public void updateUser(String username, AppUser userShell) { AppUser userEntity = getUserByUsername(username); String oldEmailAddress = userEntity.getEmailAddress(); String oldPassword = userEntity.getPassword(); copyProperties(userShell, userEntity); String newEmailAddress = userEntity.getEmailAddress(); String newPassword = userEntity.getPassword(); if (changed(oldPassword, newPassword)) { validatePassword(newPassword); hashPassword(userEntity); } validateEntity(userEntity); if (changed(oldEmailAddress, newEmailAddress)) { checkEmailAddressIsNotRegistered(newEmailAddress); updateCurrentPrincipal(userEntity, newEmailAddress); } userDao.merge(userEntity); }
private void copyProperties(AppUser userShell, AppUser userEntity) { userEntity.setFirstName(userShell.getFirstName()); userEntity.setLastName(userShell.getLastName()); userEntity.setEmailAddress(userShell.getEmailAddress()); if (passwordChanged(userShell)) { userEntity.setPassword(userShell.getPassword()); } }
public void createUser(AppUser user) { checkEmailAddressIsNotRegistered(user.getEmailAddress()); validatePassword(user.getPassword()); hashPassword(user); setUserProperties(user); validateEntity(user); userDao.persist(user); validationEmailSender.send(user); }
private void updateCurrentPrincipal(AppUser user, String newEmailAddress) { Authentication originalAuth = SecurityContextHolder.getContext().getAuthentication(); UserDetails originalUserDetails = (UserDetails) originalAuth.getPrincipal(); UserDetails newUserDetails = new User(newEmailAddress, user.getPassword(), originalUserDetails.getAuthorities()); Authentication newAuth = new UsernamePasswordAuthenticationToken( newUserDetails, newUserDetails.getPassword(), newUserDetails.getAuthorities()); SecurityContextHolder.getContext().setAuthentication(newAuth); }
private void hashPassword(AppUser user) { String encryptedPassword = getPasswordEncoder().encode(user.getPassword()); user.setPassword(encryptedPassword); }
private boolean passwordChanged(AppUser userShell) { return userShell.getPassword() != null && !userShell.getPassword().trim().isEmpty(); }