Select Git revision
PublicController.java
-
Paul Cancel authoredPaul Cancel authored
PublicController.java 5.47 KiB
package fr.but.infoetu.meetingplannr.controller;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AnonymousAuthenticationToken;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.mail.SimpleMailMessage;
import org.springframework.mail.javamail.JavaMailSender;
import fr.but.infoetu.meetingplannr.pojo.User;
import fr.but.infoetu.meetingplannr.repository.UserRepository;
import fr.but.infoetu.meetingplannr.service.UserService;
import jakarta.servlet.http.HttpSession;
import jakarta.validation.Valid;
import java.time.LocalDateTime;
import java.util.Optional;
@Controller
public class PublicController {
@Autowired
private UserRepository ur;
@Autowired
private UserService userService;
@Autowired
private JavaMailSender mailSender;
@Autowired
private PasswordEncoder passwordEncoder;
@RequestMapping(value = "public/login", method = RequestMethod.GET)
public String loginForm() {
if (isAuthenticated()) {
return "redirect:/user/listeAction";
}
return "public/login";
}
@RequestMapping(value = "public/register", method = RequestMethod.GET)
public String registerForm() {
if (isAuthenticated()) {
return "redirect:/user/listeAction";
}
return "public/register";
}
@RequestMapping(value = "public/register", method = RequestMethod.POST)
public String registerFormPost(@Valid User user, BindingResult res, Model model, HttpSession session) {
if (res.hasErrors()) {
StringBuilder errorMessage = new StringBuilder("Veuillez corriger les erreurs suivantes :<br>");
res.getFieldErrors().forEach(error -> errorMessage.append(error.getField()).append(": ").append(error.getDefaultMessage()).append("<br>"));
model.addAttribute("errorMessage", errorMessage.toString());
return "public/register";
}
Optional<User> userOpt = ur.findByUsername(user.getUsername());
if (userOpt.isPresent()) {
model.addAttribute("errorMessage", "Cet email est déjà utilisé.");
return "public/register";
}
userService.createUser(user);
session.setAttribute("currentUser", user);
UsernamePasswordAuthenticationToken authToken = new UsernamePasswordAuthenticationToken(user.getUsername(), user.getPassword(), user.getAuthorities());
SecurityContextHolder.getContext().setAuthentication(authToken);
return "redirect:/user/listeAction";
}
@RequestMapping(value = "public/password_change", method = RequestMethod.GET)
public String passwordChangeForm() {
return "public/passwordChange";
}
@RequestMapping(value = "public/perform_password_change", method = RequestMethod.POST)
public String performPasswordChange(@RequestParam("email") String email, @RequestParam("newPassword") String newPassword, Model model) {
Optional<User> userOpt = ur.findByUsername(email);
if (!userOpt.isPresent()) {
model.addAttribute("errorMessage", "Email not found.");
return "public/passwordChange";
}
User user = userOpt.get();
if(!user.getUsername().endsWith("@univ-lille.fr")) {
model.addAttribute("errorMessage", "Le mot de passe ne peut pas être modifié car l'adresse email n'appartient pas à l'université de Lille");
return "public/login";
}
userService.sendPasswordVerificationEmail(user, newPassword);
model.addAttribute("successMessage", "Un email de vérification a été envoyé à " + email + ".");
return "public/passwordChange";
}
@RequestMapping(value = "public/verify_password_change", method = RequestMethod.GET)
public String verifyPasswordChange(@RequestParam("token") String token, @RequestParam("password") String password, Model model) {
Optional<User> userOpt = ur.findByVerificationToken(token);
if (!userOpt.isPresent()) {
model.addAttribute("errorMessage", "Token invalide ou expiré.");
return "public/passwordChange";
}
User user = userOpt.get();
if (user.getTokenExpiration().isBefore(LocalDateTime.now())) {
model.addAttribute("errorMessage", "Le token a expiré.");
return "public/passwordChange";
}
System.out.println("Password: " + password);
user.setPassword(passwordEncoder.encode(password));
user.setVerificationToken(null);
user.setTokenExpiration(null);
ur.save(user);
return "redirect:/public/login";
}
private boolean isAuthenticated() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
return authentication != null &&
authentication.isAuthenticated() &&
!(authentication instanceof AnonymousAuthenticationToken);
}
}