/** POST /account -> update the current user information. */ @RequestMapping( value = "/account", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) @Timed public ResponseEntity<String> saveAccount(@RequestBody UserDTO userDTO) { Optional<User> existingUser = userRepository.findOneByEmail(userDTO.getEmail()); if (existingUser.isPresent() && (!existingUser.get().getLogin().equalsIgnoreCase(userDTO.getLogin()))) { return ResponseEntity.badRequest() .headers( HeaderUtil.createFailureAlert( "user-management", "emailexists", "Email already in use")) .body(null); } return userRepository .findOneByLogin(SecurityUtils.getCurrentUser().getUsername()) .map( u -> { userService.updateUserInformation( userDTO.getFirstName(), userDTO.getLastName(), userDTO.getEmail(), userDTO.getLangKey()); return new ResponseEntity<String>(HttpStatus.OK); }) .orElseGet(() -> new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR)); }
public void deleteUserInformation(String login) { userRepository .findOneByLogin(login) .ifPresent( u -> { userRepository.delete(u); log.debug("Deleted User: {}", u); }); }
/** * Not activated users should be automatically deleted after 3 days. * * <p> * * <p>This is scheduled to get fired everyday, at 01:00 (am). */ @Scheduled(cron = "0 0 1 * * ?") public void removeNotActivatedUsers() { DateTime now = new DateTime(); List<User> users = userRepository.findAllByActivatedIsFalseAndCreatedDateBefore(now.minusDays(3)); for (User user : users) { log.debug("Deleting not activated user {}", user.getLogin()); userRepository.delete(user); } }
public void changePassword(String password) { userRepository .findOneByLogin(SecurityUtils.getCurrentUserLogin()) .ifPresent( u -> { String encryptedPassword = passwordEncoder.encode(password); u.setPassword(encryptedPassword); userRepository.save(u); log.debug("Changed password for User: {}", u); }); }
public Optional<User> requestPasswordReset(String mail) { return userRepository .findOneByEmail(mail) .filter(user -> user.getActivated()) .map( user -> { user.setResetKey(RandomUtil.generateResetKey()); user.setResetDate(ZonedDateTime.now()); userRepository.save(user); return user; }); }
public void updateUserInformation( String firstName, String lastName, String email, String langKey) { userRepository .findOneByLogin(SecurityUtils.getCurrentLogin()) .ifPresent( u -> { u.setFirstName(firstName); u.setLastName(lastName); u.setEmail(email); u.setLangKey(langKey); userRepository.save(u); log.debug("Changed Information for User: {}", u); }); }
public Optional<User> activateRegistration(String key) { log.debug("Activating user for activation key {}", key); userRepository .findOneByActivationKey(key) .map( user -> { // activate given user for the registration key. user.setActivated(true); user.setActivationKey(null); userRepository.save(user); log.debug("Activated user: {}", user); return user; }); return Optional.empty(); }
@Test @Transactional public void testRegisterAdminIsIgnored() throws Exception { UserDTO u = new UserDTO( "badguy", // login "password", // password "Bad", // firstName "Guy", // lastName "*****@*****.**", // e-mail true, // activated "en", // langKey new HashSet<>( Arrays.asList( AuthoritiesConstants.ADMIN)) // <-- only admin should be able to do that ); restMvc .perform( post("/api/register") .contentType(TestUtil.APPLICATION_JSON_UTF8) .content(TestUtil.convertObjectToJsonBytes(u))) .andExpect(status().isCreated()); Optional<User> userDup = userRepository.findOneByLogin("badguy"); assertThat(userDup.isPresent()).isTrue(); assertThat(userDup.get().getAuthorities()) .hasSize(1) .containsExactly(authorityRepository.findOne(AuthoritiesConstants.USER)); }
public User createUser(ManagedUserDTO managedUserDTO) { User user = new User(); user.setLogin(managedUserDTO.getLogin()); user.setFirstName(managedUserDTO.getFirstName()); user.setLastName(managedUserDTO.getLastName()); user.setEmail(managedUserDTO.getEmail()); if (managedUserDTO.getLangKey() == null) { user.setLangKey("en"); // default language is English } else { user.setLangKey(managedUserDTO.getLangKey()); } Set<Authority> authorities = new HashSet<>(); managedUserDTO .getAuthorities() .stream() .forEach(authority -> authorities.add(authorityRepository.findOne(authority))); user.setAuthorities(authorities); String encryptedPassword = passwordEncoder.encode(RandomUtil.generatePassword()); user.setPassword(encryptedPassword); user.setResetKey(RandomUtil.generateResetKey()); user.setResetDate(ZonedDateTime.now()); user.setActivated(true); userRepository.save(user); log.debug("Created Information for User: {}", user); return user; }
