From 9f1a9b9004c847b260eb4c3ae31a97c139fabeec Mon Sep 17 00:00:00 2001
From: dirgantarasiahaan <siahaandirgantara@gmail.com>
Date: Sun, 28 May 2023 18:08:10 +0700
Subject: [PATCH] fix forgot password

---
 .../configuration/JwtRequestFilter.java       |  3 +-
 .../controller/AuthenticationController.java  | 24 +++++----
 .../model/request/ForgotPasswordRequest.java  | 17 +++++++
 .../authentication/ForgotPasswordService.java | 51 +++++++++++++++++++
 4 files changed, 85 insertions(+), 10 deletions(-)
 create mode 100644 src/main/java/com/iconplus/smartproc/model/request/ForgotPasswordRequest.java
 create mode 100644 src/main/java/com/iconplus/smartproc/service/authentication/ForgotPasswordService.java

diff --git a/src/main/java/com/iconplus/smartproc/configuration/JwtRequestFilter.java b/src/main/java/com/iconplus/smartproc/configuration/JwtRequestFilter.java
index 2b976b7..ade2f23 100644
--- a/src/main/java/com/iconplus/smartproc/configuration/JwtRequestFilter.java
+++ b/src/main/java/com/iconplus/smartproc/configuration/JwtRequestFilter.java
@@ -55,7 +55,8 @@ public class JwtRequestFilter extends OncePerRequestFilter {
 	private void isValidToken(HttpServletRequest request, String jwtToken) {
 		String requestUrl = request.getRequestURI();
 		String refreshTokenUrl = "/api/authentication/refresh-token";
-		if (!refreshTokenUrl.equals(requestUrl)) {
+		String forgotPasswordUrl = "/api/authentication/forgot-password";
+		if (!org.apache.commons.lang3.StringUtils.equalsAnyIgnoreCase(requestUrl, refreshTokenUrl, forgotPasswordUrl)) {
 			var isValid = isValidAuthenticateToken(jwtToken);
 			if (!isValid) {
 				throw new BusinessException(HttpStatus.UNAUTHORIZED, "Invalid Access Token");
diff --git a/src/main/java/com/iconplus/smartproc/controller/AuthenticationController.java b/src/main/java/com/iconplus/smartproc/controller/AuthenticationController.java
index d7a4920..7d63524 100644
--- a/src/main/java/com/iconplus/smartproc/controller/AuthenticationController.java
+++ b/src/main/java/com/iconplus/smartproc/controller/AuthenticationController.java
@@ -3,14 +3,12 @@ package com.iconplus.smartproc.controller;
 import com.iconplus.smartproc.helper.model.EmptyRequest;
 import com.iconplus.smartproc.helper.model.EmptyResponse;
 import com.iconplus.smartproc.model.request.ChangePasswordRequest;
+import com.iconplus.smartproc.model.request.ForgotPasswordRequest;
 import com.iconplus.smartproc.model.request.LoginRequest;
 import com.iconplus.smartproc.model.request.RefreshTokenRequest;
 import com.iconplus.smartproc.model.response.LoginResponse;
 import com.iconplus.smartproc.model.response.RefreshTokenResponse;
-import com.iconplus.smartproc.service.authentication.ChangePasswordService;
-import com.iconplus.smartproc.service.authentication.LoginService;
-import com.iconplus.smartproc.service.authentication.LogoutService;
-import com.iconplus.smartproc.service.authentication.TokenManagementService;
+import com.iconplus.smartproc.service.authentication.*;
 import org.springframework.web.bind.annotation.*;
 
 @CrossOrigin(origins = "http://localhost:8080", allowCredentials = "true")
@@ -18,19 +16,22 @@ import org.springframework.web.bind.annotation.*;
 @RequestMapping("/api/authentication")
 public class AuthenticationController {
 
