From b283a62d0d21bb6b876fff657466bb915f680c25 Mon Sep 17 00:00:00 2001 From: Claudio Maggioni Date: Wed, 25 Mar 2020 17:31:24 +0100 Subject: [PATCH 1/2] fixed redirects --- .../config/EmailConfigurationService.java | 30 +++++++++++++++---- .../controller/AuthenticationController.java | 18 ----------- .../controller/UserAccountController.java | 19 +++++++----- src/main/resources/application-dev.properties | 4 ++- .../resources/application-prod.properties | 5 +++- 5 files changed, 44 insertions(+), 32 deletions(-) diff --git a/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/config/EmailConfigurationService.java b/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/config/EmailConfigurationService.java index 8bae55d..a26aeeb 100644 --- a/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/config/EmailConfigurationService.java +++ b/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/config/EmailConfigurationService.java @@ -30,17 +30,21 @@ public class EmailConfigurationService { */ @NotNull private String registrationPath; + /** + * The URL to follow for password reset email confirmation. Has to end with the start of a query + * parameter + */ + @NotNull private String resetPasswordPath; + /** The email subject for a reset password email */ @NotNull private String resetPasswordSubject; /** The text in the email body preceding the confirmation URL for a reset password email */ @NotNull private String resetPassword; - /** - * The URL to follow for password reset email confirmation. Has to end with the start of a query - * parameter - */ - @NotNull private String resetPasswordPath; + @NotNull private String resetPasswordRedirect; + + @NotNull private String registrationRedirect; public String getRegistrationSubject() { return registrationSubject; @@ -89,4 +93,20 @@ public class EmailConfigurationService { public void setResetPasswordPath(String resetPasswordPath) { this.resetPasswordPath = resetPasswordPath; } + + public String getResetPasswordRedirect() { + return resetPasswordRedirect; + } + + public void setResetPasswordRedirect(String resetPasswordRedirect) { + this.resetPasswordRedirect = resetPasswordRedirect; + } + + public String getRegistrationRedirect() { + return registrationRedirect; + } + + public void setRegistrationRedirect(String registrationRedirect) { + this.registrationRedirect = registrationRedirect; + } } diff --git a/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/controller/AuthenticationController.java b/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/controller/AuthenticationController.java index 3160e1c..d26eed4 100644 --- a/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/controller/AuthenticationController.java +++ b/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/controller/AuthenticationController.java @@ -3,12 +3,9 @@ package ch.usi.inf.sa4.sanmarinoes.smarthut.controller; import ch.usi.inf.sa4.sanmarinoes.smarthut.config.JWTTokenUtils; import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.JWTRequest; import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.JWTResponse; -import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.UserUpdateRequest; import ch.usi.inf.sa4.sanmarinoes.smarthut.error.UnauthorizedException; import ch.usi.inf.sa4.sanmarinoes.smarthut.error.UserNotFoundException; import ch.usi.inf.sa4.sanmarinoes.smarthut.models.*; -import io.swagger.annotations.Authorization; -import java.security.Principal; import javax.validation.Valid; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.authentication.BadCredentialsException; @@ -72,21 +69,6 @@ public class AuthenticationController { return new JWTResponse(token); } - @Authorization(value = "Bearer") - @PatchMapping("/update") - public User update( - @Valid @RequestBody final UserUpdateRequest userData, final Principal principal) { - final User oldUser = userRepository.findByUsername(principal.getName()); - if (userData.getName() != null) oldUser.setName(userData.getName()); - if (userData.getEmail() != null) { - oldUser.setEmail(userData.getEmail()); - // TODO: handle email verification - } - if (userData.getPassword() != null) - oldUser.setPassword(encoder.encode(userData.getPassword())); - return userRepository.save(oldUser); - } - private void authenticate(String username, String password) throws UnauthorizedException { try { authenticationManager.authenticate( diff --git a/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/controller/UserAccountController.java b/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/controller/UserAccountController.java index ebf354f..1957319 100644 --- a/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/controller/UserAccountController.java +++ b/src/main/java/ch/usi/inf/sa4/sanmarinoes/smarthut/controller/UserAccountController.java @@ -13,6 +13,8 @@ import ch.usi.inf.sa4.sanmarinoes.smarthut.models.ConfirmationTokenRepository; import ch.usi.inf.sa4.sanmarinoes.smarthut.models.User; import ch.usi.inf.sa4.sanmarinoes.smarthut.models.UserRepository; import ch.usi.inf.sa4.sanmarinoes.smarthut.service.EmailSenderService; +import