iSharkFly-Docs
/
java-tutorials
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #140 from Doha2012/master 

update registration methods
This commit is contained in:
Eugen 2015-02-16 13:33:08 +02:00
parent 308222fdbf d1eb4546bd
commit 452a5fc5a0
12 changed files with 359 additions and 121 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
spring-security-login-and-registration/src/main/java/org/baeldung/registration/listener/RegistrationListener.java
View File

@ -8,14 +8,12 @@ import org.baeldung.registration.OnRegistrationCompleteEvent;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationListener;
import org.springframework.context.MessageSource;
import org.springframework.context.annotation.PropertySource;
import org.springframework.core.env.Environment;
import org.springframework.mail.SimpleMailMessage;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.stereotype.Component;
@Component
@PropertySource("classpath:email.properties")
public class RegistrationListener implements ApplicationListener<OnRegistrationCompleteEvent> {
@Autowired
private IUserService service;

23
spring-security-login-and-registration/src/main/java/org/baeldung/web/controller/GenericResponse.java
View File

@ -1,23 +0,0 @@
package org.baeldung.web.controller;
public class GenericResponse {
private String message;
public GenericResponse() {
super();
}
public GenericResponse(final String message) {
this.message = message;
}
public String getMessage() {
return message;
}
public void setMessage(String message) {
this.message = message;
}
}

219
spring-security-login-and-registration/src/main/java/org/baeldung/web/controller/Registration2Controller.java Normal file
View File

@ -0,0 +1,219 @@
package org.baeldung.web.controller;
import java.util.Calendar;
import java.util.Locale;
import java.util.UUID;
import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;
import org.baeldung.persistence.model.PasswordResetToken;
import org.baeldung.persistence.model.User;
import org.baeldung.persistence.model.VerificationToken;
import org.baeldung.persistence.service.IUserService;
import org.baeldung.persistence.service.UserDto;
import org.baeldung.registration.OnRegistrationCompleteEvent;
import org.baeldung.validation.EmailExistsException;
import org.baeldung.web.error.UserNotFoundException;
import org.baeldung.web.util.GenericResponse;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.MessageSource;
import org.springframework.core.env.Environment;
import org.springframework.mail.SimpleMailMessage;
import org.springframework.mail.javamail.JavaMailSender;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.validation.Errors;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;
@Controller
public class Registration2Controller {
private final Logger LOGGER = LoggerFactory.getLogger(getClass());
@Autowired
private IUserService userService;
@Autowired
private MessageSource messages;
@Autowired
private JavaMailSender mailSender;
@Autowired
private ApplicationEventPublisher eventPublisher;
@Autowired
private UserDetailsService userDetailsService;
@Autowired
private Environment env;
public Registration2Controller() {
}
// API
@RequestMapping(value = "/user/registration2", method = RequestMethod.GET)
public String showRegistrationForm(final HttpServletRequest request, final Model model) {
LOGGER.debug("Rendering registration page.");
final UserDto accountDto = new UserDto();
model.addAttribute("user", accountDto);
return "registration";
}
@RequestMapping(value = "/regitrationConfirm2", method = RequestMethod.GET)
public String confirmRegistration(final HttpServletRequest request, final Model model, @RequestParam("token") final String token) {
final Locale locale = request.getLocale();
final VerificationToken verificationToken = userService.getVerificationToken(token);
if (verificationToken == null) {
final String message = messages.getMessage("auth.message.invalidToken", null, locale);
model.addAttribute("message", message);
return "redirect:/badUser.html?lang=" + locale.getLanguage();
}
final User user = verificationToken.getUser();
final Calendar cal = Calendar.getInstance();
if ((verificationToken.getExpiryDate().getTime() - cal.getTime().getTime()) <= 0) {
model.addAttribute("message", messages.getMessage("auth.message.expired", null, locale));
model.addAttribute("expired", true);
model.addAttribute("token", token);
return "redirect:/badUser.html?lang=" + locale.getLanguage();
}
user.setEnabled(true);
userService.saveRegisteredUser(user);
model.addAttribute("message", messages.getMessage("message.accountVerified", null, locale));
return "redirect:/login.html?lang=" + locale.getLanguage();
}
@RequestMapping(value = "/user/registration2", method = RequestMethod.POST)
public ModelAndView registerUserAccount(@ModelAttribute("user") @Valid final UserDto accountDto, final BindingResult result, final HttpServletRequest request, final Errors errors) {
LOGGER.debug("Registering user account with information: {}", accountDto);
if (result.hasErrors()) {
return new ModelAndView("registration", "user", accountDto);
}
final User registered = createUserAccount(accountDto);
if (registered == null) {
result.rejectValue("email", "message.regError");
return new ModelAndView("registration", "user", accountDto);
}
try {
final String appUrl = "http://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath();
eventPublisher.publishEvent(new OnRegistrationCompleteEvent(registered, request.getLocale(), appUrl));
} catch (final Exception ex) {
LOGGER.warn("Unable to register user", ex);
return new ModelAndView("emailError", "user", accountDto);
}
return new ModelAndView("successRegister", "user", accountDto);
}
@RequestMapping(value = "/user/resendRegistrationToken2", method = RequestMethod.GET)
public @ResponseBody GenericResponse resendRegistrationToken2(final HttpServletRequest request, @RequestParam("token") final String existingToken) {
final VerificationToken newToken = userService.generateNewVerificationToken(existingToken);
final User user = userService.getUser(newToken.getToken());
final String appUrl = "http://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath();
final SimpleMailMessage email = constructResetVerificationTokenEmail(appUrl, request.getLocale(), newToken, user);
mailSender.send(email);
return new GenericResponse(messages.getMessage("message.resendToken", null, request.getLocale()));
}
@RequestMapping(value = "/user/resetPassword2", method = RequestMethod.POST)
public @ResponseBody GenericResponse resetPassword2(final HttpServletRequest request, @RequestParam("email") final String userEmail) {
final User user = userService.findUserByEmail(userEmail);
if (user == null) {
throw new UserNotFoundException();
}
final String token = UUID.randomUUID().toString();
userService.createPasswordResetTokenForUser(user, token);
final String appUrl = "http://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath();
final SimpleMailMessage email = constructResetTokenEmail(appUrl, request.getLocale(), token, user);
mailSender.send(email);
return new GenericResponse(messages.getMessage("message.resetPasswordEmail", null, request.getLocale()));
}
// ==== will not be changed this is used as the confirmation url of reset password token
@RequestMapping(value = "/user/changePassword2", method = RequestMethod.GET)
public String changePassword(final HttpServletRequest request, final Model model, @RequestParam("id") final long id, @RequestParam("token") final String token) {
final Locale locale = request.getLocale();
final PasswordResetToken passToken = userService.getPasswordResetToken(token);
final User user = passToken.getUser();
if (passToken == null || user.getId() != id) {
final String message = messages.getMessage("auth.message.invalidToken", null, locale);
model.addAttribute("message", message);
return "redirect:/login.html?lang=" + locale.getLanguage();
}
final Calendar cal = Calendar.getInstance();
if ((passToken.getExpiryDate().getTime() - cal.getTime().getTime()) <= 0) {
model.addAttribute("message", messages.getMessage("auth.message.expired", null, locale));
return "redirect:/login.html?lang=" + locale.getLanguage();
}
final Authentication auth = new UsernamePasswordAuthenticationToken(user, null, userDetailsService.loadUserByUsername(user.getEmail()).getAuthorities());
SecurityContextHolder.getContext().setAuthentication(auth);
return "redirect:/updatePassword.html?lang=" + locale.getLanguage();
}
@RequestMapping(value = "/user/savePassword2", method = RequestMethod.POST)
@PreAuthorize("hasRole('READ_PRIVILEGE')")
public @ResponseBody GenericResponse savePassword(final HttpServletRequest request, @RequestParam("password") final String password) {
final User user = (User) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
userService.changeUserPassword(user, password);
return new GenericResponse(messages.getMessage("message.resetPasswordSuc", null, request.getLocale()));
}
// NON-API
private final SimpleMailMessage constructResetVerificationTokenEmail(final String contextPath, final Locale locale, final VerificationToken newToken, final User user) {
final String confirmationUrl = contextPath + "/regitrationConfirm.html?token=" + newToken.getToken();
final String message = messages.getMessage("message.resendToken", null, locale);
final SimpleMailMessage email = new SimpleMailMessage();
email.setSubject("Resend Registration Token");
email.setText(message + " \r\n" + confirmationUrl);
email.setTo(user.getEmail());
email.setFrom(env.getProperty("support.email"));
return email;
}
private final SimpleMailMessage constructResetTokenEmail(final String contextPath, final Locale locale, final String token, final User user) {
final String url = contextPath + "/user/changePassword2?id=" + user.getId() + "&token=" + token;
final String message = messages.getMessage("message.resetPassword", null, locale);
final SimpleMailMessage email = new SimpleMailMessage();
email.setTo(user.getEmail());
email.setSubject("Reset Password");
email.setText(message + " \r\n" + url);
email.setFrom(env.getProperty("support.email"));
return email;
}
private User createUserAccount(final UserDto accountDto) {
User registered = null;
try {
registered = userService.registerNewUserAccount(accountDto);
} catch (final EmailExistsException e) {
return null;
}
return registered;
}
}

35
spring-security-login-and-registration/src/main/java/org/baeldung/web/controller/RegistrationController.java
View File

@ -19,8 +19,6 @@ import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.ApplicationEventPublisher;
import org.springframework.context.MessageSource;
import org.springframework.context.NoSuchMessageException;
import org.springframework.context.annotation.PropertySource;
import org.springframework.core.env.Environment;
import org.springframework.mail.MailAuthenticationException;
import org.springframework.mail.SimpleMailMessage;
@ -38,14 +36,9 @@ import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.servlet.ModelAndView;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
@Controller
@PropertySource("classpath:email.properties")
public class RegistrationController {
private final Logger LOGGER = LoggerFactory.getLogger(getClass());
@ -150,17 +143,6 @@ public class RegistrationController {
return "redirect:/login.html?lang=" + locale.getLanguage();
}
@RequestMapping(value = "/user/resendRegistrationToken2", method = RequestMethod.GET)
public @ResponseBody GenericResponse resendRegistrationToken2(final HttpServletRequest request, @RequestParam("token") final String existingToken) {
final VerificationToken newToken = userService.generateNewVerificationToken(existingToken);
final User user = userService.getUser(newToken.getToken());
final String appUrl = "http://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath();
final SimpleMailMessage email = constructResetVerificationTokenEmail(appUrl, request.getLocale(), newToken, user);
mailSender.send(email);
return new GenericResponse(messages.getMessage("message.resendToken", null, request.getLocale()));
}
@RequestMapping(value = "/user/resetPassword", method = RequestMethod.POST)
public String resetPassword(final HttpServletRequest request, final Model model, @RequestParam("email") final String userEmail) {
final User user = userService.findUserByEmail(userEmail);
@ -187,23 +169,6 @@ public class RegistrationController {
return "redirect:/login.html?lang=" + request.getLocale().getLanguage();
}
@RequestMapping(value = "/user/resetPassword2", method = RequestMethod.POST)
public @ResponseBody String resetPassword2(final HttpServletRequest request, @RequestParam("email") final String userEmail) throws JsonProcessingException, NoSuchMessageException {
final User user = userService.findUserByEmail(userEmail);
if (user == null) {
// throw new NotFoundExceptions(messages.getMessage("message.userNotFound", null, request.getLocale())); // 404
return new ObjectMapper().writeValueAsString(messages.getMessage("message.userNotFound", null, request.getLocale()));
}
final String token = UUID.randomUUID().toString();
userService.createPasswordResetTokenForUser(user, token);
final String appUrl = "http://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath();
final SimpleMailMessage email = constructResetTokenEmail(appUrl, request.getLocale(), token, user);
mailSender.send(email);
return new ObjectMapper().writeValueAsString(messages.getMessage("message.resetPasswordEmail", null, request.getLocale()));
}
@RequestMapping(value = "/user/changePassword", method = RequestMethod.GET)
public String changePassword(final HttpServletRequest request, final Model model, @RequestParam("id") final long id, @RequestParam("token") final String token) {
final Locale locale = request.getLocale();

39
spring-security-login-and-registration/src/main/java/org/baeldung/web/error/RestResponseEntityExceptionHandler.java
View File

@ -1,35 +1,50 @@
package org.baeldung.web.error;
import org.baeldung.web.util.GenericResponse;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.MessageSource;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.mail.MailAuthenticationException;
import org.springframework.web.bind.annotation.ControllerAdvice;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.context.request.WebRequest;
import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
@ControllerAdvice
public class RestResponseEntityExceptionHandler extends ResponseEntityExceptionHandler {
@Autowired
private MessageSource messages;
public RestResponseEntityExceptionHandler() {
super();
}
// API
// 500
@ExceptionHandler({ MailAuthenticationException.class })
public @ResponseBody String handleMail(final RuntimeException ex, final WebRequest request) throws JsonProcessingException {
logger.error("500 Status Code", ex);
return new ObjectMapper().writeValueAsString("MailError");
// 404
@ExceptionHandler({ UserNotFoundException.class })
public ResponseEntity<Object> handleUserNotFound(final RuntimeException ex, final WebRequest request) {
logger.error("404 Status Code", ex);
final GenericResponse bodyOfResponse = new GenericResponse(messages.getMessage("message.userNotFound", null, request.getLocale()), "UserNotFound");
return handleExceptionInternal(ex, bodyOfResponse, new HttpHeaders(), HttpStatus.NOT_FOUND, request);
}
@ExceptionHandler({ NullPointerException.class, IllegalArgumentException.class, IllegalStateException.class })
public @ResponseBody String handleInternal(final RuntimeException ex, final WebRequest request) throws JsonProcessingException {
// 500
@ExceptionHandler({ MailAuthenticationException.class })
public ResponseEntity<Object> handleMail(final RuntimeException ex, final WebRequest request) {
logger.error("500 Status Code", ex);
return new ObjectMapper().writeValueAsString("InternalError");
final GenericResponse bodyOfResponse = new GenericResponse(messages.getMessage("message.email.config.error", null, request.getLocale()), "MailError");
return handleExceptionInternal(ex, bodyOfResponse, new HttpHeaders(), HttpStatus.NOT_FOUND, request);
}
@ExceptionHandler({ Exception.class })
public ResponseEntity<Object> handleInternal(final RuntimeException ex, final WebRequest request) {
logger.error("500 Status Code", ex);
final GenericResponse bodyOfResponse = new GenericResponse(messages.getMessage("message.error", null, request.getLocale()), "InternalError");
return handleExceptionInternal(ex, bodyOfResponse, new HttpHeaders(), HttpStatus.NOT_FOUND, request);
}
}

23
spring-security-login-and-registration/src/main/java/org/baeldung/web/error/UserNotFoundException.java Normal file
View File

@ -0,0 +1,23 @@
package org.baeldung.web.error;
public final class UserNotFoundException extends RuntimeException {
private static final long serialVersionUID = 5861310537366287163L;
public UserNotFoundException() {
super();
}
public UserNotFoundException(final String message, final Throwable cause) {
super(message, cause);
}
public UserNotFoundException(final String message) {
super(message);
}
public UserNotFoundException(final Throwable cause) {
super(cause);
}
}

34
spring-security-login-and-registration/src/main/java/org/baeldung/web/util/GenericResponse.java Normal file
View File

@ -0,0 +1,34 @@
package org.baeldung.web.util;
public class GenericResponse {
private String message;
private String error;
public GenericResponse(String message) {
super();
this.message = message;
}
public GenericResponse(String message, String error) {
super();
this.message = message;
this.error = error;
}
public String getMessage() {
return message;
}
public void setMessage(String message) {
this.message = message;
}
public String getError() {
return error;
}
public void setError(String error) {
this.error = error;
}
}

3
spring-security-login-and-registration/src/main/resources/messages_en.properties
View File

@ -63,4 +63,5 @@ auth.message.blocked=This ip is blocked for 24 hours
message.accountVerified=Your account verified successfully
message.resetPasswordSuc=Password reset successfully
message.resetYourPassword=Reset your password
message.resetPasswordEmail=You should receive an Password Reset Email shortly
message.resetPasswordEmail=You should receive an Password Reset Email shortly
message.error=Error Occurred

3
spring-security-login-and-registration/src/main/resources/messages_es_ES.properties
View File

@ -63,4 +63,5 @@ auth.message.blocked=Esta IP se bloquea durante 24 horas
message.accountVerified=Su cuenta verificada con éxito
message.resetPasswordSuc=Contraseña reajusta correctamente
message.resetYourPassword=Restablecer su contraseña
message.resetPasswordEmail=Te enviaremos un correo electrónico para restablecer su contraseña
message.resetPasswordEmail=Te enviaremos un correo electrónico para restablecer su contraseña
message.error=Se produjo un error

12
spring-security-login-and-registration/src/main/webapp/WEB-INF/view/badUser.jsp
View File

@ -32,15 +32,15 @@ code="label.form.loginSignUp"></spring:message></a>
<script type="text/javascript">
function resendToken(){
$.get("<c:url value="/user/resendRegistrationToken2"><c:param name="token" value="${param.token}"/></c:url>", function(data){
if(data.indexOf("MailError") > -1)
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data.message;
})
.fail(function(data) {
if(data.responseJSON.error.indexOf("MailError") > -1)
{
window.location.href = "<c:url value="/emailError.html"></c:url>";
}
else if(data.indexOf("InternalError") > -1){
window.location.href = "<c:url value="/login.html"><c:param name="message" value="Error Occurred"/></c:url>";
window.location.href = "<c:url value="/emailError.html"></c:url>";
}
else{
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data;
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data.responseJSON.message;
}
});
}

15
spring-security-login-and-registration/src/main/webapp/WEB-INF/view/forgetPassword.jsp
View File

@ -32,8 +32,7 @@
</div>
<br>
<a href="<c:url value="registration.html" />"><spring:message code="label.form.loginSignUp"></spring:message></a>
<a href="<c:url value="/user/registration" />"><spring:message code="label.form.loginSignUp"></spring:message></a>
<br>
<a href="<c:url value="login.html" />"><spring:message code="label.form.loginLink"></spring:message></a>
@ -43,17 +42,17 @@
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script type="text/javascript">
function resetPass(){
var email = $("#email").val();
var email = $("#email").val();
$.post("<c:url value="/user/resetPassword2"></c:url>",{email: email} ,function(data){
if(data.indexOf("MailError") > -1)
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data.message;
})
.fail(function(data) {
if(data.responseJSON.error.indexOf("MailError") > -1)
{
window.location.href = "<c:url value="/emailError.html"></c:url>";
}
else if(data.indexOf("InternalError") > -1){
window.location.href = "<c:url value="/login.html"><c:param name="message" value="Error Occurred"/></c:url>";
}
else{
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data;
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data.responseJSON.message;
}
});
}

72
spring-security-login-and-registration/src/main/webapp/WEB-INF/view/updatePassword.jsp
View File

@ -4,7 +4,7 @@
<%@ taglib prefix="form" uri="http://www.springframework.org/tags/form"%>
<%@ taglib prefix="spring" uri="http://www.springframework.org/tags"%>
<%@ taglib prefix="sec"
uri="http://www.springframework.org/security/tags"%>
uri="http://www.springframework.org/security/tags"%>
<%@ page session="false"%>
<html>
<head>
@ -14,46 +14,52 @@
</head>
<body>
<sec:authorize access="hasRole('READ_PRIVILEGE')">
<div class="container">
<div class="span12">
<H1>
<spring:message code="message.resetYourPassword"></spring:message>
</H1>
<form:form action="user/savePassword" method="POST" enctype="utf8">
<br>
<tr>
<td><label><spring:message code="label.user.password"></spring:message></label></td>
<td><input id="pass" name="password" type="password" value="" /></td>
</tr>
<tr>
<div class="container">
<div class="span12">
<H1>
<spring:message code="message.resetYourPassword"></spring:message>
</H1>
<div >
<br>
<tr>
<td><label><spring:message code="label.user.password"></spring:message></label></td>
<td><input id="pass" name="password" type="password" value="" /></td>
</tr>
<tr>
<td><label><spring:message code="label.user.confirmPass"></spring:message></label></td>
<td>
<input id="passConfirm" type="password" value="" />
<span id="error" class="alert alert-error" style="display:none"><spring:message code="PasswordMatches.user"></spring:message></span>
</td>
</tr>
<br><br>
<button type="submit">
<spring:message code="message.updatePassword"></spring:message>
</button>
</form:form>
</div>
</div>
</sec:authorize>
<br><br>
<button type="submit" onclick="savePass()">
<spring:message code="message.updatePassword"></spring:message>
</button>
</div>
</div>
</div>
<script src="http://ajax.googleapis.com/ajax/libs/jquery/1.11.2/jquery.min.js"></script>
<script type="text/javascript">
$(document).ready(function() {
$('form').on('submit', function(e){
var valid = $("#pass").val() == $("#passConfirm").val();
if(!valid) {
e.preventDefault();
$("#error").show();
}
});
});
</script>
function savePass(){
var pass = $("#pass").val();
var valid = pass == $("#passConfirm").val();
if(!valid) {
$("#error").show();
return;
}
$.post("<c:url value="/user/savePassword2"></c:url>",{password: pass} ,function(data){
window.location.href = "<c:url value="/login.html"></c:url>" + "?message="+data.message;
})
.fail(function(data) {
window.location.href = "<c:url value="/login.html"></c:url>" + "?message=" + data.responseJSON.message;
});
}
</script>
</sec:authorize>
</body>
</html>