/*
* This is eMonocot, a global online biodiversity information resource.
*
* Copyright © 2011–2015 The Board of Trustees of the Royal Botanic Gardens, Kew and The University of Oxford
*
* eMonocot is free software: you can redistribute it and/or modify it under the terms of the
* GNU Affero General Public License as published by the Free Software Foundation, either version 3
* of the License, or (at your option) any later version.
*
* eMonocot is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even
* the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* The complete text of the GNU Affero General Public License is in the source repository as the file
* ‘COPYING’. It is also available from <http://www.gnu.org/licenses/>.
*/
package org.emonocot.portal.controller;
import java.util.HashMap;
import java.util.Map;
import javax.validation.Valid;
import org.emonocot.api.UserService;
import org.emonocot.portal.controller.form.RecoveryForm;
import org.emonocot.portal.controller.form.ResetForm;
import org.emonocot.service.EmailService;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.support.DefaultMessageSourceResolvable;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;
/**
*
* @author ben
*
*/
@Controller
@RequestMapping(value = "/recovery")
public class RecoveryController {
private static Logger logger = LoggerFactory.getLogger(RecoveryController.class);
private UserService userService;
private EmailService emailService;
private String baseUrl;
@Autowired
public void setUserController(UserService userService) {
this.userService = userService;
}
@Autowired
public void setEmailService(EmailService emailService) {
this.emailService = emailService;
}
public void setBaseUrl(String baseUrl) {
this.baseUrl = baseUrl;
}
@RequestMapping(method = RequestMethod.GET)
public String show(Model model) {
model.addAttribute(new RecoveryForm());
return "recovery/show";
}
@RequestMapping(method = RequestMethod.POST)
public String reset(@Valid @ModelAttribute RecoveryForm recoveryForm,
BindingResult result, RedirectAttributes redirectAttributes) {
if (result.hasErrors()) {
return "recovery/show";
}
if(null == userService.find(recoveryForm.getUsername())) {
String[] codes = new String[] { "problem.resetting.password" };
Object[] args = new Object[] { };
DefaultMessageSourceResolvable message = new DefaultMessageSourceResolvable(codes, args);
redirectAttributes.addFlashAttribute("error", message);
return "redirect:/recovery";
}
String nonce = userService.createNonce(recoveryForm.getUsername());
Map<String,String> model = new HashMap<String,String>();
model.put("nonce", nonce);
model.put("baseUrl", baseUrl);
emailService.sendEmail("org/emonocot/portal/controller/ResetPasswordRequest.vm", model, recoveryForm.getUsername(), "Password Reset Request");
String[] codes = new String[] { "reset.email.sent" };
Object[] args = new Object[] { };
DefaultMessageSourceResolvable message = new DefaultMessageSourceResolvable(codes, args);
redirectAttributes.addFlashAttribute("info", message);
return "redirect:/recovery";
}
@RequestMapping(value = "/{nonce}", method = RequestMethod.GET)
public String verifyPage(@PathVariable("nonce") String nonce, Model model) {
ResetForm resetForm = new ResetForm();
model.addAttribute(resetForm);
return "recovery/verify";
}
@RequestMapping(value = "/{nonce}", method = RequestMethod.POST)
public String verify(@PathVariable("nonce") String nonce,
@Valid @ModelAttribute ResetForm resetForm,
Model model,
BindingResult result, RedirectAttributes redirectAttributes) {
if (result.hasErrors()) {
return "recovery/verify";
}
if(userService.verifyNonce(resetForm.getUsername(), nonce)) {
userService.changePasswordForUser(resetForm.getUsername(),resetForm.getPassword());
String[] codes = new String[] { "password.recovery.successful" };
Object[] args = new Object[] { };
DefaultMessageSourceResolvable message = new DefaultMessageSourceResolvable(codes, args);
redirectAttributes.addFlashAttribute("info",message);
return "redirect:/login";
} else {
String[] codes = new String[] { "password.recovery.failed" };
Object[] args = new Object[] { };
DefaultMessageSourceResolvable message = new DefaultMessageSourceResolvable(codes, args);
model.addAttribute("error",message);
return "recovery/verify";
}
}
}