add change password

2015-04-01 21:19:54 +02:00 · 2015-04-01 21:19:54 +02:00 · 5a3fc61d63
parent 060b23205e
commit 5a3fc61d63
8 changed files with 65 additions and 4 deletions
--- a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/IUserService.java
+++ b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/IUserService.java
@ -32,4 +32,6 @@ public interface IUserService {
    User getUserByID(long id);

    void changeUserPassword(User user, String password);
+
+    boolean checkIfValidOldPassword(User user, String password);
 }
--- a/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserService.java
+++ b/spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserService.java
@ -120,6 +120,11 @@ public class UserService implements IUserService {
        repository.save(user);
    }

+    @Override
+    public boolean checkIfValidOldPassword(final User user, final String oldPassword) {
+        return passwordEncoder.matches(oldPassword, user.getPassword());
+    }
+
    private boolean emailExist(final String email) {
        final User user = repository.findByEmail(email);
        if (user != null) {
--- a/spring-security-login-and-registration/src/main/java/org/baeldung/spring/MvcConfig.java
+++ b/spring-security-login-and-registration/src/main/java/org/baeldung/spring/MvcConfig.java
@ -49,6 +49,7 @@ public class MvcConfig extends WebMvcConfigurerAdapter {
        registry.addViewController("/successRegister.html");
        registry.addViewController("/forgetPassword.html");
        registry.addViewController("/updatePassword.html");
+        registry.addViewController("/changePassword.html");
    }

    @Override
--- a/spring-security-login-and-registration/src/main/java/org/baeldung/web/controller/RegistrationController.java
+++ b/spring-security-login-and-registration/src/main/java/org/baeldung/web/controller/RegistrationController.java
@ -14,6 +14,7 @@ import org.baeldung.persistence.service.IUserService;
 import org.baeldung.persistence.service.UserDto;
 import org.baeldung.registration.OnRegistrationCompleteEvent;
 import org.baeldung.validation.EmailExistsException;
+import org.baeldung.web.error.InvalidOldPasswordException;
 import org.baeldung.web.error.UserAlreadyExistException;
 import org.baeldung.web.error.UserNotFoundException;
 import org.baeldung.web.util.GenericResponse;
@ -133,7 +134,6 @@ public class RegistrationController {
        final String appUrl = "http://" + request.getServerName() + ":" + request.getServerPort() + request.getContextPath();
        final SimpleMailMessage email = constructResetTokenEmail(appUrl, request.getLocale(), token, user);
        mailSender.send(email);
-
        return new GenericResponse(messages.getMessage("message.resetPasswordEmail", null, request.getLocale()));
    }

@ -168,6 +168,19 @@ public class RegistrationController {
        return new GenericResponse(messages.getMessage("message.resetPasswordSuc", null, locale));
    }

+    // change user password
+
+    @RequestMapping(value = "/user/updatePassword", method = RequestMethod.POST)
+    @ResponseBody
+    public GenericResponse changeUserPassword(final Locale locale, @RequestParam("password") final String password, @RequestParam("oldpassword") final String oldPassword) {
+        final User user = userService.findUserByEmail(SecurityContextHolder.getContext().getAuthentication().getName());
+        if (!userService.checkIfValidOldPassword(user, oldPassword)) {
+            throw new InvalidOldPasswordException();
+        }
+        userService.changeUserPassword(user, password);
+        return new GenericResponse(messages.getMessage("message.updatePasswordSuc", null, locale));
+    }
+
    // NON-API

    private final SimpleMailMessage constructResendVerificationTokenEmail(final String contextPath, final Locale locale, final VerificationToken newToken, final User user) {
--- a/spring-security-login-and-registration/src/main/java/org/baeldung/web/error/InvalidOldPasswordException.java
+++ b/spring-security-login-and-registration/src/main/java/org/baeldung/web/error/InvalidOldPasswordException.java
@ -0,0 +1,23 @@
+package org.baeldung.web.error;
+
+public final class InvalidOldPasswordException extends RuntimeException {
+
+    private static final long serialVersionUID = 5861310537366287163L;
+
+    public InvalidOldPasswordException() {
+        super();
+    }
+
+    public InvalidOldPasswordException(final String message, final Throwable cause) {
+        super(message, cause);
+    }
+
+    public InvalidOldPasswordException(final String message) {
+        super(message);
+    }
+
+    public InvalidOldPasswordException(final Throwable cause) {
+        super(cause);
+    }
+
+}
--- a/spring-security-login-and-registration/src/main/java/org/baeldung/web/error/RestResponseEntityExceptionHandler.java
+++ b/spring-security-login-and-registration/src/main/java/org/baeldung/web/error/RestResponseEntityExceptionHandler.java
@ -29,7 +29,7 @@ public class RestResponseEntityExceptionHandler extends ResponseEntityExceptionH

    // 400
    @Override
-    protected ResponseEntity<Object> handleBindException(BindException ex, HttpHeaders headers, HttpStatus status, WebRequest request) {
+    protected ResponseEntity<Object> handleBindException(final BindException ex, final HttpHeaders headers, final HttpStatus status, final WebRequest request) {
        logger.error("400 Status Code", ex);
        final BindingResult result = ex.getBindingResult();
        final GenericResponse bodyOfResponse = new GenericResponse(result.getFieldErrors(), result.getGlobalErrors());
@ -44,6 +44,13 @@ public class RestResponseEntityExceptionHandler extends ResponseEntityExceptionH
        return handleExceptionInternal(ex, bodyOfResponse, new HttpHeaders(), HttpStatus.BAD_REQUEST, request);
    }

+    @ExceptionHandler({ InvalidOldPasswordException.class })
+    public ResponseEntity<Object> handleInvalidOldPassword(final RuntimeException ex, final WebRequest request) {
+        logger.error("400 Status Code", ex);
+        final GenericResponse bodyOfResponse = new GenericResponse(messages.getMessage("message.invalidOldPassword", null, request.getLocale()), "InvalidOldEmail");
+        return handleExceptionInternal(ex, bodyOfResponse, new HttpHeaders(), HttpStatus.BAD_REQUEST, request);
+    }
+
    // 404
    @ExceptionHandler({ UserNotFoundException.class })
    public ResponseEntity<Object> handleUserNotFound(final RuntimeException ex, final WebRequest request) {
--- a/spring-security-login-and-registration/src/main/resources/messages_en.properties
+++ b/spring-security-login-and-registration/src/main/resources/messages_en.properties
@ -64,4 +64,9 @@ message.accountVerified=Your account verified successfully
 message.resetPasswordSuc=Password reset successfully
 message.resetYourPassword=Reset your password
 message.resetPasswordEmail=You should receive an Password Reset Email shortly
-message.error=Error Occurred
+message.error=Error Occurred
+message.updatePasswordSuc=Password updated successfully
+message.changePassword=Change Password
+message.invalidOldPassword=Invalid Old Password
+label.user.newPassword=New Password
+label.user.oldPassword=Old Password
--- a/spring-security-login-and-registration/src/main/resources/messages_es_ES.properties
+++ b/spring-security-login-and-registration/src/main/resources/messages_es_ES.properties
@ -64,4 +64,9 @@ message.accountVerified=Su cuenta verificada con
 message.resetPasswordSuc=Contraseña reajusta correctamente
 message.resetYourPassword=Restablecer su contraseña
 message.resetPasswordEmail=Te enviaremos un correo electrónico para restablecer su contraseña
-message.error=Se produjo un error
+message.error=Se produjo un error
+message.updatePasswordSuc=Contraseña actualizado correctamente
+message.changePassword=Cambiar La Contraseña
+message.invalidOldPassword=Inválida contraseña antigua
+label.user.newPassword=Nueva Contraseña
+label.user.oldPassword=Contraseña Anterior