Merge pull request eugenp#128 from Doha2012/master

spring security reset password

Author: Eugen

spring-security-login-and-registration/src/main/java/org/baeldung/persistence/dao/PasswordResetTokenRepository.java

@@ -0,0 +1,12 @@
+package org.baeldung.persistence.dao;
+
+import org.baeldung.persistence.model.PasswordResetToken;
+import org.baeldung.persistence.model.User;
+import org.springframework.data.jpa.repository.JpaRepository;
+
+public interface PasswordResetTokenRepository extends JpaRepository<PasswordResetToken, Long> {
+
+    public PasswordResetToken findByToken(String token);
+
+    public PasswordResetToken findByUser(User user);
+}

spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/PasswordResetToken.java

@@ -0,0 +1,133 @@
+package org.baeldung.persistence.model;
+
+import java.sql.Timestamp;
+import java.util.Calendar;
+import java.util.Date;
+
+import javax.persistence.Entity;
+import javax.persistence.FetchType;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.JoinColumn;
+import javax.persistence.OneToOne;
+
+@Entity
+public class PasswordResetToken {
+
+    private static final int EXPIRATION = 60 * 24;
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    private Long id;
+
+    private String token;
+
+    @OneToOne(targetEntity = User.class, fetch = FetchType.EAGER)
+    @JoinColumn(nullable = false, name = "user_id")
+    private User user;
+
+    private Date expiryDate;
+
+    public PasswordResetToken() {
+        super();
+    }
+
+    public PasswordResetToken(String token) {
+        super();
+
+        this.token = token;
+        this.expiryDate = calculateExpiryDate(EXPIRATION);
+    }
+
+    public PasswordResetToken(String token, User user) {
+        super();
+
+        this.token = token;
+        this.user = user;
+        this.expiryDate = calculateExpiryDate(EXPIRATION);
+    }
+
+    public String getToken() {
+        return token;
+    }
+
+    public void setToken(String token) {
+        this.token = token;
+    }
+
+    public User getUser() {
+        return user;
+    }
+
+    public void setUser(User user) {
+        this.user = user;
+    }
+
+    public Date getExpiryDate() {
+        return expiryDate;
+    }
+
+    public void setExpiryDate(Date expiryDate) {
+        this.expiryDate = expiryDate;
+    }
+
+    private Date calculateExpiryDate(int expiryTimeInMinutes) {
+        Calendar cal = Calendar.getInstance();
+        cal.setTime(new Timestamp(cal.getTime().getTime()));
+        cal.add(Calendar.MINUTE, expiryTimeInMinutes);
+        return new Date(cal.getTime().getTime());
+    }
+
+    public void updateToken(String token) {
+        this.token = token;
+        this.expiryDate = calculateExpiryDate(EXPIRATION);
+    }
+
+    //
+
+    @Override
+    public int hashCode() {
+        final int prime = 31;
+        int result = 1;
+        result = prime * result + ((expiryDate == null) ? 0 : expiryDate.hashCode());
+        result = prime * result + ((token == null) ? 0 : token.hashCode());
+        result = prime * result + ((user == null) ? 0 : user.hashCode());
+        return result;
+    }
+
+    @Override
+    public boolean equals(Object obj) {
+        if (this == obj)
+            return true;
+        if (obj == null)
+            return false;
+        if (getClass() != obj.getClass())
+            return false;
+        PasswordResetToken other = (PasswordResetToken) obj;
+        if (expiryDate == null) {
+            if (other.expiryDate != null)
+                return false;
+        } else if (!expiryDate.equals(other.expiryDate))
+            return false;
+        if (token == null) {
+            if (other.token != null)
+                return false;
+        } else if (!token.equals(other.token))
+            return false;
+        if (user == null) {
+            if (other.user != null)
+                return false;
+        } else if (!user.equals(other.user))
+            return false;
+        return true;
+    }
+
+    @Override
+    public String toString() {
+        final StringBuilder builder = new StringBuilder();
+        builder.append("Token [String=").append(token).append("]").append("[Expires").append(expiryDate).append("]");
+        return builder.toString();
+    }
+
+}

spring-security-login-and-registration/src/main/java/org/baeldung/persistence/model/VerificationToken.java

@@ -1,10 +1,8 @@
 package org.baeldung.persistence.model;
 
 import java.util.Calendar;
-import java.sql.Date;
-import java.sql.Timestamp;
+import java.util.Date;
 
-import javax.persistence.Column;
 import javax.persistence.Entity;
 import javax.persistence.FetchType;
 import javax.persistence.GeneratedValue;
@@ -16,7 +14,7 @@
 @Entity
 public class VerificationToken {
 
-    private static final int EXPIRATION = 60 * 24;
+    private static final int EXPIRATION = 2;// 60 * 24;
 
     @Id
     @GeneratedValue(strategy = GenerationType.AUTO)
@@ -75,11 +73,16 @@ public void setExpiryDate(Date expiryDate) {
 
     private Date calculateExpiryDate(int expiryTimeInMinutes) {
         Calendar cal = Calendar.getInstance();
-        cal.setTime(new Timestamp(cal.getTime().getTime()));
+        cal.setTimeInMillis(new Date().getTime());
         cal.add(Calendar.MINUTE, expiryTimeInMinutes);
         return new Date(cal.getTime().getTime());
     }
 