@Override protected void onLoginSuccess( HttpServletRequest request, HttpServletResponse response, Authentication successfulAuthentication) { String login = successfulAuthentication.getName(); log.debug("Creating new persistent login for user {}", login); PersistentToken token = userRepository .findOneByLogin(login) .map( u -> { PersistentToken t = new PersistentToken(); t.setSeries(generateSeriesData()); t.setUser(u); t.setTokenValue(generateTokenData()); t.setTokenDate(LocalDate.now()); t.setIpAddress(request.getRemoteAddr()); t.setUserAgent(request.getHeader("User-Agent")); return t; }) .orElseThrow( () -> new UsernameNotFoundException( "User " + login + " was not found in the database")); try { persistentTokenRepository.saveAndFlush(token); addCookie(token, request, response); } catch (DataAccessException e) { log.error("Failed to save persistent token ", e); } }
public User createUserInformation( String login, String password, String firstName, String lastName, String email, String langKey) { User newUser = new User(); Authority authority = authorityRepository.findOne("ROLE_USER"); Set<Authority> authorities = new HashSet<>(); String encryptedPassword = passwordEncoder.encode(password); newUser.setLogin(login); // new user gets initially a generated password newUser.setPassword(encryptedPassword); newUser.setFirstName(firstName); newUser.setLastName(lastName); newUser.setEmail(email); newUser.setLangKey(langKey); // new user is not active newUser.setActivated(false); // new user gets registration key newUser.setActivationKey(RandomUtil.generateActivationKey()); authorities.add(authority); newUser.setAuthorities(authorities); userRepository.save(newUser); userSearchRepository.save(newUser); log.debug("Created Information for User: {}", newUser); return newUser; }
/** POST /register -> register the user. */ @RequestMapping( value = "/register", method = RequestMethod.POST, produces = MediaType.TEXT_PLAIN_VALUE) @Timed public ResponseEntity<?> registerAccount( @Valid @RequestBody UserDTO userDTO, HttpServletRequest request) { return userRepository .findOneByLogin(userDTO.getLogin()) .map(user -> new ResponseEntity<>("login already in use", HttpStatus.BAD_REQUEST)) .orElseGet( () -> userRepository .findOneByEmail(userDTO.getEmail()) .map( user -> new ResponseEntity<>( "e-mail address already in use", HttpStatus.BAD_REQUEST)) .orElseGet( () -> { User user = userService.createUserInformation( userDTO.getLogin(), userDTO.getPassword(), userDTO.getFirstName(), userDTO.getLastName(), userDTO.getEmail().toLowerCase(), userDTO.getLangKey()); String baseUrl = request.getScheme() + // "http" "://" + // "://" request.getServerName() + // "myhost" ":" + // ":" request.getServerPort() + // "80" request .getContextPath(); // "/myContextPath" or "" if deployed in // root context mailService.sendActivationEmail(user, baseUrl); return new ResponseEntity<>(HttpStatus.CREATED); })); }
public Optional<User> getUserWithAuthoritiesByLogin(String login) { return userRepository .findOneByLogin(login) .map( u -> { u.getAuthorities().size(); return u; }); }
public Optional<User> completePasswordReset(String newPassword, String key) { log.debug("Reset user password for reset key {}", key); return userRepository .findOneByResetKey(key) .filter( user -> { ZonedDateTime oneDayAgo = ZonedDateTime.now().minusHours(24); return user.getResetDate().isAfter(oneDayAgo); }) .map( user -> { user.setPassword(passwordEncoder.encode(newPassword)); user.setResetKey(null); user.setResetDate(null); userRepository.save(user); return user; }); }
/** GET /account/sessions -> get the current open sessions. */ @RequestMapping( value = "/account/sessions", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE) @Timed public ResponseEntity<List<PersistentToken>> getCurrentSessions() { return userRepository .findOneByLogin(SecurityUtils.getCurrentLogin()) .map( user -> new ResponseEntity<>(persistentTokenRepository.findByUser(user), HttpStatus.OK)) .orElse(new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR)); }
@Test @Transactional public void testRegisterDuplicateEmail() throws Exception { // Good UserDTO u = new UserDTO( "john", // login "password", // password "John", // firstName "Doe", // lastName "*****@*****.**", // e-mail true, // activated "en", // langKey new HashSet<>(Arrays.asList(AuthoritiesConstants.USER))); // Duplicate e-mail, different login UserDTO dup = new UserDTO( "johnjr", u.getPassword(), u.getLogin(), u.getLastName(), u.getEmail(), true, u.getLangKey(), u.getAuthorities()); // Good user restMvc .perform( post("/api/register") .contentType(TestUtil.APPLICATION_JSON_UTF8) .content(TestUtil.convertObjectToJsonBytes(u))) .andExpect(status().isCreated()); // Duplicate e-mail restMvc .perform( post("/api/register") .contentType(TestUtil.APPLICATION_JSON_UTF8) .content(TestUtil.convertObjectToJsonBytes(dup))) .andExpect(status().is4xxClientError()); Optional<User> userDup = userRepository.findOneByLogin("johnjr"); assertThat(userDup.isPresent()).isFalse(); }
/** * DELETE /account/sessions?series={series} -> invalidate an existing session. * * <p>- You can only delete your own sessions, not any other user's session - If you delete one of * your existing sessions, and that you are currently logged in on that session, you will still be * able to use that session, until you quit your browser: it does not work in real time (there is * no API for that), it only removes the "remember me" cookie - This is also true if you * invalidate your current session: you will still be able to use it until you close your browser * or that the session times out. But automatic login (the "remember me" cookie) will not work * anymore. There is an API to invalidate the current session, but there is no API to check which * session uses which cookie. */ @RequestMapping(value = "/account/sessions/{series}", method = RequestMethod.DELETE) @Timed public void invalidateSession(@PathVariable String series) throws UnsupportedEncodingException { String decodedSeries = URLDecoder.decode(series, "UTF-8"); userRepository .findOneByLogin(SecurityUtils.getCurrentLogin()) .ifPresent( u -> { persistentTokenRepository .findByUser(u) .stream() .filter( persistentToken -> StringUtils.equals(persistentToken.getSeries(), decodedSeries)) .findAny() .ifPresent(t -> persistentTokenRepository.delete(decodedSeries)); }); }
/** POST /account -> update the current user information. */ @RequestMapping( value = "/account", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE) @Timed public ResponseEntity<String> saveAccount(@RequestBody UserDTO userDTO) { return userRepository .findOneByLogin(userDTO.getLogin()) .filter(u -> u.getLogin().equals(SecurityUtils.getCurrentLogin())) .map( u -> { userService.updateUserInformation( userDTO.getFirstName(), userDTO.getLastName(), userDTO.getEmail(), userDTO.getLangKey()); return new ResponseEntity<String>(HttpStatus.OK); }) .orElseGet(() -> new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR)); }
@Test @Transactional public void testRegisterValid() throws Exception { UserDTO u = new UserDTO( "joe", // login "password", // password "Joe", // firstName "Shmoe", // lastName "*****@*****.**", // e-mail true, // activated "en", // langKey new HashSet<>(Arrays.asList(AuthoritiesConstants.USER))); restMvc .perform( post("/api/register") .contentType(TestUtil.APPLICATION_JSON_UTF8) .content(TestUtil.convertObjectToJsonBytes(u))) .andExpect(status().isCreated()); Optional<User> user = userRepository.findOneByLogin("joe"); assertThat(user.isPresent()).isTrue(); }
@Test @Transactional public void testRegisterInvalidEmail() throws Exception { UserDTO u = new UserDTO( "bob", // login "password", // password "Bob", // firstName "Green", // lastName "invalid", // e-mail <-- invalid true, // activated "en", // langKey new HashSet<>(Arrays.asList(AuthoritiesConstants.USER))); restUserMockMvc .perform( post("/api/register") .contentType(TestUtil.APPLICATION_JSON_UTF8) .content(TestUtil.convertObjectToJsonBytes(u))) .andExpect(status().isBadRequest()); Optional<User> user = userRepository.findOneByLogin("bob"); assertThat(user.isPresent()).isFalse(); }
public User getUserWithAuthorities(String id) { User user = userRepository.findOne(id); user.getAuthorities().size(); // eagerly load the association return user; }
@Transactional(readOnly = true) public User getUserWithAuthorities() { User user = userRepository.findOneByLogin(SecurityUtils.getCurrentUserLogin()).get(); user.getAuthorities().size(); // eagerly load the association return user; }
@Transactional(readOnly = true) public User getUserWithAuthorities(Long id) { User user = userRepository.findOne(id); user.getAuthorities().size(); // eagerly load the association return user; }