PageRenderTime 58ms CodeModel.GetById 29ms RepoModel.GetById 1ms app.codeStats 0ms

/jhipster3/monolithic/src/main/java/com/arkix/monolithic/web/rest/AccountResource.java

https://gitlab.com/cortizqgitlab/test-first
Java | 275 lines | 177 code | 23 blank | 75 comment | 4 complexity | 89d89f0106839d0218d4a3c998e02baa MD5 | raw file
    

  1. package com.arkix.monolithic.web.rest;
    2. 

  2. 

  3. import com.codahale.metrics.annotation.Timed;
    4. 

  4. import com.arkix.monolithic.domain.Authority;
    5. 

  5. import com.arkix.monolithic.domain.PersistentToken;
    6. 

  6. import com.arkix.monolithic.domain.User;
    7. 

  7. import com.arkix.monolithic.repository.PersistentTokenRepository;
    8. 

  8. import com.arkix.monolithic.repository.UserRepository;
    9. 

  9. import com.arkix.monolithic.security.SecurityUtils;
    10. 

  10. import com.arkix.monolithic.service.MailService;
    11. 

  11. import com.arkix.monolithic.service.UserService;
    12. 

  12. import com.arkix.monolithic.web.rest.dto.KeyAndPasswordDTO;
    13. 

  13. import com.arkix.monolithic.web.rest.dto.UserDTO;
    14. 

  14. import com.arkix.monolithic.web.rest.util.HeaderUtil;
    15. 

  15. 

  16. import org.apache.commons.lang.StringUtils;
    17. 

  17. import org.slf4j.Logger;
    18. 

  18. import org.slf4j.LoggerFactory;
    19. 

  19. import org.springframework.http.HttpHeaders;
    20. 

  20. import org.springframework.http.HttpStatus;
    21. 

  21. import org.springframework.http.MediaType;
    22. 

  22. import org.springframework.http.ResponseEntity;
    23. 

  23. import org.springframework.web.bind.annotation.*;
    24. 

  24. 

  25. import javax.inject.Inject;
    26. 

  26. import javax.servlet.http.HttpServletRequest;
    27. 

  27. import javax.validation.Valid;
    28. 

  28. import java.io.UnsupportedEncodingException;
    29. 

  29. import java.net.URLDecoder;
    30. 

  30. import java.util.*;
    31. 

  31. 

  32. /**
    33. 

  33.  * REST controller for managing the current user's account.
    34. 

  34.  */
    35. 

  35. @RestController
    36. 

  36. @RequestMapping("/api")
    37. 

  37. public class AccountResource {
    38. 

  38. 

  39.     private final Logger log = LoggerFactory.getLogger(AccountResource.class);
    40. 

  40. 

  41.     @Inject
    42. 

  42.     private UserRepository userRepository;
    43. 

  43. 

  44.     @Inject
    45. 

  45.     private UserService userService;
    46. 

  46. 

  47.     @Inject
    48. 

  48.     private PersistentTokenRepository persistentTokenRepository;
    49. 

  49. 

  50.     @Inject
    51. 

  51.     private MailService mailService;
    52. 

  52. 

  53.     /**
    54. 

  54.      * POST  /register : register the user.
    55. 

  55.      *
    56. 

  56.      * @param userDTO the user DTO
    57. 

  57.      * @param request the HTTP request
    58. 

  58.      * @return the ResponseEntity with status 201 (Created) if the user is registred or 400 (Bad Request) if the login or e-mail is already in use
    59. 

  59.      */
    60. 

  60.     @RequestMapping(value = "/register",
    61. 

  61.                     method = RequestMethod.POST,
    62. 

  62.                     produces={MediaType.APPLICATION_JSON_VALUE, MediaType.TEXT_PLAIN_VALUE})
    63. 

  63.     @Timed
    64. 

  64.     public ResponseEntity<?> registerAccount(@Valid @RequestBody UserDTO userDTO, HttpServletRequest request) {
    65. 

  65. 

  66.         HttpHeaders textPlainHeaders = new HttpHeaders();
    67. 

  67.         textPlainHeaders.setContentType(MediaType.TEXT_PLAIN);
    68. 

  68. 

  69.         return userRepository.findOneByLogin(userDTO.getLogin())
    70. 

  70.             .map(user -> new ResponseEntity<>("login already in use", textPlainHeaders, HttpStatus.BAD_REQUEST))
    71. 