+    public void updateToken(String token) {
+        this.token = token;
+        this.expiryDate = calculateExpiryDate(EXPIRATION);
+    }
+
     //
 
     @Override

spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/IUserService.java

@@ -1,5 +1,6 @@
 package org.baeldung.persistence.service;
 
+import org.baeldung.persistence.model.PasswordResetToken;
 import org.baeldung.persistence.model.User;
 import org.baeldung.persistence.model.VerificationToken;
 import org.baeldung.validation.EmailExistsException;
@@ -18,4 +19,17 @@ public interface IUserService {
 
     VerificationToken getVerificationToken(String VerificationToken);
 
+    VerificationToken updateVerificationToken(String token);
+
+    void createPasswordResetTokenForUser(User user, String token);
+
+    User findUserByEmail(String email);
+
+    PasswordResetToken getPasswordResetToken(String token);
+
+    User getUserByPasswordResetToken(String token);
+
+    User getUserByID(long id);
+
+    void changeUserPassword(User user, String password);
 }

spring-security-login-and-registration/src/main/java/org/baeldung/persistence/service/UserService.java

@@ -1,12 +1,15 @@
 package org.baeldung.persistence.service;
 
 import java.util.Arrays;
+import java.util.UUID;
 
 import javax.transaction.Transactional;
 
+import org.baeldung.persistence.dao.PasswordResetTokenRepository;
 import org.baeldung.persistence.dao.RoleRepository;
 import org.baeldung.persistence.dao.UserRepository;
 import org.baeldung.persistence.dao.VerificationTokenRepository;
+import org.baeldung.persistence.model.PasswordResetToken;
 import org.baeldung.persistence.model.User;
 import org.baeldung.persistence.model.VerificationToken;
 import org.baeldung.validation.EmailExistsException;
@@ -23,6 +26,9 @@ public class UserService implements IUserService {
     @Autowired
     private VerificationTokenRepository tokenRepository;
 
+    @Autowired
+    private PasswordResetTokenRepository passwordTokenRepository;
+
     @Autowired
     private PasswordEncoder passwordEncoder;
 
@@ -74,6 +80,39 @@ public void createVerificationTokenForUser(User user, String token) {
         tokenRepository.save(myToken);
     }
 
+    public VerificationToken updateVerificationToken(String verificationToken) {
+        VerificationToken vToken = tokenRepository.findByToken(verificationToken);
+        vToken.updateToken(UUID.randomUUID().toString());
+        vToken = tokenRepository.save(vToken);
+        return vToken;
+    }
+
+    public void createPasswordResetTokenForUser(User user, String token) {
+        PasswordResetToken myToken = new PasswordResetToken(token, user);
+        passwordTokenRepository.save(myToken);
+    }
+
+    public User findUserByEmail(String email) {
+        return repository.findByEmail(email);
+    }
+
+    public PasswordResetToken getPasswordResetToken(String token) {
+        return passwordTokenRepository.findByToken(token);
+    }
+
+    public User getUserByPasswordResetToken(String token) {
+        return passwordTokenRepository.findByToken(token).getUser();
+    }
+
+    public User getUserByID(long id) {
+        return repository.findOne(id);
+    }
+
+    public void changeUserPassword(User user, String password) {
+        user.setPassword(passwordEncoder.encode(password));
+        repository.save(user);
+    }
+
     private boolean emailExist(String email) {
         User user = repository.findByEmail(email);
         if (user != null) {

spring-security-login-and-registration/src/main/java/org/baeldung/registration/listener/RegistrationListener.java

@@ -41,6 +41,7 @@ private void confirmRegistration(OnRegistrationCompleteEvent event) {
         email.setTo(recipientAddress);
         email.setSubject(subject);
         email.setText(message + " \r\n" + "http://localhost:8080" + confirmationUrl);
+        System.out.println(email.getText());
         mailSender.send(email);
     }
 }

spring-security-login-and-registration/src/main/java/org/baeldung/security/MyUserDetailsService.java

@@ -56,7 +56,7 @@ public UserDetails loadUserByUsername(final String email) throws UsernameNotFoun
 
     // UTIL
 
-    private final Collection<? extends GrantedAuthority> getAuthorities(final Collection<Role> roles) {
+    public final Collection<? extends GrantedAuthority> getAuthorities(final Collection<Role> roles) {
         return getGrantedAuthorities(getPrivileges(roles));
     }
 

spring-security-login-and-registration/src/main/java/org/baeldung/spring/MvcConfig.java

@@ -48,6 +48,8 @@ public void addViewControllers(final ViewControllerRegistry registry) {
         registry.addViewController("/admin.html");
         registry.addViewController("/registration.html");
         registry.addViewController("/successRegister.html");
+        registry.addViewController("/forgetPassword.html");
+        registry.addViewController("/updatePassword.html");
     }
 
     @Override