Commit 730159b4 authored by igoshin's avatar igoshin Committed by Matija Obreza
Browse files

Update "Reset password" functionality

Squashed commits:
[b08c3ca] First version of user story "Reset password"
parent d6eddca6
...@@ -20,10 +20,9 @@ import org.genesys2.server.model.impl.User; ...@@ -20,10 +20,9 @@ import org.genesys2.server.model.impl.User;
public interface EMailVerificationService { public interface EMailVerificationService {
void sendVerificationEmail(User user); void sendVerificationEmail(User user, boolean isVerification);
boolean validateEMail(String tokenUuid, String key); boolean validateEMail(String tokenUuid, String key);
void cancelValidation(String tokenUuid); void cancelValidation(String tokenUuid);
} }
...@@ -33,7 +33,7 @@ public interface UserService { ...@@ -33,7 +33,7 @@ public interface UserService {
@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')") @PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')")
void updateUser(User user) throws UserException; void updateUser(User user) throws UserException;
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.id == #userId") // @PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.id == #userId")
void updatePassword(long userId, String rawPassword) throws UserException; void updatePassword(long userId, String rawPassword) throws UserException;
@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')") @PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')")
......
...@@ -16,9 +16,6 @@ ...@@ -16,9 +16,6 @@
package org.genesys2.server.service.impl; package org.genesys2.server.service.impl;
import java.text.MessageFormat;
import java.util.Locale;
import org.apache.commons.lang.RandomStringUtils; import org.apache.commons.lang.RandomStringUtils;
import org.apache.commons.logging.Log; import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory; import org.apache.commons.logging.LogFactory;
...@@ -36,6 +33,9 @@ import org.springframework.beans.factory.annotation.Value; ...@@ -36,6 +33,9 @@ import org.springframework.beans.factory.annotation.Value;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional; import org.springframework.transaction.annotation.Transactional;
import java.text.MessageFormat;
import java.util.Locale;
@Service @Service
@Transactional(readOnly = true) @Transactional(readOnly = true)
public class EMailVerificationServiceImpl implements EMailVerificationService { public class EMailVerificationServiceImpl implements EMailVerificationService {
...@@ -58,11 +58,16 @@ public class EMailVerificationServiceImpl implements EMailVerificationService { ...@@ -58,11 +58,16 @@ public class EMailVerificationServiceImpl implements EMailVerificationService {
private String baseUrl; private String baseUrl;
@Transactional @Transactional
public void sendVerificationEmail(User user) { public void sendVerificationEmail(User user, boolean isVerification) {
// Generate new token // Generate new token
VerificationToken verificationToken = generateToken("email-verification", user.getUuid()); VerificationToken verificationToken = generateToken("email-verification", user.getUuid());
Article article=null;
Article article = contentService.getGlobalArticle("smtp.email-verification", Locale.ENGLISH); if (isVerification){
article = contentService.getGlobalArticle("smtp.email-verification", Locale.ENGLISH);
}else {
article = contentService.getGlobalArticle("smtp.email-password", Locale.ENGLISH);
}
String mailSubject = article.getTitle(); String mailSubject = article.getTitle();
String mailBody = MessageFormat.format(article.getBody(), baseUrl, verificationToken.getUuid(), user.getEmail(), verificationToken.getKey()); String mailBody = MessageFormat.format(article.getBody(), baseUrl, verificationToken.getUuid(), user.getEmail(), verificationToken.getKey());
...@@ -118,4 +123,5 @@ public class EMailVerificationServiceImpl implements EMailVerificationService { ...@@ -118,4 +123,5 @@ public class EMailVerificationServiceImpl implements EMailVerificationService {
return false; return false;
} }
} }
...@@ -16,11 +16,6 @@ ...@@ -16,11 +16,6 @@
package org.genesys2.server.servlet.controller; package org.genesys2.server.servlet.controller;
import java.util.Arrays;
import java.util.List;
import javax.servlet.http.HttpServletRequest;
import org.genesys2.server.model.Permissions; import org.genesys2.server.model.Permissions;
import org.genesys2.server.model.UserRole; import org.genesys2.server.model.UserRole;
import org.genesys2.server.model.impl.User; import org.genesys2.server.model.impl.User;
...@@ -41,6 +36,10 @@ import org.springframework.web.bind.annotation.ModelAttribute; ...@@ -41,6 +36,10 @@ import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RequestParam;
import javax.servlet.http.HttpServletRequest;
import java.util.Arrays;
import java.util.List;
/** /**
* Controller which simply handles *.html requests * Controller which simply handles *.html requests
*/ */
