com.formkiq.server.api.UsersController Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of formkiq-server Show documentation
Show all versions of formkiq-server Show documentation
Server-side integration for the FormKiQ ios application
package com.formkiq.server.api;
import javax.servlet.http.HttpServletRequest;
import javax.transaction.Transactional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mail.MailSender;
import org.springframework.mail.SimpleMailMessage;
import org.springframework.security.access.annotation.Secured;
import org.springframework.security.core.Authentication;
import org.springframework.util.StringUtils;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import com.formkiq.server.domain.type.UserDTO;
import com.formkiq.server.domain.type.UserListDTO;
import com.formkiq.server.domain.type.UserRole;
import com.formkiq.server.domain.type.UserStatus;
import com.formkiq.server.service.AuthenticationFailureException;
import com.formkiq.server.service.InvalidEmailException;
import com.formkiq.server.service.PreconditionFailedException;
import com.formkiq.server.service.UserService;
/**
* User Rest Service.
*
*/
@RestController
public class UsersController extends AbstractRestController {
/** OAuth Token URL. */
public static final String OAUTH_TOKEN = "/oauth/token";
/** Save User. */
public static final String API_USER_SAVE = "/api/users/save";
/** Change Password. */
public static final String API_USER_CHANGE_PASSWORD
= "/api/users/changepassword";
/** Reset Lost Password. */
public static final String API_USER_LOST_PASSWORD
= "/api/users/lostpassword";
/** User Get. */
public static final String API_USER_GET = "/api/users/get";
/** User List. */
public static final String API_USER_LIST = "/api/users/list";
/** MailSender. */
@Autowired
private MailSender mailSender;
/** UserService. */
@Autowired
private UserService userservice;
/**
* Change User Password.
* @param request {@link HttpServletRequest}
* @param password String
* @param newPassword String
* @return ApiStringResponse
*/
@Transactional
@RequestMapping(API_USER_CHANGE_PASSWORD)
public ApiMessageResponse changePassword(
final HttpServletRequest request,
@RequestParam(value = "pass", required = true)
final String password,
@RequestParam(value = "newpass", required = true)
final String newPassword) {
getApiVersion(request);
Authentication auth = getAuthentication();
boolean result = this.userservice.updatePassword(auth.getName(),
password, newPassword);
if (result) {
return new ApiMessageResponse("password changed");
}
throw new PreconditionFailedException(
"unable to change password - double check old password");
}
/**
* Save User.
* @param request {@link HttpServletRequest}
* @param client String
* @param email String
* @param password String
* @param role String
* @param status String
* @return ApiStringResponse
*/
@Secured({ "ROLE_ADMIN" })
@Transactional
@RequestMapping(API_USER_SAVE)
public ApiMessageResponse save(
final HttpServletRequest request,
@RequestParam(value = "client", required = false)
final String client,
@RequestParam(value = "email", required = true)
final String email,
@RequestParam(value = "pass", required = false)
final String password,
@RequestParam(value = "role", required = false)
final String role,
@RequestParam(value = "status", required = false)
final String status) {
getApiVersion(request);
UserRole ur = null;
UserStatus us = null;
if (!StringUtils.isEmpty(role)) {
ur = UserRole.valueOf(role.trim());
}
if (!StringUtils.isEmpty(status)) {
us = UserStatus.valueOf(status.trim());
}
this.userservice.saveUser(client, email, password, ur, us);
return new ApiMessageResponse("user saved", email);
}
/**
* Resets password.
* @param request {@link HttpServletRequest}
* @param email String
* @return ApiStringResponse
*/
@Transactional
@RequestMapping(API_USER_LOST_PASSWORD)
public ApiMessageResponse lostpassword(
final HttpServletRequest request,
@RequestParam(value = "email", required = true)
final String email) {
getApiVersion(request);
try {
String resetToken = this.userservice.generateResetToken(email);
SimpleMailMessage msg = new SimpleMailMessage();
msg.setTo(email);
msg.setSubject("Lost Password");
String text = "Hi there,\n\n"
+ "Someone recently requested a password change "
+ "for your FormKiQ account. "
+ "If this was you, you can enter this reset token "
+ "into the app to change your password.\n\n"
+ resetToken + "\n\n"
+ "If you don't want to change your password or didn't "
+ "request this, just ignore and delete this message."
+ "\n\n"
+ "Thanks!"
+ "- The FormKiQ Team";
msg.setText(text);
this.mailSender.send(msg);
return new ApiMessageResponse(
"reset token has been sent your email");
} catch (AuthenticationFailureException e) {
throw new InvalidEmailException("invalid email " + email);
}
}
/**
* Get Users in system.
* @param request {@link HttpServletRequest}
* @param email String
* @return UserListDTO
*/
@Transactional
@Secured({ "ROLE_ADMIN" })
@RequestMapping(API_USER_GET)
public UserDTO get(
final HttpServletRequest request,
@RequestParam(value = "email", required = true)
final String email) {
getApiVersion(request);
return this.userservice.findUser(email);
}
/**
* Lists Users in system.
* @param request {@link HttpServletRequest}
* @return UserListDTO
*/
@Transactional
@Secured({ "ROLE_ADMIN" })
@RequestMapping(API_USER_LIST)
public UserListDTO list(final HttpServletRequest request) {
getApiVersion(request);
UserListDTO dto = this.userservice.findUsers();
return dto;
}
}