Search in sources :

Example 1 with PasswordValidationException

use of com.odysseusinc.arachne.portal.exception.PasswordValidationException in project ArachneCentralAPI by OHDSI.

the class BaseAuthenticationController method resetPassword.

@ApiOperation("Reset password for specified e-mail.")
@RequestMapping(value = "/api/v1/auth/reset-password", method = RequestMethod.POST)
public JsonResult resetPassword(Principal principal, HttpServletRequest request, @RequestBody @Valid ResetPasswordDTO resetPasswordDTO, BindingResult binding) throws PasswordValidationException, UserNotFoundException, NotExistException, NoSuchFieldException, IOException, SolrServerException, IllegalAccessException {
    if (principal != null) {
        String token = request.getHeader(tokenHeader);
        tokenUtils.addInvalidateToken(token);
    }
    JsonResult result;
    if (binding.hasErrors()) {
        result = super.setValidationErrors(binding);
    } else {
        String email = resetPasswordDTO.getEmail();
        String token = resetPasswordDTO.getToken();
        String newPassword = resetPasswordDTO.getPassword();
        final ArachnePasswordData passwordData = new ArachnePasswordData(new Password(newPassword));
        final ArachnePasswordValidationResult validationResult = passwordValidator.validate(passwordData);
        if (!validationResult.isValid()) {
            throw new PasswordValidationException(passwordValidator.getMessages(validationResult));
        }
        if (passwordResetService.canReset(email, token)) {
            IUser user = userService.getByUnverifiedEmailInAnyTenant(email);
            user.setPassword(newPassword);
            userService.resetPassword(user);
            result = new JsonResult<>(JsonResult.ErrorCode.NO_ERROR);
        } else {
            result = new JsonResult<>(JsonResult.ErrorCode.VALIDATION_ERROR);
            result.setErrorMessage("Token expired. Please, request new reset password link.");
        }
    }
    return result;
}
Also used : ArachnePasswordData(com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordData) PasswordValidationException(com.odysseusinc.arachne.portal.exception.PasswordValidationException) IUser(com.odysseusinc.arachne.portal.model.IUser) ArachnePasswordValidationResult(com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordValidationResult) JsonResult(com.odysseusinc.arachne.commons.api.v1.dto.util.JsonResult) Password(edu.vt.middleware.password.Password) ApiOperation(io.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 2 with PasswordValidationException

use of com.odysseusinc.arachne.portal.exception.PasswordValidationException in project ArachneCentralAPI by OHDSI.

the class BaseUserController method changePassword.

@ApiOperation("Change user password")
@RequestMapping(value = "/api/v1/user-management/users/changepassword", method = POST)
public JsonResult changePassword(@RequestBody @Valid ChangePasswordDTO changePasswordDTO, Principal principal) throws ValidationException, PasswordValidationException {
    JsonResult result;
    U loggedUser = userService.getByEmail(principal.getName());
    try {
        userService.updatePassword(loggedUser, changePasswordDTO.getOldPassword(), changePasswordDTO.getNewPassword());
        result = new JsonResult<>(NO_ERROR);
    } catch (ValidationException ex) {
        result = new JsonResult<>(VALIDATION_ERROR);
        result.setErrorMessage(ex.getMessage());
    }
    return result;
}
Also used : PasswordValidationException(com.odysseusinc.arachne.portal.exception.PasswordValidationException) ValidationException(com.odysseusinc.arachne.portal.exception.ValidationException) JsonResult(com.odysseusinc.arachne.commons.api.v1.dto.util.JsonResult) ApiOperation(io.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 3 with PasswordValidationException

use of com.odysseusinc.arachne.portal.exception.PasswordValidationException in project ArachneCentralAPI by OHDSI.

the class BaseUserServiceImpl method validatePassword.

private void validatePassword(String username, String firstName, String lastName, String middleName, String password) throws PasswordValidationException {
    ArachnePasswordData passwordData = new ArachnePasswordData(new Password(password));
    passwordData.setUsername(username);
    passwordData.setFirstName(firstName);
    passwordData.setLastName(lastName);
    passwordData.setMiddleName(middleName);
    final ArachnePasswordValidationResult result = passwordValidator.validate(passwordData);
    if (!result.isValid()) {
        throw new PasswordValidationException(passwordValidator.getMessages(result));
    }
}
Also used : ArachnePasswordData(com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordData) PasswordValidationException(com.odysseusinc.arachne.portal.exception.PasswordValidationException) ArachnePasswordValidationResult(com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordValidationResult) Password(edu.vt.middleware.password.Password)

Aggregations

PasswordValidationException (com.odysseusinc.arachne.portal.exception.PasswordValidationException)3 JsonResult (com.odysseusinc.arachne.commons.api.v1.dto.util.JsonResult)2 ArachnePasswordData (com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordData)2 ArachnePasswordValidationResult (com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordValidationResult)2 Password (edu.vt.middleware.password.Password)2 ApiOperation (io.swagger.annotations.ApiOperation)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 ValidationException (com.odysseusinc.arachne.portal.exception.ValidationException)1 IUser (com.odysseusinc.arachne.portal.model.IUser)1