...@@ -117,7 +116,7 @@ public class HtmlController extends BaseController { ...@@ -117,7 +116,7 @@ public class HtmlController extends BaseController {
if (!userService.exists(user.getEmail())) { if (!userService.exists(user.getEmail())) {
User newUser = userService.createAccount(user.getEmail(), user.getPassword(), user.getName()); User newUser = userService.createAccount(user.getEmail(), user.getPassword(), user.getName());
emailVerificationService.sendVerificationEmail(newUser); emailVerificationService.sendVerificationEmail(newUser, true);
return "redirect:/content/account-created"; return "redirect:/content/account-created";
} else { } else {
...@@ -134,9 +133,9 @@ public class HtmlController extends BaseController { ...@@ -134,9 +133,9 @@ public class HtmlController extends BaseController {
return "redirect:/registration.html?error=true"; return "redirect:/registration.html?error=true";
} }
@RequestMapping(value = "forgot-password") @RequestMapping(value = "/forgot-password")
public String forgotPassword() { public String forgotPassword() {
return "/forgot-password"; return "/user/email";
} }
@RequestMapping("/access-denied") @RequestMapping("/access-denied")
......
...@@ -107,7 +107,7 @@ public class UserProfileController extends BaseController { ...@@ -107,7 +107,7 @@ public class UserProfileController extends BaseController {
public String sendEmail(ModelMap model, @PathVariable("uuid") String uuid) { public String sendEmail(ModelMap model, @PathVariable("uuid") String uuid) {
User user = userService.getUserByUuid(uuid); User user = userService.getUserByUuid(uuid);
emailVerificationService.sendVerificationEmail(user); emailVerificationService.sendVerificationEmail(user,true);
return "redirect:/profile/" + user.getUuid(); return "redirect:/profile/" + user.getUuid();
} }
...@@ -119,15 +119,32 @@ public class UserProfileController extends BaseController { ...@@ -119,15 +119,32 @@ public class UserProfileController extends BaseController {
} }
@RequestMapping(value = "/{tokenUuid:.+}/validate", method = RequestMethod.GET) @RequestMapping(value = "/{tokenUuid:.+}/validate", method = RequestMethod.GET)
public String validateEmail(ModelMap model, @PathVariable("tokenUuid") String tokenUuid) { public String validateEmail(ModelMap model,
@PathVariable("tokenUuid") String tokenUuid,
@RequestParam(value = "email",required = false)String email) {
if (email!=null){
User user=userService.getUserByEmail(email);
model.addAttribute("uuid",user.getUuid());
model.addAttribute("isReset",true);
}
model.addAttribute("tokenUuid", tokenUuid); model.addAttribute("tokenUuid", tokenUuid);
return "/user/validateemail"; return "/user/validateemail";
} }
@RequestMapping(value = "/{tokenUuid:.+}/validate", method = RequestMethod.POST) @RequestMapping(value = "/{tokenUuid:.+}/validate", method = RequestMethod.POST)
public String validateEmail2(ModelMap model, @PathVariable("tokenUuid") String tokenUuid, @RequestParam("key") String key) { public String validateEmail2(ModelMap model,
@PathVariable("tokenUuid") String tokenUuid,
@RequestParam(value = "key",required = true) String key,
@RequestParam(value = "uuid",required = false)String uuid,
@RequestParam(value = "isReset",required = false,defaultValue ="0")boolean isReset) {
if (emailVerificationService.validateEMail(tokenUuid, key)) { if (emailVerificationService.validateEMail(tokenUuid, key)) {
// Valid // Valid
if (isReset){
model.addAttribute("uuid",uuid);
return "/user/password";
}
return "redirect:/profile"; return "redirect:/profile";
} else { } else {
...@@ -138,6 +155,27 @@ public class UserProfileController extends BaseController { ...@@ -138,6 +155,27 @@ public class UserProfileController extends BaseController {
} }
} }
@RequestMapping(value = "/password/reset",method = RequestMethod.POST)
public String resetPassword(@RequestParam("email") String email){
User user = userService.getUserByEmail(email);
if(user!=null){
emailVerificationService.sendVerificationEmail(user,false);
}
return "redirect:/profile";
}
@RequestMapping(value = "/{uuid}/password/update",method = RequestMethod.POST)
public String updatePassword(@PathVariable("uuid")String uuid,
@RequestParam("password")String password) throws UserException {
User user=userService.getUserByUuid(uuid);
userService.updatePassword(user.getId(),password);
return "redirect:/profile";
}
@RequestMapping(value = "/{uuid:.+}/update", method = { RequestMethod.POST }) @RequestMapping(value = "/{uuid:.+}/update", method = { RequestMethod.POST })
@PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid") @PreAuthorize("hasRole('ADMINISTRATOR') || principal.user.uuid == #uuid")
public String update(ModelMap model, @PathVariable("uuid") String uuid, @RequestParam("name") String name, @RequestParam("email") String email, public String update(ModelMap model, @PathVariable("uuid") String uuid, @RequestParam("name") String name, @RequestParam("email") String email,
......
