AndriDiki/smartproc-be
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix forgot password

Browse Source
This commit is contained in:
dirgantarasiahaan 2023-05-28 18:08:10 +07:00
parent a32d5a499f
commit 9f1a9b9004
4 changed files with 85 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/main/java/com/iconplus/smartproc/configuration/JwtRequestFilter.java
View File

@ -55,7 +55,8 @@ public class JwtRequestFilter extends OncePerRequestFilter {
private void isValidToken(HttpServletRequest request, String jwtToken) {
String requestUrl = request.getRequestURI();
String refreshTokenUrl = "/api/authentication/refresh-token";
if (!refreshTokenUrl.equals(requestUrl)) {
String forgotPasswordUrl = "/api/authentication/forgot-password";
if (!org.apache.commons.lang3.StringUtils.equalsAnyIgnoreCase(requestUrl, refreshTokenUrl, forgotPasswordUrl)) {
var isValid = isValidAuthenticateToken(jwtToken);
if (!isValid) {
throw new BusinessException(HttpStatus.UNAUTHORIZED, "Invalid Access Token");

24
src/main/java/com/iconplus/smartproc/controller/AuthenticationController.java
View File

@ -3,14 +3,12 @@ package com.iconplus.smartproc.controller;
import com.iconplus.smartproc.helper.model.EmptyRequest;
import com.iconplus.smartproc.helper.model.EmptyResponse;
import com.iconplus.smartproc.model.request.ChangePasswordRequest;
import com.iconplus.smartproc.model.request.ForgotPasswordRequest;
import com.iconplus.smartproc.model.request.LoginRequest;
import com.iconplus.smartproc.model.request.RefreshTokenRequest;
import com.iconplus.smartproc.model.response.LoginResponse;
import com.iconplus.smartproc.model.response.RefreshTokenResponse;
import com.iconplus.smartproc.service.authentication.ChangePasswordService;
import com.iconplus.smartproc.service.authentication.LoginService;
import com.iconplus.smartproc.service.authentication.LogoutService;
import com.iconplus.smartproc.service.authentication.TokenManagementService;
import com.iconplus.smartproc.service.authentication.*;
import org.springframework.web.bind.annotation.*;
@CrossOrigin(origins = "http://localhost:8080", allowCredentials = "true")
@ -18,19 +16,22 @@ import org.springframework.web.bind.annotation.*;
@RequestMapping("/api/authentication")
public class AuthenticationController {
private LoginService loginService;
private TokenManagementService tokenManagementService;
private LogoutService logoutService;
private ChangePasswordService changePasswordService;
private final LoginService loginService;
private final TokenManagementService tokenManagementService;
private final LogoutService logoutService;
private final ChangePasswordService changePasswordService;
private final ForgotPasswordService forgotPasswordService;
public AuthenticationController(LoginService loginService,
TokenManagementService tokenManagementService,
LogoutService logoutService,
ChangePasswordService changePasswordService) {
ChangePasswordService changePasswordService,
ForgotPasswordService forgotPasswordService) {
this.loginService = loginService;
this.tokenManagementService = tokenManagementService;
this.logoutService = logoutService;
this.changePasswordService = changePasswordService;
this.forgotPasswordService = forgotPasswordService;
}
@PostMapping("/login")
@ -54,4 +55,9 @@ public class AuthenticationController {
return changePasswordService.execute(changePasswordRequest);
}
@PostMapping("/forgot-password")
public EmptyResponse forgotPassword(@RequestBody ForgotPasswordRequest forgotPasswordRequest) {
return forgotPasswordService.execute(forgotPasswordRequest);
}
}

17
src/main/java/com/iconplus/smartproc/model/request/ForgotPasswordRequest.java Normal file
View File

@ -0,0 +1,17 @@
package com.iconplus.smartproc.model.request;
import com.iconplus.smartproc.helper.base.BaseRequest;
import lombok.AllArgsConstructor;
import lombok.Builder;
import lombok.Data;
import lombok.NoArgsConstructor;
@Data
@Builder
@AllArgsConstructor
@NoArgsConstructor
public class ForgotPasswordRequest extends BaseRequest {
private String email;
private String newPassword;
private String confirmationPassword;
}

51
src/main/java/com/iconplus/smartproc/service/authentication/ForgotPasswordService.java Normal file
View File

@ -0,0 +1,51 @@
package com.iconplus.smartproc.service.authentication;
import com.iconplus.smartproc.exception.BusinessException;
import com.iconplus.smartproc.helper.model.EmptyResponse;
import com.iconplus.smartproc.helper.service.BaseService;
import com.iconplus.smartproc.model.request.ForgotPasswordRequest;
import com.iconplus.smartproc.repository.UsersRepository;
import com.iconplus.smartproc.service.CommonService;
import com.iconplus.smartproc.util.Constants;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.HttpStatus;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
@Service
public class ForgotPasswordService implements BaseService<ForgotPasswordRequest, EmptyResponse> {
private UsersRepository usersRepository;
private CommonService commonService;
public ForgotPasswordService(UsersRepository usersRepository,
CommonService commonService) {
this.usersRepository = usersRepository;
this.commonService = commonService;
}
@Override
public EmptyResponse execute(ForgotPasswordRequest input) {
var users = usersRepository.findByEmailAndIsDeleteFalse(input.getEmail())
.orElseThrow(() -> new BusinessException(Constants.ERR_CODE_10001,
Constants.ERR_TTL_10001,
String.format(Constants.ERR_MSG_10001, "User", input.getEmail())));
String newPassword = commonService.getPassword(input.getNewPassword());
String confirmationPassword = commonService.getPassword(input.getConfirmationPassword());
if (!StringUtils.equalsIgnoreCase(newPassword, confirmationPassword)) {
throw new BusinessException(HttpStatus.CONFLICT,
Constants.ERR_CODE_10007,
Constants.ERR_TTL_10007,
Constants.ERR_MSG_10007);
}
BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
users.setPassword(bCryptPasswordEncoder.encode(newPassword));
usersRepository.save(users);
return new EmptyResponse();
}
}