/**
* Interface: PUT /yes-api/rest/auth/login
*
* <p>
*
* <p>Login interface that allows to authenticate user cart. The token for the authenticated cart
* is returned back as response header and also as a cookie.
*
* <p>
*
* <p>
*
* <h3>Headers for operation</h3>
*
* <p>
*
* <table border="1">
* <tr><td>Content-Type</td><td>application/json or application/xml</td></tr>
* <tr><td>Accept</td><td>application/json or application/xml</td></tr>
* <tr><td>yc</td><td>token uuid (optional)</td></tr>
* </table>
*
* <p>
*
* <p>
*
* <h3>Parameters for login PUT operation</h3>
*
* <p>
*
* <table border="1">
* <tr><td>JSON example</td><td>
* <pre><code>
* {
* "username": "******",
* "password": "******",
* "activate": true
* }
* </code></pre>
* </td></tr>
* <tr><td>XML example</td><td>
* <pre><code>
* <login>
* <username>[email protected]</username>
* <password>bBuyM-6-</password>
* <activate>true</activate>
* </login>
* </code></pre>
* </td></tr>
* </table>
*
* <p>
*
* <p>
*
* <h3>Output</h3>
*
* <p>
*
* <table border="1">
* <tr><td>JSON example</td><td>
* <pre><code>
* {
* "success" : true,
* "greeting" : "Bob Doe",
* "token" : {
* "uuid" : "1db8def2-21e0-44d2-aeb0-56baae761129"
* },
* "error" : null
* }
* </code></pre>
* </td></tr>
* <tr><td>XML example</td><td>
* <pre><code>
* <authentication-result>
* <greeting>Bob Doe</greeting>
* <success>true</success>
* <token>
* <uuid>1db8def2-21e0-44d2-aeb0-56baae761129</uuid>
* </token>
* </authentication-result>
* </code></pre>
* </td></tr>
* </table>
*
* <p>
*
* <p>
*
* <h3>Error codes</h3>
*
* <p>
*
* <table border="1">
* <tr><td>USER_FAILED</td><td>user does not exist</td></tr>
* <tr><td>AUTH_FAILED</td><td>user exists but credentials are not valid</td></tr>
* <tr><td>INACTIVE_FOR_SHOP</td><td>user exists but profile is active for given shop, use activate=true to force activation on login</td></tr>
* </table>
*
* @param loginRO login parameters (see examples above)
* @param request request
* @param response response
* @return authentication result
*/
@RequestMapping(
value = "/login",
method = RequestMethod.PUT,
produces = {MediaType.APPLICATION_JSON_VALUE, MediaType.APPLICATION_XML_VALUE})
public @ResponseBody AuthenticationResultRO login(
final @RequestBody LoginRO loginRO,
final HttpServletRequest request,
final HttpServletResponse response) {
final Customer customer = customerServiceFacade.getCustomerByEmail(loginRO.getUsername());
if (customer != null) {
do {
executeLoginCommand(loginRO.getUsername(), loginRO.getPassword());
final TokenRO token = cartMixin.persistShoppingCart(request, response);
ShoppingCart cart = cartMixin.getCurrentCart();
final int logOnState = cart.getLogonState();
if (logOnState == ShoppingCart.LOGGED_IN) {
return new AuthenticationResultRO(cart.getCustomerName(), token);
} else if (logOnState == ShoppingCart.INACTIVE_FOR_SHOP) {
if (loginRO.isActivate()) {
// Login again with inactive state adds customer to shop
continue;
}
return new AuthenticationResultRO("INACTIVE_FOR_SHOP");
} else {
// any other state should break to AUTH_FAILED
break;
}
} while (true);
return new AuthenticationResultRO("AUTH_FAILED");
}
return new AuthenticationResultRO("USER_FAILED");
}
/**
* Interface: PUT /yes-api/rest/auth/register
*
* <p>
*
* <p>Register interface that allows to register user. The token for the authenticated cart is
* returned back as response header and also as a cookie.
*
* <p>
*
* <p>
*
* <h3>Headers for operation</h3>
*
* <p>
*
* <table border="1">
* <tr><td>Content-Type</td><td>application/json or application/xml</td></tr>
* <tr><td>Accept</td><td>application/json or application/xml</td></tr>
* <tr><td>yc</td><td>token uuid (optional)</td></tr>
* </table>
*
* <p>
*
* <p>
*
* <h3>Parameters for register PUT operation</h3>
*
* <p>
*
* <p>
*
* <p>
*
* <table border="1">
* <tr><td>JSON example:</td><td>
* <pre><code>
* {
* "email" : "*****@*****.**",
* "firstname" : "Bob",
* "lastname" : "Doe",
* "phone" : "123123123123",
* "custom" : {
* "attr1": "value1",
* "attr2": "value2",
* ...
* "attrN": "valueN"
* }
* }
* </code></pre>
* </td></tr>
* <tr><td>XML example:</td><td>
* <pre><code>
* <login>
* <email>[email protected]</email>
* <firstname>Bob</firstname>
* <lastname>Doe</lastname>
* <phone>123123123123</phone>
* <custom>
* <entry key="attr1">value1</entry>
* <entry key="attr2">value2</entry>
* ...