...@@ -420,3 +420,7 @@ ga.tracker-code=GA Tracker Code ...@@ -420,3 +420,7 @@ ga.tracker-code=GA Tracker Code
boolean.true=Yes boolean.true=Yes
boolean.false=No boolean.false=No
boolean.null=Unknown boolean.null=Unknown
userprofile.password=Reset password
userprofile.enter.email=Enter your email
userprofile.enter.password=Enter new password
userprofile.email.send=Send email
...@@ -15,4 +15,8 @@ ...@@ -15,4 +15,8 @@
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
validate.email.key=Enter key validate.email.key=Enter key
validate.email=Email validation validate.email=Email validation
validate.email.invalid.key=Invalid key validate.email.invalid.key=Invalid key
\ No newline at end of file userprofile.password=Reset password
userprofile.enter.email=Enter your email
userprofile.enter.password=Enter new password
userprofile.email.send=Send email
\ No newline at end of file
...@@ -243,6 +243,10 @@ activitypost.post-body=بدنه ...@@ -243,6 +243,10 @@ activitypost.post-body=بدنه
validate.email.key=Enter key validate.email.key=Enter key
validate.email=Email validation validate.email=Email validation
validate.email.invalid.key=Invalid key validate.email.invalid.key=Invalid key
userprofile.password=Reset password
userprofile.enter.email=Enter your email
userprofile.enter.password=Enter new password
userprofile.email.send=Send email
# blurp.admin-no-blurp-here=No blurp here. # blurp.admin-no-blurp-here=No blurp here.
# blurp.blurp-title=Blurp title # blurp.blurp-title=Blurp title
......
...@@ -15,4 +15,8 @@ ...@@ -15,4 +15,8 @@
#------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
validate.email.key=Enter key validate.email.key=Enter key
validate.email=Email validation validate.email=Email validation
validate.email.invalid.key=Invalid key validate.email.invalid.key=Invalid key
\ No newline at end of file userprofile.password=Reset password
userprofile.enter.email=Enter your email
userprofile.enter.password=Enter new password
userprofile.email.send=Send email
\ No newline at end of file
{
"en": {
"title": "Reset password",
"body": "<h2><small>Genesys account</small><br/>Reset password</h2><p><a href=\"{0}/profile/{1}/validate?email={2}\">Recovery </a></p><h2>Validation key: {3}</h2><p>If you didn't make this request, <a href=\"{0}/profile/{1}/cancel\">click here to cancel</a>.</p><p>Thanks,<br/ >Genesys team</p>"
}
}
\ No newline at end of file
...@@ -54,6 +54,7 @@ ...@@ -54,6 +54,7 @@
<prop key="hibernate.hbm2ddl.auto">${db.hbm2ddl}</prop> <prop key="hibernate.hbm2ddl.auto">${db.hbm2ddl}</prop>
<prop key="hibernate.search.default.indexBase">${lucene.indexDir}</prop> <prop key="hibernate.search.default.indexBase">${lucene.indexDir}</prop>
<prop key="hibernate.search.default.exclusive_index_use">false</prop> <prop key="hibernate.search.default.exclusive_index_use">false</prop>
<prop key="hibernate.dialect">org.hibernate.dialect.MySQLDialect</prop>
</props> </props>
</property> </property>
<property name="packagesToScan"> <property name="packagesToScan">
......