-    private LoginService loginService;
-    private TokenManagementService tokenManagementService;
-    private LogoutService logoutService;
-    private ChangePasswordService changePasswordService;
+    private final LoginService loginService;
+    private final TokenManagementService tokenManagementService;
+    private final LogoutService logoutService;
+    private final ChangePasswordService changePasswordService;
+    private final ForgotPasswordService forgotPasswordService;
 
     public AuthenticationController(LoginService loginService,
                                     TokenManagementService tokenManagementService,
                                     LogoutService logoutService,
-                                    ChangePasswordService changePasswordService) {
+                                    ChangePasswordService changePasswordService,
+                                    ForgotPasswordService forgotPasswordService) {
         this.loginService = loginService;
         this.tokenManagementService = tokenManagementService;
         this.logoutService = logoutService;
         this.changePasswordService = changePasswordService;
+        this.forgotPasswordService = forgotPasswordService;
     }
 
     @PostMapping("/login")
@@ -54,4 +55,9 @@ public class AuthenticationController {
         return changePasswordService.execute(changePasswordRequest);
     }
 
+    @PostMapping("/forgot-password")
+    public EmptyResponse forgotPassword(@RequestBody ForgotPasswordRequest forgotPasswordRequest) {
+        return forgotPasswordService.execute(forgotPasswordRequest);
+    }
+
 }
diff --git a/src/main/java/com/iconplus/smartproc/model/request/ForgotPasswordRequest.java b/src/main/java/com/iconplus/smartproc/model/request/ForgotPasswordRequest.java
new file mode 100644
index 0000000..16cb94c
--- /dev/null
+++ b/src/main/java/com/iconplus/smartproc/model/request/ForgotPasswordRequest.java
@@ -0,0 +1,17 @@
+package com.iconplus.smartproc.model.request;
+
+import com.iconplus.smartproc.helper.base.BaseRequest;
+import lombok.AllArgsConstructor;
+import lombok.Builder;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+@Data
+@Builder
+@AllArgsConstructor
+@NoArgsConstructor
+public class ForgotPasswordRequest extends BaseRequest {
+    private String email;
+    private String newPassword;
+    private String confirmationPassword;
+}
diff --git a/src/main/java/com/iconplus/smartproc/service/authentication/ForgotPasswordService.java b/src/main/java/com/iconplus/smartproc/service/authentication/ForgotPasswordService.java
new file mode 100644
index 0000000..35dd3cd
--- /dev/null
+++ b/src/main/java/com/iconplus/smartproc/service/authentication/ForgotPasswordService.java
@@ -0,0 +1,51 @@
+package com.iconplus.smartproc.service.authentication;
+
+import com.iconplus.smartproc.exception.BusinessException;
+import com.iconplus.smartproc.helper.model.EmptyResponse;
+import com.iconplus.smartproc.helper.service.BaseService;
+import com.iconplus.smartproc.model.request.ForgotPasswordRequest;
+import com.iconplus.smartproc.repository.UsersRepository;
+import com.iconplus.smartproc.service.CommonService;
+import com.iconplus.smartproc.util.Constants;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.http.HttpStatus;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.stereotype.Service;
+
+@Service
+public class ForgotPasswordService implements BaseService<ForgotPasswordRequest, EmptyResponse> {
+
+    private UsersRepository usersRepository;
+    private CommonService commonService;
+    public ForgotPasswordService(UsersRepository usersRepository,
+                                 CommonService commonService) {
+        this.usersRepository = usersRepository;
+        this.commonService = commonService;
+    }
+
+    @Override
+    public EmptyResponse execute(ForgotPasswordRequest input) {
+
+        var users = usersRepository.findByEmailAndIsDeleteFalse(input.getEmail())
+                .orElseThrow(() -> new BusinessException(Constants.ERR_CODE_10001,
+                        Constants.ERR_TTL_10001,
+                        String.format(Constants.ERR_MSG_10001, "User", input.getEmail())));
+
+        String newPassword = commonService.getPassword(input.getNewPassword());
+        String confirmationPassword = commonService.getPassword(input.getConfirmationPassword());
+
+
+        if (!StringUtils.equalsIgnoreCase(newPassword, confirmationPassword)) {
+            throw new BusinessException(HttpStatus.CONFLICT,
+                    Constants.ERR_CODE_10007,
+                    Constants.ERR_TTL_10007,
+                    Constants.ERR_MSG_10007);
+        }
+
+        BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
+        users.setPassword(bCryptPasswordEncoder.encode(newPassword));
+        usersRepository.save(users);
+
+        return new EmptyResponse();
+    }
+}