smarthut/backend
2
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Merge branch '48-redirection-to-frontend-after-email-confirmation-operations-password-reset-and-email' into 'dev'

Browse source 
Resolve "Redirection to frontend after email confirmation operations (password reset and email)"

Closes #48

See merge request sa4-2020/the-sanmarinoes/backend!62
This commit is contained in:
Claudio Maggioni 2020-03-25 20:29:48 +01:00
commit 3518647eeb
6 changed files with 48 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/config/EmailConfigurationService.java
View file

@ -30,17 +30,21 @@ public class EmailConfigurationService {
*/
@NotNull private String registrationPath;
/**
* The URL to follow for password reset email confirmation. Has to end with the start of a query
* parameter
*/
@NotNull private String resetPasswordPath;
/** The email subject for a reset password email */
@NotNull private String resetPasswordSubject;
/** The text in the email body preceding the confirmation URL for a reset password email */
@NotNull private String resetPassword;
/**
* The URL to follow for password reset email confirmation. Has to end with the start of a query
* parameter
*/
@NotNull private String resetPasswordPath;
@NotNull private String resetPasswordRedirect;
@NotNull private String registrationRedirect;
public String getRegistrationSubject() {
return registrationSubject;
@ -89,4 +93,20 @@ public class EmailConfigurationService {
public void setResetPasswordPath(String resetPasswordPath) {
this.resetPasswordPath = resetPasswordPath;
}
public String getResetPasswordRedirect() {
return resetPasswordRedirect;
}
public void setResetPasswordRedirect(String resetPasswordRedirect) {
this.resetPasswordRedirect = resetPasswordRedirect;
}
public String getRegistrationRedirect() {
return registrationRedirect;
}
public void setRegistrationRedirect(String registrationRedirect) {
this.registrationRedirect = registrationRedirect;
}
}

18
src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/controller/AuthenticationController.java
View file

@ -3,12 +3,9 @@ package ch.usi.inf.sa4.sanmarinoes.smarthut.controller;
import ch.usi.inf.sa4.sanmarinoes.smarthut.config.JWTTokenUtils;
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.JWTRequest;
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.JWTResponse;
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.UserUpdateRequest;
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.UnauthorizedException;
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.UserNotFoundException;
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.*;
import io.swagger.annotations.Authorization;
import java.security.Principal;
import javax.validation.Valid;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.BadCredentialsException;
@ -72,21 +69,6 @@ public class AuthenticationController {
return new JWTResponse(token);
}
@Authorization(value = "Bearer")
@PatchMapping("/update")
public User update(
@Valid @RequestBody final UserUpdateRequest userData, final Principal principal) {
final User oldUser = userRepository.findByUsername(principal.getName());
if (userData.getName() != null) oldUser.setName(userData.getName());
if (userData.getEmail() != null) {
oldUser.setEmail(userData.getEmail());
// TODO: handle email verification
}
if (userData.getPassword() != null)
oldUser.setPassword(encoder.encode(userData.getPassword()));
return userRepository.save(oldUser);
}
private void authenticate(String username, String password) throws UnauthorizedException {
try {
authenticationManager.authenticate(

19
src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/controller/UserAccountController.java
View file

@ -13,6 +13,8 @@ import ch.usi.inf.sa4.sanmarinoes.smarthut.models.ConfirmationTokenRepository;
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.User;
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.UserRepository;
import ch.usi.inf.sa4.sanmarinoes.smarthut.service.EmailSenderService;
import java.io.IOException;
import javax.servlet.http.HttpServletResponse;
import javax.validation.Valid;
import javax.validation.constraints.NotNull;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
@ -158,8 +160,10 @@ public class UserAccountController {
* @throws EmailTokenNotFoundException if given token is not a valid token for password reset
*/
@PutMapping("/reset-password")
public OkResponse resetPassword(@Valid @RequestBody PasswordResetRequest resetRequest)
throws EmailTokenNotFoundException {
public void resetPassword(
@Valid @RequestBody PasswordResetRequest resetRequest,
final HttpServletResponse response)
throws EmailTokenNotFoundException, IOException {
final ConfirmationToken token =
confirmationTokenRepository.findByConfirmationToken(
resetRequest.getConfirmationToken());
@ -175,7 +179,7 @@ public class UserAccountController {
// Delete token to prevent further password changes
confirmationTokenRepository.delete(token);
return new OkResponse();
response.sendRedirect(emailConfig.getResetPasswordRedirect());
}
/**
@ -187,16 +191,17 @@ public class UserAccountController {
* confirmation
*/
@GetMapping(value = "/confirm-account")
public OkResponse confirmUserAccount(@RequestParam("token") @NotNull String confirmationToken)
throws EmailTokenNotFoundException {
public void confirmUserAccount(
@RequestParam("token") @NotNull String confirmationToken,
final HttpServletResponse response)
throws EmailTokenNotFoundException, IOException {
final ConfirmationToken token =
confirmationTokenRepository.findByConfirmationToken(confirmationToken);
if (token != null && !token.getResetPassword()) {
token.getUser().setEnabled(true);
userRepository.save(token.getUser());
// TODO: redirect to frontend
return new OkResponse();
response.sendRedirect(emailConfig.getRegistrationRedirect());
} else {
throw new EmailTokenNotFoundException();
}

4
src/main/resources/application-dev.properties
View file

@ -27,7 +27,9 @@ spring.mail.properties.mail.smtp.writetimeout=5000
email.registrationSubject=Complete your SmartHut.sm registration
email.registration=To confirm your registration, please click here:
email.registrationPath=http://localhost:8080/register/confirm-account?token=
email.registrationRedirect=http://localhost:3000
email.resetpasswordSubject=SmartHut.sm password reset
email.resetpassword=To reset your password, please click here:
email.resetpasswordPath=http://localhost:3000/password-reset?token=
email.resetpasswordPath=http://localhost:3000/password-reset?token=
email.resetPasswordRedirect=http://localhost:3000/conf-reset-pass

5
src/main/resources/application-prod.properties
View file

@ -32,8 +32,11 @@ spring.mail.properties.mail.smtp.writetimeout=5000
email.registrationSubject=Complete your SmartHut.sm registration
email.registration=To confirm your registration, please click here:
email.registrationPath=${BACKEND_URL}/register/confirm-account?token=
email.registrationSuccess=${FRONTEND_URL}
# Password reset email properties
email.resetpasswordSubject=SmartHut.sm password reset
email.resetpassword=To reset your password, please click here:
email.resetpasswordPath=${FRONTEND_URL}/password-reset?token=
email.resetpasswordPath=${FRONTEND_URL}/password-reset?token=
email.resetPasswordSuccess=${FRONTEND_URL}/conf-reset-pass

6
src/test/resources/application.properties
View file

@ -28,8 +28,10 @@ server.port = 2000
email.registrationSubject=Complete your SmartHut.sm registration
email.registration=To confirm your registration, please click here:
email.registrationPath=http://localhost:2000/register/confirm-account?token=
email.registrationPath=http://localhost:8080/register/confirm-account?token=
email.registrationRedirect=http://localhost:3000
email.resetpasswordSubject=SmartHut.sm password reset
email.resetpassword=To reset your password, please click here:
email.resetpasswordPath=http://localhost:3000/password-reset?token=
email.resetpasswordPath=http://localhost:3000/password-reset?token=
email.resetPasswordRedirect=http://localhost:3000/conf-reset-pass