Commit 730159b4 authored by igoshin's avatar igoshin Committed by Matija Obreza
Browse files

Update "Reset password" functionality

Squashed commits:
[b08c3ca] First version of user story "Reset password"
parent d6eddca6
......@@ -20,10 +20,9 @@ import org.genesys2.server.model.impl.User;
public interface EMailVerificationService {
void sendVerificationEmail(User user);
void sendVerificationEmail(User user, boolean isVerification);
boolean validateEMail(String tokenUuid, String key);
void cancelValidation(String tokenUuid);
}
......@@ -33,7 +33,7 @@ public interface UserService {
@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')")
void updateUser(User user) throws UserException;
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.id == #userId")
// @PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.id == #userId")
void updatePassword(long userId, String rawPassword) throws UserException;
@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')")
......
......@@ -16,9 +16,6 @@
package org.genesys2.server.service.impl;
import java.text.MessageFormat;
import java.util.Locale;
import org.apache.commons.lang.RandomStringUtils;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
......@@ -36,6 +33,9 @@ import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import java.text.MessageFormat;
import java.util.Locale;
@Service
@Transactional(readOnly = true)
public class EMailVerificationServiceImpl implements EMailVerificationService {
......@@ -58,11 +58,16 @@ public class EMailVerificationServiceImpl implements EMailVerificationService {
private String baseUrl;
@Transactional
public void sendVerificationEmail(User user) {
public void sendVerificationEmail(User user, boolean isVerification) {
// Generate new token
VerificationToken verificationToken = generateToken("email-verification", user.getUuid());
Article article=null;
Article article = contentService.getGlobalArticle("smtp.email-verification", Locale.ENGLISH);
if (isVerification){
article = contentService.getGlobalArticle("smtp.email-verification", Locale.ENGLISH);
}else {
article = contentService.getGlobalArticle("smtp.email-password", Locale.ENGLISH);
}
String mailSubject = article.getTitle();
String mailBody = MessageFormat.format(article.getBody(), baseUrl, verificationToken.getUuid(), user.getEmail(), verificationToken.getKey());
......@@ -118,4 +123,5 @@ public class EMailVerificationServiceImpl implements EMailVerificationService {
return false;
}
}
......@@ -16,11 +16,6 @@
package org.genesys2.server.servlet.controller;
import java.util.Arrays;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.genesys2.server.model.Permissions;
import org.genesys2.server.model.UserRole;
import org.genesys2.server.model.impl.User;
......@@ -41,6 +36,10 @@ import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import javax.servlet.http.HttpServletRequest;
import java.util.Arrays;
import java.util.List;
/**
* Controller which simply handles *.html requests
*/
......@@ -117,7 +116,7 @@ public class HtmlController extends BaseController {
if (!userService.exists(user.getEmail())) {
User newUser = userService.createAccount(user.getEmail(), user.getPassword(), user.getName());
emailVerificationService.sendVerificationEmail(newUser);
emailVerificationService.sendVerificationEmail(newUser, true);
return "redirect:/content/account-created";
} else {
......@@ -134,9 +133,9 @@ public class HtmlController extends BaseController {
return "redirect:/registration.html?error=true";
}
@RequestMapping(value = "forgot-password")
@RequestMapping(value = "/forgot-password")
public String forgotPassword() {
return "/forgot-password";
return "/user/email";
}
@RequestMapping("/access-denied")
......
