@Override
public void init(ServletConfig config) throws ServletException {
super.init(config);
try {
frameworkUserManager = FrameworkConfiguration.getInstance().getFrameworkUserManager();
} catch (FileNotFoundException e) {
throw new ServletException(e);
} catch (Exception e) {
throw new ServletException(e);
}
}
/**
* Jobs constructor, to initialize the api with the configuration information.
*
* @param context
* @throws ServletException
*/
public Jobs(@Context ServletContext context) throws ServletException {
try {
log.debug("init servlet");
FrameworkConfiguration frameworkConfig = FrameworkConfiguration.getInstance();
frameworkUserManager = frameworkConfig.getFrameworkUserManager();
jmanager = JobsManager.getInstance();
} catch (Exception e) {
log.error(e);
e.printStackTrace();
throw new WebApplicationException(e);
}
}
@Override
protected void doGet(HttpServletRequest request, HttpServletResponse response)
throws ServletException, IOException {
String mode = request.getParameter("mode");
PrintWriter out = response.getWriter();
if ("login".equals(mode)) {
String username = request.getParameter("username");
String password = request.getParameter("password");
// check username and password
boolean correctCredentials = false;
try {
if (username != null && !username.isEmpty())
correctCredentials = frameworkUserManager.checkPassword(username, password);
} catch (Exception e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
return;
}
if (!correctCredentials) {
response.sendError(HttpServletResponse.SC_OK);
return;
}
// save user's password in password store
PasswordStore.put(username, password);
// create and save session token
String token = UUID.randomUUID().toString();
try {
frameworkUserManager.saveSessionToken(username, token);
} catch (Exception e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
return;
}
// get user profile
UserProfile userProfile;
try {
userProfile = frameworkUserManager.getUserProfile(username);
// send request with session token and user profile
ObjectMapper objectMapper = new ObjectMapper();
String responseStr = objectMapper.writeValueAsString(userProfile);
response.addCookie(new Cookie("token", token));
response.addCookie(new Cookie("user", URLEncoder.encode(responseStr, "utf-8")));
response.setHeader("content-type", "application/json");
out.print(responseStr);
} catch (Exception e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
return;
}
} else if ("logout".equals(mode)) {
String username = request.getParameter("username");
// remove user session tokens
try {
if (username != null && !username.isEmpty())
frameworkUserManager.removeAllSessionTokens(username);
// remove session token from cookies
Cookie tokenCookie = new Cookie("token", "");
Cookie userCookie = new Cookie("user", "");
tokenCookie.setMaxAge(0);
userCookie.setMaxAge(0);
} catch (Exception e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
}
} else if ("create".equals(mode)) {
String username = request.getParameter("username");
String emailTo = request.getParameter("email");
// check if user already exists
boolean userExists = false;
try {
userExists = frameworkUserManager.checkUserExists(username, emailTo);
} catch (Exception e) {
e.printStackTrace();
}
if (userExists) {
response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
response.setHeader("content-type", "application/json");
out.print("{\"code\" : \"1\", \"message\" : \"User already exists\"}");
return;
}
// create user
String password = new RandomStringGenerator().generateBasic(6);
try {
frameworkUserManager.createUser(username, password, emailTo);
EmailSender emailSender = FrameworkConfiguration.getInstance().getDefaultEmailSender();
emailSender.send(
emailTo, "GeoKnow registration", "Your login: "******", password: "******"{\"message\" : \"Your password will be sent to your e-mail address "
+ emailTo
+ " \"}";
response.getWriter().print(responseStr);
} catch (MessagingException e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
} catch (Exception e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
}
} else if ("changePassword".equals(mode)) {
String username = request.getParameter("username");
String oldPassword = request.getParameter("oldPassword");
String newPassword = request.getParameter("newPassword");
// check token
String token = HttpUtils.getCookieValue(request, "token");
boolean valid;
try {
valid = frameworkUserManager.checkToken(username, token);
if (!valid) {
response.sendError(
HttpServletResponse.SC_UNAUTHORIZED,
"invalid token " + token + " for user " + username);
} else {
// check old password
boolean isCorrect = frameworkUserManager.checkPassword(username, oldPassword);
if (!isCorrect) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
out.print("{\"code\" : \"2\", \"message\" : \"Incorrect old password\"}");
return;
}
// change password
frameworkUserManager.changePassword(username, oldPassword, newPassword);
// send new password to user
UserProfile userProfile = frameworkUserManager.getUserProfile(username);
if (userProfile == null) {
response.sendError(
HttpServletResponse.SC_NOT_FOUND, "User profile " + username + " not found");
return;
}
FrameworkConfiguration frameworkConfiguration = FrameworkConfiguration.getInstance();
EmailSender emailSender = frameworkConfiguration.getDefaultEmailSender();
emailSender.send(
userProfile.getEmail(),
"GeoKnow change password",
"Your password was changed. Your login: "******", new password: "******"{\"message\" : \"Your password was changed\"}";
response.getWriter().print(responseStr);
}
} catch (Exception e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
}
} else if ("restorePassword".equals(mode)) {
String username = request.getParameter("username");
// get user profile
UserProfile userProfile;
try {
userProfile = frameworkUserManager.getUserProfile(username);
if (userProfile == null) {
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
out.print("{\"code\" : \"3\", \"message\" : \"User doesn't exists\"}");
return;
}
// change password
String password = new RandomStringGenerator().generateBasic(6);
frameworkUserManager.setPassword(username, password);
// send new password to user
FrameworkConfiguration frameworkConfiguration = FrameworkConfiguration.getInstance();
EmailSender emailSender = frameworkConfiguration.getDefaultEmailSender();
emailSender.send(
userProfile.getEmail(),
"GeoKnow registration",
"Your login: "******", password: "******"{\"message\" : \"Your password will be sent to your e-mail address "
+ userProfile.getEmail()
+ " \"}";
response.getWriter().print(responseStr);
} catch (MessagingException e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
} catch (Exception e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
}
} else if ("getUsers".equals(mode)) {
Collection<UserProfile> profiles;
try {
profiles = frameworkUserManager.getAllUsersProfiles();
} catch (Exception e) {
e.printStackTrace();
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage());
return;
}
Collection<String> accounts = new ArrayList<String>();
for (UserProfile p : profiles) accounts.add(p.getAccountURI());
String responseStr = new ObjectMapper().writeValueAsString(accounts);
response.getWriter().print(responseStr);
} else {
// throw new ServletException("Unexpected mode: " + mode);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Unexpected mode: " + mode);
}
}