  71.             .orElseGet(() -> userRepository.findOneByEmail(userDTO.getEmail())
    72. 

  72.                 .map(user -> new ResponseEntity<>("e-mail address already in use", textPlainHeaders, HttpStatus.BAD_REQUEST))
    73. 

  73.                 .orElseGet(() -> {
    74. 

  74.                     User user = userService.createUserInformation(userDTO.getLogin(), userDTO.getPassword(),
    75. 

  75.                     userDTO.getFirstName(), userDTO.getLastName(), userDTO.getEmail().toLowerCase(),
    76. 

  76.                     userDTO.getLangKey());
    77. 

  77.                     String baseUrl = request.getScheme() + // "http"
    78. 

  78.                     "://" +                                // "://"
    79. 

  79.                     request.getServerName() +              // "myhost"
    80. 

  80.                     ":" +                                  // ":"
    81. 

  81.                     request.getServerPort() +              // "80"
    82. 

  82.                     request.getContextPath();              // "/myContextPath" or "" if deployed in root context
    83. 

  83. 

  84.                     mailService.sendActivationEmail(user, baseUrl);
    85. 

  85.                     return new ResponseEntity<>(HttpStatus.CREATED);
    86. 

  86.                 })
    87. 

  87.         );
    88. 

  88.     }
    89. 

  89. 

  90.     /**
    91. 

  91.      * GET  /activate : activate the registered user.
    92. 

  92.      *
    93. 

  93.      * @param key the activation key
    94. 

  94.      * @return the ResponseEntity with status 200 (OK) and the activated user in body, or status 500 (Internal Server Error) if the user couldn't be activated
    95. 

  95.      */
    96. 

  96.     @RequestMapping(value = "/activate",
    97. 

  97.         method = RequestMethod.GET,
    98. 

  98.         produces = MediaType.APPLICATION_JSON_VALUE)
    99. 

  99.     @Timed
    100. 

  100.     public ResponseEntity<String> activateAccount(@RequestParam(value = "key") String key) {
    101. 

  101.         return userService.activateRegistration(key)
    102. 

  102.             .map(user -> new ResponseEntity<String>(HttpStatus.OK))
    103. 

  103.             .orElse(new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR));
    104. 

  104.     }
    105. 

  105. 

  106.     /**
    107. 

  107.      * GET  /authenticate : check if the user is authenticated, and return its login.
    108. 

  108.      *
    109. 

  109.      * @param request the HTTP request
    110. 

  110.      * @return the login if the user is authenticated
    111. 

  111.      */
    112. 

  112.     @RequestMapping(value = "/authenticate",
    113. 

  113.         method = RequestMethod.GET,
    114. 

  114.         produces = MediaType.APPLICATION_JSON_VALUE)
    115. 

  115.     @Timed
    116. 

  116.     public String isAuthenticated(HttpServletRequest request) {
    117. 

  117.         log.debug("REST request to check if the current user is authenticated");
    118. 

  118.         return request.getRemoteUser();
    119. 

  119.     }
    120. 

  120. 

  121.     /**
    122. 

  122.      * GET  /account : get the current user.
    123. 

  123.      *
    124. 

  124.      * @return the ResponseEntity with status 200 (OK) and the current user in body, or status 500 (Internal Server Error) if the user couldn't be returned
    125. 

  125.      */
    126. 

  126.     @RequestMapping(value = "/account",
    127. 

  127.         method = RequestMethod.GET,
    128. 

  128.         produces = MediaType.APPLICATION_JSON_VALUE)
    129. 

  129.     @Timed
    130. 

  130.     public ResponseEntity<UserDTO> getAccount() {
    131. 

  131.         return Optional.ofNullable(userService.getUserWithAuthorities())
    132. 

  132.             .map(user -> new ResponseEntity<>(new UserDTO(user), HttpStatus.OK))
    133. 

  133.             .orElse(new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR));
    134. 

  134.     }
    135. 

  135. 

  136.     /**
    137. 

  137.      * POST  /account : update the current user information.
    138. 

  138.      *
    139. 

  139.      * @param userDTO the current user information
    140. 

  140.      * @return the ResponseEntity with status 200 (OK), or status 400 (Bad Request) or 500 (Internal Server Error) if the user couldn't be updated
    141. 

  141.      */
    142. 

  142.     @RequestMapping(value = "/account",
    143. 

  143.         method = RequestMethod.POST,
    144. 