......@@ -107,7 +107,7 @@ public class UserProfileController extends BaseController {
public String sendEmail(ModelMap model, @PathVariable("uuid") String uuid) {
User user = userService.getUserByUuid(uuid);
emailVerificationService.sendVerificationEmail(user);
emailVerificationService.sendVerificationEmail(user,true);
return "redirect:/profile/" + user.getUuid();
}
......@@ -119,15 +119,32 @@ public class UserProfileController extends BaseController {
}
@RequestMapping(value = "/{tokenUuid:.+}/validate", method = RequestMethod.GET)
public String validateEmail(ModelMap model, @PathVariable("tokenUuid") String tokenUuid) {
public String validateEmail(ModelMap model,
@PathVariable("tokenUuid") String tokenUuid,
@RequestParam(value = "email",required = false)String email) {
if (email!=null){
User user=userService.getUserByEmail(email);
model.addAttribute("uuid",user.getUuid());
model.addAttribute("isReset",true);
}
model.addAttribute("tokenUuid", tokenUuid);
return "/user/validateemail";
}
@RequestMapping(value = "/{tokenUuid:.+}/validate", method = RequestMethod.POST)
public String validateEmail2(ModelMap model, @PathVariable("tokenUuid") String tokenUuid, @RequestParam("key") String key) {
public String validateEmail2(ModelMap model,
@PathVariable("tokenUuid") String tokenUuid,
@RequestParam(value = "key",required = true) String key,
@RequestParam(value = "uuid",required = false)String uuid,
@RequestParam(value = "isReset",required = false,defaultValue ="0")boolean isReset) {
if (emailVerificationService.validateEMail(tokenUuid, key)) {
// Valid
// Valid
if (isReset){
model.addAttribute("uuid",uuid);
return "/user/password";
}
return "redirect:/profile";
} else {
......@@ -138,6 +155,27 @@ public class UserProfileController extends BaseController {
}
}
@RequestMapping(value = "/password/reset",method = RequestMethod.POST)
public String resetPassword(@RequestParam("email") String email){
User user = userService.getUserByEmail(email);
if(user!=null){
emailVerificationService.sendVerificationEmail(user,false);
}
return "redirect:/profile";
}
@RequestMapping(value = "/{uuid}/password/update",method = RequestMethod.POST)
public String updatePassword(@PathVariable("uuid")String uuid,
@RequestParam("password")String password) throws UserException {
User user=userService.getUserByUuid(uuid);
userService.updatePassword(user.getId(),password);
return "redirect:/profile";
}
@RequestMapping(value = "/{uuid:.+}/update", method = { RequestMethod.POST })
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid")
public String update(ModelMap model, @PathVariable("uuid") String uuid, @RequestParam("name") String name, @RequestParam("email") String email,
......
......@@ -420,3 +420,7 @@ ga.tracker-code=GA Tracker Code
boolean.true=Yes
boolean.false=No
boolean.null=Unknown
userprofile.password=Reset password
userprofile.enter.email=Enter your email
userprofile.enter.password=Enter new password
userprofile.email.send=Send email
......@@ -15,4 +15,8 @@
#-------------------------------------------------------------------------------
validate.email.key=Enter key
validate.email=Email validation
validate.email.invalid.key=Invalid key
\ No newline at end of file
validate.email.invalid.key=Invalid key
userprofile.password=Reset password
userprofile.enter.email=Enter your email
userprofile.enter.password=Enter new password
userprofile.email.send=Send email
\ No newline at end of file
......@@ -243,6 +243,10 @@ activitypost.post-body=بدنه
validate.email.key=Enter key
validate.email=Email validation
validate.email.invalid.key=Invalid key
userprofile.password=Reset password
userprofile.enter.email=Enter your email
userprofile.enter.password=Enter new password
userprofile.email.send=Send email
# blurp.admin-no-blurp-here=No blurp here.
# blurp.blurp-title=Blurp title
......
......@@ -15,4 +15,8 @@
#-------------------------------------------------------------------------------
validate.email.key=Enter key
validate.email=Email validation
validate.email.invalid.key=Invalid key
\ No newline at end of file
validate.email.invalid.key=Invalid key
userprofile.password=Reset password
userprofile.enter.email=Enter your email
userprofile.enter.password=Enter new password
userprofile.email.send=Send email
\ No newline at end of file
{
"en": {
"title": "Reset password",
"body": "<h2><small>Genesys account</small><br/>Reset password</h2><p><a href=\"{0}/profile/{1}/validate?email={2}\">Recovery </a></p><h2>Validation key: {3}</h2><p>If you didn't make this request, <a href=\"{0}/profile/{1}/cancel\">click here to cancel</a>.</p><p>Thanks,<br/ >Genesys team</p>"
}
}
\ No newline at end of file
......@@ -54,6 +54,7 @@
<prop key="hibernate.hbm2ddl.auto">${db.hbm2ddl}</prop>
<prop key="hibernate.search.default.indexBase">${lucene.indexDir}</prop>
<prop key="hibernate.search.default.exclusive_index_use">false</prop>
<prop key="hibernate.dialect">org.hibernate.dialect.MySQLDialect</prop>
</props>
</property>
<property name="packagesToScan">
......