java.io.IOException; +import javax.servlet.http.HttpServletResponse; import javax.validation.Valid; import javax.validation.constraints.NotNull; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; @@ -158,8 +160,10 @@ public class UserAccountController { * @throws EmailTokenNotFoundException if given token is not a valid token for password reset */ @PutMapping("/reset-password") - public OkResponse resetPassword(@Valid @RequestBody PasswordResetRequest resetRequest) - throws EmailTokenNotFoundException { + public void resetPassword( + @Valid @RequestBody PasswordResetRequest resetRequest, + final HttpServletResponse response) + throws EmailTokenNotFoundException, IOException { final ConfirmationToken token = confirmationTokenRepository.findByConfirmationToken( resetRequest.getConfirmationToken()); @@ -175,7 +179,7 @@ public class UserAccountController { // Delete token to prevent further password changes confirmationTokenRepository.delete(token); - return new OkResponse(); + response.sendRedirect(emailConfig.getResetPasswordRedirect()); } /** @@ -187,16 +191,17 @@ public class UserAccountController { * confirmation */ @GetMapping(value = "/confirm-account") - public OkResponse confirmUserAccount(@RequestParam("token") @NotNull String confirmationToken) - throws EmailTokenNotFoundException { + public void confirmUserAccount( + @RequestParam("token") @NotNull String confirmationToken, + final HttpServletResponse response) + throws EmailTokenNotFoundException, IOException { final ConfirmationToken token = confirmationTokenRepository.findByConfirmationToken(confirmationToken); if (token != null && !token.getResetPassword()) { token.getUser().setEnabled(true); userRepository.save(token.getUser()); - // TODO: redirect to frontend - return new OkResponse(); + response.sendRedirect(emailConfig.getRegistrationRedirect()); } else { throw new EmailTokenNotFoundException(); } diff --git a/src/main/resources/application-dev.properties b/src/main/resources/application-dev.properties index 2fb519c..3c77362 100644 --- a/src/main/resources/application-dev.properties +++ b/src/main/resources/application-dev.properties @@ -27,7 +27,9 @@ spring.mail.properties.mail.smtp.writetimeout=5000 email.registrationSubject=Complete your SmartHut.sm registration email.registration=To confirm your registration, please click here: email.registrationPath=http://localhost:8080/register/confirm-account?token= +email.registrationRedirect=http://localhost:3000 email.resetpasswordSubject=SmartHut.sm password reset email.resetpassword=To reset your password, please click here: -email.resetpasswordPath=http://localhost:3000/password-reset?token= \ No newline at end of file +email.resetpasswordPath=http://localhost:3000/password-reset?token= +email.resetPasswordRedirect=http://localhost:3000/conf-reset-pass \ No newline at end of file diff --git a/src/main/resources/application-prod.properties b/src/main/resources/application-prod.properties index 7807d21..482fa13 100644 --- a/src/main/resources/application-prod.properties +++ b/src/main/resources/application-prod.properties @@ -32,8 +32,11 @@ spring.mail.properties.mail.smtp.writetimeout=5000 email.registrationSubject=Complete your SmartHut.sm registration email.registration=To confirm your registration, please click here: email.registrationPath=${BACKEND_URL}/register/confirm-account?token= +email.registrationSuccess=${FRONTEND_URL} + # Password reset email properties email.resetpasswordSubject=SmartHut.sm password reset email.resetpassword=To reset your password, please click here: -email.resetpasswordPath=${FRONTEND_URL}/password-reset?token= \ No newline at end of file +email.resetpasswordPath=${FRONTEND_URL}/password-reset?token= +email.resetPasswordSuccess=${FRONTEND_URL}/conf-reset-pass \ No newline at end of file From b9221cecc6cfec7d8ed264aa8956673defce85f3 Mon Sep 17 00:00:00 2001 From: Claudio Maggioni Date: Wed, 25 Mar 2020 20:21:54 +0100 Subject: [PATCH 2/2] fixed application.properties for tests --- src/test/resources/application.properties | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/src/test/resources/application.properties b/src/test/resources/application.properties index 673d02a..bdaafc0 100644 --- a/src/test/resources/application.properties +++ b/src/test/resources/application.properties @@ -28,8 +28,10 @@ server.port = 2000 email.registrationSubject=Complete your SmartHut.sm registration email.registration=To confirm your registration, please click here: -email.registrationPath=http://localhost:2000/register/confirm-account?token= +email.registrationPath=http://localhost:8080/register/confirm-account?token= +email.registrationRedirect=http://localhost:3000 email.resetpasswordSubject=SmartHut.sm password reset email.resetpassword=To reset your password, please click here: -email.resetpasswordPath=http://localhost:3000/password-reset?token= \ No newline at end of file +email.resetpasswordPath=http://localhost:3000/password-reset?token= +email.resetPasswordRedirect=http://localhost:3000/conf-reset-pass \ No newline at end of file