  144.         produces = MediaType.APPLICATION_JSON_VALUE)
    145. 

  145.     @Timed
    146. 

  146.     public ResponseEntity<String> saveAccount(@RequestBody UserDTO userDTO) {
    147. 

  147.         Optional<User> existingUser = userRepository.findOneByEmail(userDTO.getEmail());
    148. 

  148.         if (existingUser.isPresent() && (!existingUser.get().getLogin().equalsIgnoreCase(userDTO.getLogin()))) {
    149. 

  149.             return ResponseEntity.badRequest().headers(HeaderUtil.createFailureAlert("user-management", "emailexists", "Email already in use")).body(null);
    150. 

  150.         }
    151. 

  151.         return userRepository
    152. 

  152.             .findOneByLogin(SecurityUtils.getCurrentUserLogin())
    153. 

  153.             .map(u -> {
    154. 

  154.                 userService.updateUserInformation(userDTO.getFirstName(), userDTO.getLastName(), userDTO.getEmail(),
    155. 

  155.                     userDTO.getLangKey());
    156. 

  156.                 return new ResponseEntity<String>(HttpStatus.OK);
    157. 

  157.             })
    158. 

  158.             .orElseGet(() -> new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR));
    159. 

  159.     }
    160. 

  160. 

  161.     /**
    162. 

  162.      * POST  /account/change_password : changes the current user's password
    163. 

  163.      *
    164. 

  164.      * @param password the new password
    165. 

  165.      * @return the ResponseEntity with status 200 (OK), or status 400 (Bad Request) if the new password is not strong enough
    166. 

  166.      */
    167. 

  167.     @RequestMapping(value = "/account/change_password",
    168. 

  168.         method = RequestMethod.POST,
    169. 

  169.         produces = MediaType.TEXT_PLAIN_VALUE)
    170. 

  170.     @Timed
    171. 

  171.     public ResponseEntity<?> changePassword(@RequestBody String password) {
    172. 

  172.         if (!checkPasswordLength(password)) {
    173. 

  173.             return new ResponseEntity<>("Incorrect password", HttpStatus.BAD_REQUEST);
    174. 

  174.         }
    175. 

  175.         userService.changePassword(password);
    176. 

  176.         return new ResponseEntity<>(HttpStatus.OK);
    177. 

  177.     }
    178. 

  178. 

  179.     /**
    180. 

  180.      * GET  /account/sessions : get the current open sessions.
    181. 

  181.      *
    182. 

  182.      * @return the ResponseEntity with status 200 (OK) and the current open sessions in body,
    183. 

  183.      *  or status 500 (Internal Server Error) if the current open sessions couldn't be retrieved
    184. 

  184.      */
    185. 

  185.     @RequestMapping(value = "/account/sessions",
    186. 

  186.         method = RequestMethod.GET,
    187. 

  187.         produces = MediaType.APPLICATION_JSON_VALUE)
    188. 

  188.     @Timed
    189. 

  189.     public ResponseEntity<List<PersistentToken>> getCurrentSessions() {
    190. 

  190.         return userRepository.findOneByLogin(SecurityUtils.getCurrentUserLogin())
    191. 

  191.             .map(user -> new ResponseEntity<>(
    192. 

  192.                 persistentTokenRepository.findByUser(user),
    193. 

  193.                 HttpStatus.OK))
    194. 

  194.             .orElse(new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR));
    195. 

  195.     }
    196. 

  196. 

  197.     /**
    198. 

  198.      * DELETE  /account/sessions?series={series} : invalidate an existing session.
    199. 

  199.      *
    200. 

  200.      * - You can only delete your own sessions, not any other user's session
    201. 

  201.      * - If you delete one of your existing sessions, and that you are currently logged in on that session, you will
    202. 

  202.      *   still be able to use that session, until you quit your browser: it does not work in real time (there is
    203. 

  203.      *   no API for that), it only removes the "remember me" cookie
    204. 

  204.      * - This is also true if you invalidate your current session: you will still be able to use it until you close
    205. 

  205.      *   your browser or that the session times out. But automatic login (the "remember me" cookie) will not work
    206. 

  206.      *   anymore.
    207. 

  207.      *   There is an API to invalidate the current session, but there is no API to check which session uses which
    208. 

  208.      *   cookie.
    209. 

  209.      *
    210. 

  210.      * @param series the series of an existing session
    211. 

