package org.abcgo.service;
import org.abcgo.domain.Authority;
import org.abcgo.domain.User;
import org.abcgo.repository.AuthorityRepository;
import org.abcgo.repository.UserRepository;
import org.abcgo.security.SecurityUtils;
import org.abcgo.service.util.RandomUtil;
import org.joda.time.DateTime;
import org.joda.time.LocalDate;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.scheduling.annotation.Scheduled;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import javax.inject.Inject;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
/**
* Service class for managing users.
*/
@Service
@Transactional
public class UserService {
private final Logger log = LoggerFactory.getLogger(UserService.class);
@Inject
private PasswordEncoder passwordEncoder;
@Inject
private UserRepository userRepository;
@Inject
private AuthorityRepository authorityRepository;
public User activateRegistration(String key) {
log.debug("Activating user for activation key {}", key);
User user = userRepository.findOneByActivationKey(key);
// activate given user for the registration key.
if (user != null) {
user.setActivated(true);
user.setActivationKey(null);
userRepository.save(user);
log.debug("Activated user: {}", user);
}
return user;
}
public User completePasswordReset(String newPassword, String key) {
log.debug("Reset user password for reset key {}", key);
User user = userRepository.findOneByResetKey(key);
DateTime oneDayAgo = DateTime.now().minusHours(24);
if (user != null && user.getActivated()) {
if (user.getResetDate().isAfter(oneDayAgo.toInstant().getMillis())) {
user.setPassword(passwordEncoder.encode(newPassword));
user.setResetKey(null);
user.setResetDate(null);
userRepository.save(user);
return user;
} else {
return null;
}
}
return null;
}
public User requestPasswordReset(String mail) {
User user = userRepository.findOneByEmail(mail);
if (user != null && user.getActivated()) {
user.setResetKey(RandomUtil.generateResetKey());
user.setResetDate(DateTime.now());
userRepository.save(user);
return user;
}
return null;
}
public User createUserInformation(String login, String password, String firstName, String lastName, String email,
String langKey) {
User newUser = new User();
Authority authority = authorityRepository.findOne("ROLE_USER");
Set<Authority> authorities = new HashSet<>();
String encryptedPassword = passwordEncoder.encode(password);
newUser.setLogin(login);
// new user gets initially a generated password
newUser.setPassword(encryptedPassword);
newUser.setFirstName(firstName);
newUser.setLastName(lastName);
newUser.setEmail(email);
newUser.setLangKey(langKey);
// new user is not active
newUser.setActivated(false);
// new user gets registration key
newUser.setActivationKey(RandomUtil.generateActivationKey());
authorities.add(authority);
newUser.setAuthorities(authorities);
userRepository.save(newUser);
log.debug("Created Information for User: {}", newUser);
return newUser;
}
public void updateUserInformation(String firstName, String lastName, String email, String langKey) {
User currentUser = userRepository.findOneByLogin(SecurityUtils.getCurrentLogin());
currentUser.setFirstName(firstName);
currentUser.setLastName(lastName);
currentUser.setEmail(email);
currentUser.setLangKey(langKey);
userRepository.save(currentUser);
log.debug("Changed Information for User: {}", currentUser);
}
public void changePassword(String password) {
User currentUser = userRepository.findOneByLogin(SecurityUtils.getCurrentLogin());
String encryptedPassword = passwordEncoder.encode(password);
currentUser.setPassword(encryptedPassword);
userRepository.save(currentUser);
log.debug("Changed password for User: {}", currentUser);
}
@Transactional(readOnly = true)
public User getUserWithAuthorities() {
User currentUser = userRepository.findOneByLogin(SecurityUtils.getCurrentLogin());
currentUser.getAuthorities().size(); // eagerly load the association
return currentUser;
}
/**
* Not activated users should be automatically deleted after 3 days.
* <p/>
* <p>
* This is scheduled to get fired everyday, at 01:00 (am).
* </p>
*/
@Scheduled(cron = "0 0 1 * * ?")
public void removeNotActivatedUsers() {
DateTime now = new DateTime();
List<User> users = userRepository.findAllByActivatedIsFalseAndCreatedDateBefore(now.minusDays(3));
for (User user : users) {
log.debug("Deleting not activated user {}", user.getLogin());
userRepository.delete(user);
}
}
}