Skip to content

Commit

Permalink
Update
Browse files Browse the repository at this point in the history
  • Loading branch information
@Portals
Portals committed Aug 20, 2024
1 parent b513bb5 commit eff86aa
Show file tree
Hide file tree
Showing 5 changed files with 71 additions and 3 deletions.
21 changes: 20 additions & 1 deletion app/src/main/java/it/chalmers/gamma/adapter/primary/web/UsersController.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@
import it.chalmers.gamma.app.user.domain.LastName.LastNameValidator;
import it.chalmers.gamma.app.user.domain.Nick.NickValidator;
import it.chalmers.gamma.app.user.domain.UnencryptedPassword.UnencryptedPasswordValidator;
import it.chalmers.gamma.app.user.passwordreset.UserResetPasswordFacade;
import it.chalmers.gamma.security.authentication.AuthenticationExtractor;
import it.chalmers.gamma.security.authentication.UserAuthentication;
import java.time.Year;
Expand All @@ -31,10 +32,15 @@ public class UsersController {

private final UserFacade userFacade;
private final UserCreationFacade userCreationFacade;
private final UserResetPasswordFacade userResetPasswordFacade;

public UsersController(UserFacade userFacade, UserCreationFacade userCreationFacade) {
public UsersController(
UserFacade userFacade,
UserCreationFacade userCreationFacade,
UserResetPasswordFacade userResetPasswordFacade) {
this.userFacade = userFacade;
this.userCreationFacade = userCreationFacade;
this.userResetPasswordFacade = userResetPasswordFacade;
}

@GetMapping("/users")
Expand Down Expand Up @@ -314,4 +320,17 @@ public ModelAndView deleteUser(

return new ModelAndView("redirect:/users");
}

@PostMapping("/users/{id}/generate-password-link")
public ModelAndView generatePasswordLink(
@RequestHeader(value = "HX-Request", required = true) boolean htmxRequest,
@PathVariable("id") UUID userId) {
String passwordResetLink = userResetPasswordFacade.generatePasswordLink(userId);

ModelAndView mv = new ModelAndView();
mv.setViewName("user-details/page :: password-link-generated");
mv.addObject("passwordLink", passwordResetLink);

return mv;
}
}
11 changes: 11 additions & 0 deletions ...java/it/chalmers/gamma/adapter/secondary/jpa/user/UserPasswordResetRepositoryAdapter.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,6 +62,17 @@ public PasswordReset createNewToken(Cid cid) throws UserNotFoundException {
return this.createNewToken(maybeUserEntity.get());
}

@Override
public PasswordReset createNewToken(UserId userId) throws UserNotFoundException {
Optional<UserEntity> maybeUserEntity = this.userJpaRepository.findById(userId.value());

if (maybeUserEntity.isEmpty()) {
throw new UserNotFoundException();
}

return this.createNewToken(maybeUserEntity.get());
}

@Override
public boolean isTokenValid(PasswordResetToken token) {
return this.userPasswordResetJpaRepository
Expand Down
23 changes: 21 additions & 2 deletions app/src/main/java/it/chalmers/gamma/app/user/passwordreset/UserResetPasswordFacade.java
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
package it.chalmers.gamma.app.user.passwordreset;

import static it.chalmers.gamma.app.authentication.AccessGuard.isAdmin;
import static it.chalmers.gamma.app.authentication.AccessGuard.isNotSignedIn;

import it.chalmers.gamma.app.Facade;
Expand All @@ -15,6 +16,7 @@
import it.chalmers.gamma.app.user.passwordreset.domain.PasswordResetToken;
import it.chalmers.gamma.app.validation.SuccessfulValidation;
import it.chalmers.gamma.security.TimerBlock;
import java.util.UUID;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Value;
Expand Down Expand Up @@ -45,6 +47,19 @@ public UserResetPasswordFacade(
this.baseUrl = baseUrl;
}

public String generatePasswordLink(UUID userId) {
super.accessGuard.require(isAdmin());

try {
PasswordResetRepository.PasswordReset passwordReset =
this.passwordResetRepository.createNewToken(new UserId(userId));

return generatePasswordResetLink(passwordReset.token());
} catch (PasswordResetRepository.UserNotFoundException e) {
throw new IllegalStateException();
}
}

public void startResetPasswordProcess(String cidOrEmailString) {
this.accessGuard.require(isNotSignedIn());

Expand Down Expand Up @@ -94,18 +109,22 @@ public void finishResetPasswordProcess(
this.userRepository.setPassword(userId, unencryptedPassword);
}

private String generatePasswordResetLink(PasswordResetToken token) {
return this.baseUrl + "/forgot-password/finalize?token=" + token.value();
}

private void sendPasswordResetTokenMail(Email email, PasswordResetToken token) {
String subject = "Password reset for Account at IT division of Chalmers";

String resetUrl = this.baseUrl + "/forgot-password/finalize?token=" + token.value();
String resetUrl = generatePasswordResetLink(token);

String message =
"""
A password reset have been requested for this account, if you have not requested this mail, feel free to ignore it.
The link is valid for 15 minutes. Click here to reset password:
%s
"""
.formatted(resetUrl, resetUrl);
.formatted(resetUrl);

this.mailService.sendMail(email.value(), subject, message);
}
Expand Down
2 changes: 2 additions & 0 deletions ...rc/main/java/it/chalmers/gamma/app/user/passwordreset/domain/PasswordResetRepository.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ record PasswordReset(PasswordResetToken token, Email email) {}

PasswordReset createNewToken(Cid cid) throws UserNotFoundException;

PasswordReset createNewToken(UserId userId) throws UserNotFoundException;

boolean isTokenValid(PasswordResetToken token);

UserId useToken(PasswordResetToken token);
Expand Down
17 changes: 17 additions & 0 deletions app/src/main/resources/templates/user-details/page.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,23 @@
</footer>
</article>

<article th:if="${isAdmin}" th:fragment="password-link-generated">
<header>
Generate reset password link
</header>
<p th:if="${passwordLink == null}">Password link will appear here</p>
<th:block th:if="${passwordLink != null}">
<p>Link valid for 15 minutes.</p>
<code th:text="${passwordLink}"></code>
</th:block>
<footer>
<form th:data-hx-post="|/users/${userId}/generate-password-link|" data-hx-target="closest article" data-hx-swap="outerHTML">
<div th:replace="~{common/form-csrf}"></div>
<button class="outline contrast" data-loading-disable>Generate</button>
</form>
</footer>
</article>

<article>
<header th:text="|${nick}:s groups|"></header>
<p th:if="${groups.size() == 0}">
Expand Down

0 comments on commit eff86aa

Please sign in to comment.