  211.      * @throws UnsupportedEncodingException if the series couldnt be URL decoded
    212. 

  212.      */
    213. 

  213.     @RequestMapping(value = "/account/sessions/{series}",
    214. 

  214.         method = RequestMethod.DELETE)
    215. 

  215.     @Timed
    216. 

  216.     public void invalidateSession(@PathVariable String series) throws UnsupportedEncodingException {
    217. 

  217.         String decodedSeries = URLDecoder.decode(series, "UTF-8");
    218. 

  218.         userRepository.findOneByLogin(SecurityUtils.getCurrentUserLogin()).ifPresent(u -> {
    219. 

  219.             persistentTokenRepository.findByUser(u).stream()
    220. 

  220.                 .filter(persistentToken -> StringUtils.equals(persistentToken.getSeries(), decodedSeries))
    221. 

  221.                 .findAny().ifPresent(t -> persistentTokenRepository.delete(decodedSeries));
    222. 

  222.         });
    223. 

  223.     }
    224. 

  224. 

  225.     /**
    226. 

  226.      * POST   /account/reset_password/init : Send an e-mail to reset the password of the user
    227. 

  227.      *
    228. 

  228.      * @param mail the mail of the user
    229. 

  229.      * @param request the HTTP request
    230. 

  230.      * @return the ResponseEntity with status 200 (OK) if the e-mail was sent, or status 400 (Bad Request) if the e-mail address is not registred
    231. 

  231.      */
    232. 

  232.     @RequestMapping(value = "/account/reset_password/init",
    233. 

  233.         method = RequestMethod.POST,
    234. 

  234.         produces = MediaType.TEXT_PLAIN_VALUE)
    235. 

  235.     @Timed
    236. 

  236.     public ResponseEntity<?> requestPasswordReset(@RequestBody String mail, HttpServletRequest request) {
    237. 

  237.         return userService.requestPasswordReset(mail)
    238. 

  238.             .map(user -> {
    239. 

  239.                 String baseUrl = request.getScheme() +
    240. 

  240.                     "://" +
    241. 

  241.                     request.getServerName() +
    242. 

  242.                     ":" +
    243. 

  243.                     request.getServerPort() +
    244. 

  244.                     request.getContextPath();
    245. 

  245.                 mailService.sendPasswordResetMail(user, baseUrl);
    246. 

  246.                 return new ResponseEntity<>("e-mail was sent", HttpStatus.OK);
    247. 

  247.             }).orElse(new ResponseEntity<>("e-mail address not registered", HttpStatus.BAD_REQUEST));
    248. 

  248.     }
    249. 

  249. 

  250.     /**
    251. 

  251.      * POST   /account/reset_password/finish : Finish to reset the password of the user
    252. 

  252.      *
    253. 

  253.      * @param keyAndPassword the generated key and the new password
    254. 

  254.      * @return the ResponseEntity with status 200 (OK) if the password has been reset,
    255. 

  255.      * or status 400 (Bad Request) or 500 (Internal Server Error) if the password could not be reset
    256. 

  256.      */
    257. 

  257.     @RequestMapping(value = "/account/reset_password/finish",
    258. 

  258.         method = RequestMethod.POST,
    259. 

  259.         produces = MediaType.TEXT_PLAIN_VALUE)
    260. 

  260.     @Timed
    261. 

  261.     public ResponseEntity<String> finishPasswordReset(@RequestBody KeyAndPasswordDTO keyAndPassword) {
    262. 

  262.         if (!checkPasswordLength(keyAndPassword.getNewPassword())) {
    263. 

  263.             return new ResponseEntity<>("Incorrect password", HttpStatus.BAD_REQUEST);
    264. 

  264.         }
    265. 

  265.         return userService.completePasswordReset(keyAndPassword.getNewPassword(), keyAndPassword.getKey())
    266. 

  266.               .map(user -> new ResponseEntity<String>(HttpStatus.OK))
    267. 

  267.               .orElse(new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR));
    268. 

  268.     }
    269. 

  269. 

  270.     private boolean checkPasswordLength(String password) {
    271. 

  271.         return (!StringUtils.isEmpty(password) &&
    272. 

  272.             password.length() >= UserDTO.PASSWORD_MIN_LENGTH &&
    273. 

  273.             password.length() <= UserDTO.PASSWORD_MAX_LENGTH);
    274. 

  274.     }
    275. 

  275. }
    276. 

  276.