* <entry key="attrN">valueN</entry>
* </custom>
* </login>
* </code></pre>
* </td></tr>
* </table>
*
* <p>
*
* <p>
*
* <h3>Output</h3>
*
* <p>
*
* <table border="1">
* <tr><td>JSON example</td><td>
* <pre><code>
* {
* "success" : true,
* "greeting" : "Bob Doe",
* "token" : {
* "uuid" : "1db8def2-21e0-44d2-aeb0-56baae761129"
* },
* "error" : null
* }
* </code></pre>
* </td></tr>
* <tr><td>XML example</td><td>
* <pre><code>
* <authentication-result>
* <greeting>Bob Doe</greeting>
* <success>true</success>
* <token>
* <uuid>1db8def2-21e0-44d2-aeb0-56baae761129</uuid>
* </token>
* </authentication-result>
* </code></pre>
* </td></tr>
* </table>
*
* <p>
*
* <p>
*
* <h3>Error codes</h3>
*
* <p>
*
* <table border="1">
* <tr><td>EMAIL_FAILED</td><td>email must be more than 6 and less than 256 chars (^[_A-Za-z0-9-]+(\.[_A-Za-z0-9-]+)*@[A-Za-z0-9-]+(\.[A-Za-z0-9-]+)*((\.[A-Za-z]{2,}){1}$)) </td></tr>
* <tr><td>FIRSTNAME_FAILED</td><td>must be not blank</td></tr>
* <tr><td>LASTNAME_FAILED</td><td>must be not blank</td></tr>
* <tr><td>PHONE_FAILED</td><td>phone must be more than 4 and less than 13 chars</td></tr>
* <tr><td>[ATTRIBUTE CODE]:FAILED</td><td>
* E.g. CUSTOMERTYPE_FAILED denoting that mandatory value was missing (could also happen if regex fails but there is no
* validation message specified on the {@link org.yes.cart.domain.entity.Attribute#getValidationFailedMessage()})
* </td></tr>
* <tr><td>[ATTRIBUTE CODE]:FAILED:[Message]</td><td>
* E.g. "CUSTOMERTYPE:FAILED:Please choose either Buyer or Seller (UK)" denoting that regex test failed.
* RegEx and Message come from {@link org.yes.cart.domain.entity.Attribute#getRegexp()} and
* {@link org.yes.cart.domain.entity.Attribute#getValidationFailedMessage()} respectively
* </td></tr>
* <tr><td>USER_FAILED</td><td>email must not be already registered</td></tr>
* </table>
*
* @param registerRO register parameters (see examples above)
* @param request request
* @param response response
* @return authentication result
*/
@RequestMapping(
value = "/register",
method = RequestMethod.PUT,
produces = {MediaType.APPLICATION_JSON_VALUE, MediaType.APPLICATION_XML_VALUE},
consumes = {MediaType.APPLICATION_JSON_VALUE, MediaType.APPLICATION_XML_VALUE})
public @ResponseBody AuthenticationResultRO register(
final @RequestBody RegisterRO registerRO,
final HttpServletRequest request,
final HttpServletResponse response) {
if (StringUtils.isBlank(registerRO.getEmail())
|| registerRO.getEmail().length() < 6
|| registerRO.getEmail().length() > 256
|| !EMAIL.matcher(registerRO.getEmail()).matches()) {
return new AuthenticationResultRO("EMAIL_FAILED");
}
if (StringUtils.isBlank(registerRO.getFirstname())) {
return new AuthenticationResultRO("FIRSTNAME_FAILED");
}
if (StringUtils.isBlank(registerRO.getLastname())) {
return new AuthenticationResultRO("LASTNAME_FAILED");
}
if (StringUtils.isBlank(registerRO.getPhone())
|| registerRO.getPhone().length() < 4
|| registerRO.getPhone().length() > 13) {
return new AuthenticationResultRO("PHONE_FAILED");
}
if (customerServiceFacade.isCustomerRegistered(registerRO.getEmail())) {
return new AuthenticationResultRO("USER_FAILED");
}
final ShoppingCart cart = cartMixin.getCurrentCart();
final Shop shop = cartMixin.getCurrentShop();
final Map<String, Object> data = new HashMap<String, Object>();
if (registerRO.getCustom() != null) {
for (final AttrValueCustomer av : customerServiceFacade.getShopRegistrationAttributes(shop)) {
final Attribute attr = av.getAttribute();
final String value = registerRO.getCustom().get(attr.getCode());
if (attr.isMandatory() && StringUtils.isBlank(value)) {
return new AuthenticationResultRO(attr.getCode() + ":FAILED");
} else if (StringUtils.isNotBlank(attr.getRegexp())
&& !Pattern.compile(attr.getRegexp()).matcher(value).matches()) {
final String regexError =
new FailoverStringI18NModel(attr.getValidationFailedMessage(), null)
.getValue(cart.getCurrentLocale());
if (StringUtils.isBlank(regexError)) {
return new AuthenticationResultRO(attr.getCode() + ":FAILED");
}
return new AuthenticationResultRO(attr.getCode() + ":FAILED:" + regexError);
} else {
data.put(attr.getCode(), value);
}
}
}
data.put("firstname", registerRO.getFirstname());
data.put("lastname", registerRO.getLastname());
data.put("phone", registerRO.getPhone());
final String password =
customerServiceFacade.registerCustomer(shop, registerRO.getEmail(), data);
final LoginRO loginRO = new LoginRO();
loginRO.setUsername(registerRO.getEmail());
loginRO.setPassword(password);
return login(loginRO, request, response);
}