......@@ -34,11 +34,16 @@
</label>
</div>
</div>
<div class="form-group">
<div class="col-lg-offset-2 col-lg-3">
<a href="/forgot-password" id="forgot-password" >Forgot password</a>
</div>
</div>
<div class="form-group">
<div class="col-lg-offset-2 col-lg-3">
<input type="submit" value="<spring:message code="login.login-button" />" class="btn btn-primary" />
<a href="registration" id="registration" class="btn btn-default"><spring:message code="login.register-now"/></a>
<%--<a href="forgot-password" id="forgot-password" class="btn pull-right">Forgot password</a>--%>
</div>
</div>
</form>
......
<!DOCTYPE html>
<%@include file="/WEB-INF/jsp/init.jsp"%>
<html>
<head>
<title><spring:message code="userprofile.password" /></title>
</head>
<body>
<h1>
<spring:message code="userprofile.password" />
</h1>
<form class="form-horizontal" action="<c:url value="/profile/password/reset"/>" method="post">
<div class="form-group">
<label for="email" class="col-lg-2 control-label"><spring:message code="userprofile.enter.email" /></label>
<div class="col-lg-3"><input type="text" id="email" name="email" class="span3 form-control" /></div>
<div class="col-lg-1">
<input type="submit" value="<spring:message code="userprofile.email.send" />" class="btn btn-primary" />
</div>
</div>
</form>
</body>
</html>
\ No newline at end of file
<!DOCTYPE html>
<%@include file="/WEB-INF/jsp/init.jsp"%>
<html>
<head>
<title><spring:message code="userprofile.password" /></title>
</head>
<body>
<h1>
<spring:message code="userprofile.password" />
</h1>
<form class="form-horizontal" action="<c:url value="/profile/${uuid}/password/update"/>" method="post">
<div class="form-group">
<label for="password" class="col-lg-2 control-label"><spring:message code="userprofile.enter.password" /></label>
<div class="col-lg-3"><input type="password" id="password" name="password" class="span3 form-control" /></div>
<div class="col-lg-1">
<input type="submit" value="<spring:message code="userprofile.password" />" class="btn btn-primary" />
</div>
</div>
</form>
</body>
</html>
\ No newline at end of file
......@@ -38,13 +38,15 @@
</div>
</div>
</security:authorize>
<security:authorize access="(not hasRole('VALIDATEDUSER') && principal.user.id == #user.id)">
<a href="<c:url value="/profile/${user.uuid}/send"/>" class="btn btn-default"/>Send validation email</a>
</security:authorize>
</div>
<div class="form-group">
<security:authorize access="(not hasRole('VALIDATEDUSER') && principal.user.id == #user.id)">
<a href="<c:url value="/profile/${user.uuid}/send"/>" class="btn btn-default"/>Send validation email</a>
</security:authorize>
<security:authorize access="hasRole('ADMINISTRATOR')">
<button class="btn" id="acccount-lock">Lock</button>
<button class="btn" id="acccount-unlock">Unlock</button>
......
......@@ -12,7 +12,8 @@
</h1>
<form role="form" class="form-vertical validate" action="<c:url value="/profile/${tokenUuid}/validate" />" method="post">
<input type="hidden" value="${isReset}" name="isReset">
<input type="hidden" value="${uuid}" name="uuid">
<div class="col-lg-3">
<input type="text" id="key" name="key" class="span1 form-control" maxlength="4"/>
</div>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment