/** * Jobs constructor, to initialize the api with the configuration information. * * @param context * @throws ServletException */ public Jobs(@Context ServletContext context) throws ServletException { try { log.debug("init servlet"); FrameworkConfiguration frameworkConfig = FrameworkConfiguration.getInstance(); frameworkUserManager = frameworkConfig.getFrameworkUserManager(); jmanager = JobsManager.getInstance(); } catch (Exception e) { log.error(e); e.printStackTrace(); throw new WebApplicationException(e); } }
@Override public void init(ServletConfig config) throws ServletException { super.init(config); try { frameworkUserManager = FrameworkConfiguration.getInstance().getFrameworkUserManager(); } catch (FileNotFoundException e) { throw new ServletException(e); } catch (Exception e) { throw new ServletException(e); } }
@Override protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException { String mode = request.getParameter("mode"); PrintWriter out = response.getWriter(); if ("login".equals(mode)) { String username = request.getParameter("username"); String password = request.getParameter("password"); // check username and password boolean correctCredentials = false; try { if (username != null && !username.isEmpty()) correctCredentials = frameworkUserManager.checkPassword(username, password); } catch (Exception e) { e.printStackTrace(); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); return; } if (!correctCredentials) { response.sendError(HttpServletResponse.SC_OK); return; } // save user's password in password store PasswordStore.put(username, password); // create and save session token String token = UUID.randomUUID().toString(); try { frameworkUserManager.saveSessionToken(username, token); } catch (Exception e) { e.printStackTrace(); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); return; } // get user profile UserProfile userProfile; try { userProfile = frameworkUserManager.getUserProfile(username); // send request with session token and user profile ObjectMapper objectMapper = new ObjectMapper(); String responseStr = objectMapper.writeValueAsString(userProfile); response.addCookie(new Cookie("token", token)); response.addCookie(new Cookie("user", URLEncoder.encode(responseStr, "utf-8"))); response.setHeader("content-type", "application/json"); out.print(responseStr); } catch (Exception e) { e.printStackTrace(); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); return; } } else if ("logout".equals(mode)) { String username = request.getParameter("username"); // remove user session tokens try { if (username != null && !username.isEmpty()) frameworkUserManager.removeAllSessionTokens(username); // remove session token from cookies Cookie tokenCookie = new Cookie("token", ""); Cookie userCookie = new Cookie("user", ""); tokenCookie.setMaxAge(0); userCookie.setMaxAge(0); } catch (Exception e) { e.printStackTrace(); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); } } else if ("create".equals(mode)) { String username = request.getParameter("username"); String emailTo = request.getParameter("email"); // check if user already exists boolean userExists = false; try { userExists = frameworkUserManager.checkUserExists(username, emailTo); } catch (Exception e) { e.printStackTrace(); } if (userExists) { response.setStatus(HttpServletResponse.SC_INTERNAL_SERVER_ERROR); response.setHeader("content-type", "application/json"); out.print("{\"code\" : \"1\", \"message\" : \"User already exists\"}"); return; } // create user String password = new RandomStringGenerator().generateBasic(6); try { frameworkUserManager.createUser(username, password, emailTo); EmailSender emailSender = FrameworkConfiguration.getInstance().getDefaultEmailSender(); emailSender.send( emailTo, "GeoKnow registration", "Your login: "******", password: "******"{\"message\" : \"Your password will be sent to your e-mail address " + emailTo + " \"}"; response.getWriter().print(responseStr); } catch (MessagingException e) { e.printStackTrace(); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); } catch (Exception e) { e.printStackTrace(); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); } } else if ("changePassword".equals(mode)) { String username = request.getParameter("username"); String oldPassword = request.getParameter("oldPassword"); String newPassword = request.getParameter("newPassword"); // check token String token = HttpUtils.getCookieValue(request, "token"); boolean valid; try { valid = frameworkUserManager.checkToken(username, token); if (!valid) { response.sendError( HttpServletResponse.SC_UNAUTHORIZED, "invalid token " + token + " for user " + username); } else { // check old password boolean isCorrect = frameworkUserManager.checkPassword(username, oldPassword); if (!isCorrect) { response.setStatus(HttpServletResponse.SC_FORBIDDEN); out.print("{\"code\" : \"2\", \"message\" : \"Incorrect old password\"}"); return; } // change password frameworkUserManager.changePassword(username, oldPassword, newPassword); // send new password to user UserProfile userProfile = frameworkUserManager.getUserProfile(username); if (userProfile == null) { response.sendError( HttpServletResponse.SC_NOT_FOUND, "User profile " + username + " not found"); return; } FrameworkConfiguration frameworkConfiguration = FrameworkConfiguration.getInstance(); EmailSender emailSender = frameworkConfiguration.getDefaultEmailSender(); emailSender.send( userProfile.getEmail(), "GeoKnow change password", "Your password was changed. Your login: "******", new password: "******"{\"message\" : \"Your password was changed\"}"; response.getWriter().print(responseStr); } } catch (Exception e) { e.printStackTrace(); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); } } else if ("restorePassword".equals(mode)) { String username = request.getParameter("username"); // get user profile UserProfile userProfile; try { userProfile = frameworkUserManager.getUserProfile(username); if (userProfile == null) { response.setStatus(HttpServletResponse.SC_NOT_FOUND); out.print("{\"code\" : \"3\", \"message\" : \"User doesn't exists\"}"); return; } // change password String password = new RandomStringGenerator().generateBasic(6); frameworkUserManager.setPassword(username, password); // send new password to user FrameworkConfiguration frameworkConfiguration = FrameworkConfiguration.getInstance(); EmailSender emailSender = frameworkConfiguration.getDefaultEmailSender(); emailSender.send( userProfile.getEmail(), "GeoKnow registration", "Your login: "******", password: "******"{\"message\" : \"Your password will be sent to your e-mail address " + userProfile.getEmail() + " \"}"; response.getWriter().print(responseStr); } catch (MessagingException e) { e.printStackTrace(); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); } catch (Exception e) { e.printStackTrace(); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); } } else if ("getUsers".equals(mode)) { Collection<UserProfile> profiles; try { profiles = frameworkUserManager.getAllUsersProfiles(); } catch (Exception e) { e.printStackTrace(); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, e.getMessage()); return; } Collection<String> accounts = new ArrayList<String>(); for (UserProfile p : profiles) accounts.add(p.getAccountURI()); String responseStr = new ObjectMapper().writeValueAsString(accounts); response.getWriter().print(responseStr); } else { // throw new ServletException("Unexpected mode: " + mode); response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR, "Unexpected mode: " + mode); } }