").value
+    oldPassword = $("#oldPassword").val()
+    password = $("#password").val()
+    confirmPassword = $("#confirmPassword").val()

    if ([oldPassword.length, password.length, confirmPassword.length].includes(0)) {
        showFeedbackMessage("Заполните все поля", MessageTypesEnum.WARNING);
@ -23,7 +23,7 @@ function changePassword() {
        }),
        method: "POST",
        success: function() {
-            document.getElementById("closeModalPassword").click();
+            $("#closeModalPassword").click();
                showFeedbackMessage("Пароль был обновлен", MessageTypesEnum.SUCCESS)

        },
@ -34,11 +34,8 @@ function changePassword() {
 }

 function inviteUser() {
-    email = document.getElementById("email").value;
-    re = /\S+@\S+\.\S+/;
-
-
-    if (!re.test(email)) {
+    email = $("#email").val();
+    if (!isEmailValid(email)) {
        showFeedbackMessage("Некорректный почтовый ящик", MessageTypesEnum.WARNING);
        return;
    }
@ -48,11 +45,83 @@ function inviteUser() {
        contentType: "application/json; charset=utf-8",
        method: "POST",
        success: function() {
-            document.getElementById("closeModalInvite").click();
+            $("#closeModalInvite").click();
            showFeedbackMessage("Пользователь был успешно приглашен", MessageTypesEnum.SUCCESS)
        },
        error: function(errorData) {
            showFeedbackMessage(errorData.responseJSON.error.message, MessageTypesEnum.WARNING)
        }
    })
+}
+
+function requestResetPassword() {
+    email = $("#emailReset").val()
+
+    if (!isEmailValid(email)) {
+        showFeedbackMessage("Некорректный почтовый ящик", MessageTypesEnum.WARNING);
+        return;
+    }
+    $("#dvloader").show();
+
+    $.ajax({
+        url:"/api/1.0/users/password-reset-request?email=" + email,
+        contentType: "application/json; charset=utf-8",
+        method: "POST",
+        success: function() {
+            showFeedbackMessage("Проверочный код был отправлен на указанный почтовый ящик", MessageTypesEnum.SUCCESS)
+            $("#passwordNew").show()
+            $("#passwordConfirm").show()
+            $("#btnReset").show()
+            $("#resetKey").show()
+            $("#emailReset").hide()
+            $("#btnSend").hide()
+            $("#dvloader").hide()
+
+        },
+        error: function(errorData) {
+            showFeedbackMessage(errorData.responseJSON.error.message, MessageTypesEnum.WARNING)
+            $("#dvloader").hide()
+        }
+    })
+
+}
+
+function resetPassword() {
+    passwordNew = $("#passwordNew").val();
+    passwordConfirm = $("#passwordConfirm").val();
+    resetKey = $("#resetKey").val();
+
+    if ([passwordNew, passwordConfirm, resetKey].includes("")) {
+        showFeedbackMessage("Заполните все поля", MessageTypesEnum.WARNING);
+        return;
+    }
+
+    if (passwordNew != passwordConfirm) {
+        showFeedbackMessage("Пароли не совпадают", MessageTypesEnum.WARNING);
+        return;
+    }
+
+    $.ajax({
+        url:"/api/1.0/users/password-reset",
+        contentType: "application/json; charset=utf-8",
+        method: "POST",
+        data: JSON.stringify({
+            "password": passwordNew,
+            "passwordConfirm": passwordConfirm,
+            "resetKey": resetKey,
+        }),
+        success: function() {
+            showFeedbackMessage("Пользователь был успешно приглашен", MessageTypesEnum.SUCCESS)
+            window.location.href = "/login"
+        },
+        error: function(errorData) {
+            showFeedbackMessage(errorData.responseJSON.error.message, MessageTypesEnum.WARNING)
+        }
+    })
+}
+
+
+function isEmailValid(email) {
+    re = /\S+@\S+\.\S+/;
+    return re.test(email)
 }
--- a/src/main/resources/templates/resetRequest.html
+++ b/src/main/resources/templates/resetRequest.html
@ -1,57 +1,59 @@
 <!DOCTYPE html>
 <html lang="en"
-      xmlns:th="http://www.thymeleaf.org"
      xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
-      layout:decorator="default">
+      layout:decorator="default" xmlns:th="http://www.w3.org/1999/xhtml">
 <head>
+    <script src="/js/users.js"></script>
+    <link rel="stylesheet" href="../css/base.css"/>
 </head>
 <body>
 <nav layout:fragment="navbar">
    <div class="navbar-header">
        <a class="navbar-brand" href="/"><span class="ui-menuitem-text"><i
-                class="fa fa-plane fa-4" aria-hidden="true"></i> Balance</span></a>
+                class="fa fa-plane fa-4" aria-style="display:none"></i> Balance</span></a>
    </div>
 </nav>
-<div class="container" layout:fragment="content">
-    <form id="reset-form" method="post" class="margined-top-10">
-        <fieldset>
-            <div class="form-group">
-                <input type="email" name="email" id="email" class="form-control"
-                       placeholder="E-Mail" required="true" autofocus="autofocus"/>
-            </div>
-            <button type="submit" class="btn btn-success btn-block">Сбросить пароль</button>
-            <div class="form-group">
-                <small class="form-text text-muted">
-                    <a href="/login">Вернуться к странице входа</a>
-                </small>
-            </div>
-        </fieldset>
-    </form>
-</div>
-<th:block layout:fragment="data-scripts">
-    <script type="text/javascript">
-        /*<![CDATA[*/
-        $(document).ready(function () {
-            $("#reset-form").submit(function () {
-                var email = $("#email").val();
-                if (isEmpty(email)) {
-                    showFeedbackMessage("Адрес электронной почты не задан", MessageTypesEnum.DANGER);
-                    return false;
-                }
-                postToRest(urlUsersPasswordResetRequest + "?email=" + email, null,
-                    function () {
-                        showFeedbackMessage("Запрос на смену пароля отправлен");
-                    },
-                    function () {
-                        $("#email").val("");
-                    }
-                );
-                return false;
-            });
-        });
-        /*]]>*/
+<div layout:fragment="content">
+    <section class="bg-light" id="portfolio">

-    </script>
-</th:block>
+        <div class="container">
+            <div class="row justify-content-md-center">
+                <div class="col-lg-6">
+                    <div class="form-group">
+                        <input type="text" name="email" id="emailReset" class="form-control"
+                               placeholder="E-Mail"/>
+                    </div>
+                    <div class="form-group">
+                        <input type="password" name="email" id="passwordNew" class="form-control"
+                               placeholder="Новый пароль" style="display:none"/>
+                    </div>
+                    <div class="form-group">
+                        <input type="password" name="email" id="passwordConfirm" class="form-control"
+                               placeholder="Подтвердите пароль" style="display:none"/>
+                    </div>
+                    <div class="form-group">
+                        <input type="text" name="email" id="resetKey" class="form-control"
+                               placeholder="Код подтверждения" style="display:none"/>
+                    </div>
+                    <div id="dvloader" class="loader" style="display:none"><img src="../img/main/ajax-loader.gif" /></div>
+                    <button id="btnSend" type="button" onclick="requestResetPassword()"
+                            class="btn btn-success btn-block">
+                        Отправить код подтверждения
+                    </button>
+                    <button id="btnReset" style="display:none" type="button" onclick="resetPassword()"
+                            class="btn btn-success btn-block">
+                        Сбросить
+                        пароль
+                    </button>
+                    <div class="form-group">
+                        <small class="form-text text-muted">
+                            <a href="/login">Вернуться к странице входа</a>
+                        </small>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </section>
+</div>
 </body>
 </html>