...@@ -34,11 +34,16 @@ ...@@ -34,11 +34,16 @@
</label> </label>
</div> </div>
</div> </div>
<div class="form-group">
<div class="col-lg-offset-2 col-lg-3">
<a href="/forgot-password" id="forgot-password" >Forgot password</a>
</div>
</div>
<div class="form-group"> <div class="form-group">
<div class="col-lg-offset-2 col-lg-3"> <div class="col-lg-offset-2 col-lg-3">
<input type="submit" value="<spring:message code="login.login-button" />" class="btn btn-primary" /> <input type="submit" value="<spring:message code="login.login-button" />" class="btn btn-primary" />
<a href="registration" id="registration" class="btn btn-default"><spring:message code="login.register-now"/></a> <a href="registration" id="registration" class="btn btn-default"><spring:message code="login.register-now"/></a>
<%--<a href="forgot-password" id="forgot-password" class="btn pull-right">Forgot password</a>--%>
</div> </div>
</div> </div>
</form> </form>
......
<!DOCTYPE html>
<%@include file="/WEB-INF/jsp/init.jsp"%>
<html>
<head>
<title><spring:message code="userprofile.password" /></title>
</head>
<body>
<h1>
<spring:message code="userprofile.password" />
</h1>
<form class="form-horizontal" action="<c:url value="/profile/password/reset"/>" method="post">
<div class="form-group">
<label for="email" class="col-lg-2 control-label"><spring:message code="userprofile.enter.email" /></label>
<div class="col-lg-3"><input type="text" id="email" name="email" class="span3 form-control" /></div>
<div class="col-lg-1">
<input type="submit" value="<spring:message code="userprofile.email.send" />" class="btn btn-primary" />
</div>
</div>
</form>
</body>
</html>
\ No newline at end of file
<!DOCTYPE html>
<%@include file="/WEB-INF/jsp/init.jsp"%>
<html>
<head>
<title><spring:message code="userprofile.password" /></title>
</head>
<body>
<h1>
<spring:message code="userprofile.password" />
</h1>
<form class="form-horizontal" action="<c:url value="/profile/${uuid}/password/update"/>" method="post">
<div class="form-group">
<label for="password" class="col-lg-2 control-label"><spring:message code="userprofile.enter.password" /></label>
<div class="col-lg-3"><input type="password" id="password" name="password" class="span3 form-control" /></div>
<div class="col-lg-1">
<input type="submit" value="<spring:message code="userprofile.password" />" class="btn btn-primary" />
</div>
</div>
</form>
</body>
</html>
\ No newline at end of file
...@@ -38,13 +38,15 @@ ...@@ -38,13 +38,15 @@
</div> </div>
</div> </div>
</security:authorize> </security:authorize>
<security:authorize access="(not hasRole('VALIDATEDUSER') && principal.user.id == #user.id)">
<a href="<c:url value="/profile/${user.uuid}/send"/>" class="btn btn-default"/>Send validation email</a>
</security:authorize>
</div> </div>
<div class="form-group"> <div class="form-group">
<security:authorize access="(not hasRole('VALIDATEDUSER') && principal.user.id == #user.id)">
<a href="<c:url value="/profile/${user.uuid}/send"/>" class="btn btn-default"/>Send validation email</a>
</security:authorize>
<security:authorize access="hasRole('ADMINISTRATOR')"> <security:authorize access="hasRole('ADMINISTRATOR')">
<button class="btn" id="acccount-lock">Lock</button> <button class="btn" id="acccount-lock">Lock</button>
<button class="btn" id="acccount-unlock">Unlock</button> <button class="btn" id="acccount-unlock">Unlock</button>
......
...@@ -12,7 +12,8 @@ ...@@ -12,7 +12,8 @@
</h1> </h1>
<form role="form" class="form-vertical validate" action="<c:url value="/profile/${tokenUuid}/validate" />" method="post"> <form role="form" class="form-vertical validate" action="<c:url value="/profile/${tokenUuid}/validate" />" method="post">
<input type="hidden" value="${isReset}" name="isReset">
<input type="hidden" value="${uuid}" name="uuid">
<div class="col-lg-3"> <div class="col-lg-3">
<input type="text" id="key" name="key" class="span1 form-control" maxlength="4"/> <input type="text" id="key" name="key" class="span1 form-control" maxlength="4"/>
</div> </div>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment