Created
March 21, 2015 07:15
-
-
Save bleporini/bc2961c63bd8b3f4feb9 to your computer and use it in GitHub Desktop.
JHipster no graph loader
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package com.mycompany.myapp.web.rest; | |
import com.codahale.metrics.annotation.Timed; | |
import com.mycompany.myapp.domain.Authority; | |
import com.mycompany.myapp.domain.PersistentToken; | |
import com.mycompany.myapp.domain.User; | |
import com.mycompany.myapp.repository.PersistentTokenRepository; | |
import com.mycompany.myapp.repository.UserRepository; | |
import com.mycompany.myapp.security.SecurityUtils; | |
import com.mycompany.myapp.service.MailService; | |
import com.mycompany.myapp.service.UserService; | |
import com.mycompany.myapp.web.rest.dto.UserDTO; | |
import org.apache.commons.lang.StringUtils; | |
import org.slf4j.Logger; | |
import org.slf4j.LoggerFactory; | |
import org.springframework.http.HttpStatus; | |
import org.springframework.http.MediaType; | |
import org.springframework.http.ResponseEntity; | |
import org.springframework.web.bind.annotation.*; | |
import javax.inject.Inject; | |
import javax.servlet.http.HttpServletRequest; | |
import javax.validation.Valid; | |
import java.io.UnsupportedEncodingException; | |
import java.net.URLDecoder; | |
import java.util.*; | |
import java.util.stream.Collectors; | |
/** | |
* REST controller for managing the current user's account. | |
*/ | |
@RestController | |
@RequestMapping("/api") | |
public class AccountResource { | |
private final Logger log = LoggerFactory.getLogger(AccountResource.class); | |
@Inject | |
private UserRepository userRepository; | |
@Inject | |
private UserService userService; | |
@Inject | |
private PersistentTokenRepository persistentTokenRepository; | |
@Inject | |
private MailService mailService; | |
/** | |
* POST /register -> register the user. | |
*/ | |
@RequestMapping(value = "/register", | |
method = RequestMethod.POST, | |
produces = MediaType.TEXT_PLAIN_VALUE) | |
@Timed | |
public ResponseEntity<?> registerAccount(@Valid @RequestBody UserDTO userDTO, HttpServletRequest request) { | |
return userRepository.findOneByLogin(userDTO.getLogin()) | |
.map(user -> new ResponseEntity<>("login already in use", HttpStatus.BAD_REQUEST)) | |
.orElseGet(() -> userRepository.findOneByEmail(userDTO.getEmail()) | |
.map(user -> new ResponseEntity<>("e-mail address already in use", HttpStatus.BAD_REQUEST)) | |
.orElseGet(() -> { | |
User user = userService.createUserInformation(userDTO.getLogin(), userDTO.getPassword(), | |
userDTO.getFirstName(), userDTO.getLastName(), userDTO.getEmail().toLowerCase(), | |
userDTO.getLangKey()); | |
String baseUrl = request.getScheme() + // "http" | |
"://" + // "://" | |
request.getServerName() + // "myhost" | |
":" + // ":" | |
request.getServerPort(); // "80" | |
mailService.sendActivationEmail(user, baseUrl); | |
return new ResponseEntity<>(HttpStatus.CREATED); | |
}) | |
); | |
} | |
/** | |
* GET /activate -> activate the registered user. | |
*/ | |
@RequestMapping(value = "/activate", | |
method = RequestMethod.GET, | |
produces = MediaType.APPLICATION_JSON_VALUE) | |
@Timed | |
public ResponseEntity<String> activateAccount(@RequestParam(value = "key") String key) { | |
return Optional.ofNullable(userService.activateRegistration(key)) | |
.map(user -> new ResponseEntity<String>(HttpStatus.OK)) | |
.orElse(new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR)); | |
} | |
/** | |
* GET /authenticate -> check if the user is authenticated, and return its login. | |
*/ | |
@RequestMapping(value = "/authenticate", | |
method = RequestMethod.GET, | |
produces = MediaType.APPLICATION_JSON_VALUE) | |
@Timed | |
public String isAuthenticated(HttpServletRequest request) { | |
log.debug("REST request to check if the current user is authenticated"); | |
return request.getRemoteUser(); | |
} | |
/** | |
* GET /account -> get the current user. | |
*/ | |
@RequestMapping(value = "/account", | |
method = RequestMethod.GET, | |
produces = MediaType.APPLICATION_JSON_VALUE) | |
@Timed | |
public ResponseEntity<UserDTO> getAccount() { | |
return userService.getUserWithAuthorities(user -> new ResponseEntity<>( | |
new UserDTO( | |
user.getLogin(), | |
null, | |
user.getFirstName(), | |
user.getLastName(), | |
user.getEmail(), | |
user.getLangKey(), | |
user.getAuthorities().stream().map(Authority::getName).collect(Collectors.toCollection(LinkedList::new))), | |
HttpStatus.OK)) | |
.orElse(new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR)); | |
} | |
public ResponseEntity<UserDTO> getAccount_old() { | |
return Optional.ofNullable(userService.getUserWithAuthorities()) | |
.map(user -> new ResponseEntity<>( | |
new UserDTO( | |
user.getLogin(), | |
null, | |
user.getFirstName(), | |
user.getLastName(), | |
user.getEmail(), | |
user.getLangKey(), | |
user.getAuthorities().stream().map(Authority::getName).collect(Collectors.toCollection(LinkedList::new))), | |
HttpStatus.OK)) | |
.orElse(new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR)); | |
} | |
/** | |
* POST /account -> update the current user information. | |
*/ | |
@RequestMapping(value = "/account", | |
method = RequestMethod.POST, | |
produces = MediaType.APPLICATION_JSON_VALUE) | |
@Timed | |
public ResponseEntity<String> saveAccount(@RequestBody UserDTO userDTO) { | |
return userRepository | |
.findOneByLogin(userDTO.getLogin()) | |
.filter(u -> u.getLogin().equals(SecurityUtils.getCurrentLogin())) | |
.map(u -> { | |
userService.updateUserInformation(userDTO.getFirstName(), userDTO.getLastName(), userDTO.getEmail()); | |
return new ResponseEntity<String>(HttpStatus.OK); | |
}) | |
.orElseGet(() -> new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR)); | |
} | |
/** | |
* POST /change_password -> changes the current user's password | |
*/ | |
@RequestMapping(value = "/account/change_password", | |
method = RequestMethod.POST, | |
produces = MediaType.APPLICATION_JSON_VALUE) | |
@Timed | |
public ResponseEntity<?> changePassword(@RequestBody String password) { | |
if (StringUtils.isEmpty(password) || password.length() < 5 || password.length() > 50) { | |
return new ResponseEntity<>(HttpStatus.BAD_REQUEST); | |
} | |
userService.changePassword(password); | |
return new ResponseEntity<>(HttpStatus.OK); | |
} | |
/** | |
* GET /account/sessions -> get the current open sessions. | |
*/ | |
@RequestMapping(value = "/account/sessions", | |
method = RequestMethod.GET, | |
produces = MediaType.APPLICATION_JSON_VALUE) | |
@Timed | |
public ResponseEntity<List<PersistentToken>> getCurrentSessions() { | |
return userRepository.findOneByLogin(SecurityUtils.getCurrentLogin()) | |
.map(user -> new ResponseEntity<>( | |
persistentTokenRepository.findByUser(user), | |
HttpStatus.OK)) | |
.orElse(new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR)); | |
} | |
/** | |
* DELETE /account/sessions?series={series} -> invalidate an existing session. | |
* | |
* - You can only delete your own sessions, not any other user's session | |
* - If you delete one of your existing sessions, and that you are currently logged in on that session, you will | |
* still be able to use that session, until you quit your browser: it does not work in real time (there is | |
* no API for that), it only removes the "remember me" cookie | |
* - This is also true if you invalidate your current session: you will still be able to use it until you close | |
* your browser or that the session times out. But automatic login (the "remember me" cookie) will not work | |
* anymore. | |
* There is an API to invalidate the current session, but there is no API to check which session uses which | |
* cookie. | |
*/ | |
@RequestMapping(value = "/account/sessions/{series}", | |
method = RequestMethod.DELETE) | |
@Timed | |
public void invalidateSession(@PathVariable String series) throws UnsupportedEncodingException { | |
String decodedSeries = URLDecoder.decode(series, "UTF-8"); | |
userRepository.findOneByLogin(SecurityUtils.getCurrentLogin()).ifPresent(u -> { | |
persistentTokenRepository.findByUser(u).stream() | |
.filter(persistentToken -> StringUtils.equals(persistentToken.getSeries(), decodedSeries)) | |
.findAny().ifPresent(t -> persistentTokenRepository.delete(decodedSeries)); | |
}); | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
package com.mycompany.myapp.service; | |
import com.mycompany.myapp.domain.Authority; | |
import com.mycompany.myapp.domain.PersistentToken; | |
import com.mycompany.myapp.domain.User; | |
import com.mycompany.myapp.repository.AuthorityRepository; | |
import com.mycompany.myapp.repository.PersistentTokenRepository; | |
import com.mycompany.myapp.repository.UserRepository; | |
import com.mycompany.myapp.security.SecurityUtils; | |
import com.mycompany.myapp.service.util.RandomUtil; | |
import org.joda.time.DateTime; | |
import org.joda.time.LocalDate; | |
import org.slf4j.Logger; | |
import org.slf4j.LoggerFactory; | |
import org.springframework.scheduling.annotation.Scheduled; | |
import org.springframework.security.crypto.password.PasswordEncoder; | |
import org.springframework.stereotype.Service; | |
import org.springframework.transaction.annotation.Transactional; | |
import javax.inject.Inject; | |
import java.util.HashSet; | |
import java.util.List; | |
import java.util.Optional; | |
import java.util.Set; | |
import java.util.function.Function; | |
/** | |
* Service class for managing users. | |
*/ | |
@Service | |
@Transactional | |
public class UserService { | |
private final Logger log = LoggerFactory.getLogger(UserService.class); | |
@Inject | |
private PasswordEncoder passwordEncoder; | |
@Inject | |
private UserRepository userRepository; | |
@Inject | |
private PersistentTokenRepository persistentTokenRepository; | |
@Inject | |
private AuthorityRepository authorityRepository; | |
public Optional<User> activateRegistration(String key) { | |
log.debug("Activating user for activation key {}", key); | |
userRepository.findOneByActivationKey(key) | |
.map(user -> { | |
// activate given user for the registration key. | |
user.setActivated(true); | |
user.setActivationKey(null); | |
userRepository.save(user); | |
log.debug("Activated user: {}", user); | |
return user; | |
}); | |
return Optional.empty(); | |
} | |
public User createUserInformation(String login, String password, String firstName, String lastName, String email, | |
String langKey) { | |
User newUser = new User(); | |
Authority authority = authorityRepository.findOne("ROLE_USER"); | |
Set<Authority> authorities = new HashSet<>(); | |
String encryptedPassword = passwordEncoder.encode(password); | |
newUser.setLogin(login); | |
// new user gets initially a generated password | |
newUser.setPassword(encryptedPassword); | |
newUser.setFirstName(firstName); | |
newUser.setLastName(lastName); | |
newUser.setEmail(email); | |
newUser.setLangKey(langKey); | |
// new user is not active | |
newUser.setActivated(false); | |
// new user gets registration key | |
newUser.setActivationKey(RandomUtil.generateActivationKey()); | |
authorities.add(authority); | |
newUser.setAuthorities(authorities); | |
userRepository.save(newUser); | |
log.debug("Created Information for User: {}", newUser); | |
return newUser; | |
} | |
public void updateUserInformation(String firstName, String lastName, String email) { | |
userRepository.findOneByLogin(SecurityUtils.getCurrentLogin()).ifPresent(u -> { | |
u.setFirstName(firstName); | |
u.setLastName(lastName); | |
u.setEmail(email); | |
userRepository.save(u); | |
log.debug("Changed Information for User: {}", u); | |
}); | |
} | |
public void changePassword(String password) { | |
userRepository.findOneByLogin(SecurityUtils.getCurrentLogin()).ifPresent(u-> { | |
String encryptedPassword = passwordEncoder.encode(password); | |
u.setPassword(encryptedPassword); | |
userRepository.save(u); | |
log.debug("Changed password for User: {}", u); | |
}); | |
} | |
@Transactional(readOnly = true) | |
public User getUserWithAuthorities() { | |
User currentUser = userRepository.findOneByLogin(SecurityUtils.getCurrentLogin()).get(); | |
currentUser.getAuthorities().size(); // eagerly load the association | |
return currentUser; | |
} | |
@Transactional(readOnly = true) | |
public <T> Optional<T> getUserWithAuthorities(Function<User,T> mapper) { | |
return userRepository.findOneByLogin(SecurityUtils.getCurrentLogin()).map(mapper); | |
} | |
/** | |
* Persistent Token are used for providing automatic authentication, they should be automatically deleted after | |
* 30 days. | |
* <p/> | |
* <p> | |
* This is scheduled to get fired everyday, at midnight. | |
* </p> | |
*/ | |
@Scheduled(cron = "0 0 0 * * ?") | |
public void removeOldPersistentTokens() { | |
LocalDate now = new LocalDate(); | |
persistentTokenRepository.findByTokenDateBefore(now.minusMonths(1)).stream().forEach(token ->{ | |
log.debug("Deleting token {}", token.getSeries()); | |
User user = token.getUser(); | |
user.getPersistentTokens().remove(token); | |
persistentTokenRepository.delete(token); | |
}); | |
} | |
/** | |
* Not activated users should be automatically deleted after 3 days. | |
* <p/> | |
* <p> | |
* This is scheduled to get fired everyday, at 01:00 (am). | |
* </p> | |
*/ | |
@Scheduled(cron = "0 0 1 * * ?") | |
public void removeNotActivatedUsers() { | |
DateTime now = new DateTime(); | |
List<User> users = userRepository.findAllByActivatedIsFalseAndCreatedDateBefore(now.minusDays(3)); | |
for (User user : users) { | |
log.debug("Deleting not activated user {}", user.getLogin()); | |
userRepository.delete(user); | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment