use of org.thingsboard.server.common.data.security.UserCredentials in project thingsboard by thingsboard.
the class JpaUserCredentialsDaoTest method testFindByUserId.
@Test
@DatabaseSetup("classpath:dbunit/user_credentials.xml")
public void testFindByUserId() {
UserCredentials userCredentials = userCredentialsDao.findByUserId(UUID.fromString("787827e6-27d7-11e7-93ae-92361f002671"));
assertNotNull(userCredentials);
assertEquals("4b9e010c-27d5-11e7-93ae-92361f002671", userCredentials.getId().toString());
assertEquals(true, userCredentials.isEnabled());
assertEquals("password", userCredentials.getPassword());
assertEquals("ACTIVATE_TOKEN_2", userCredentials.getActivateToken());
assertEquals("RESET_TOKEN_2", userCredentials.getResetToken());
}
use of org.thingsboard.server.common.data.security.UserCredentials in project thingsboard by thingsboard.
the class BaseUserServiceTest method testSaveUser.
@Test
public void testSaveUser() {
User tenantAdminUser = userService.findUserByEmail("tenant@thingsboard.org");
User user = new User();
user.setAuthority(Authority.TENANT_ADMIN);
user.setTenantId(tenantAdminUser.getTenantId());
user.setEmail("tenant2@thingsboard.org");
User savedUser = userService.saveUser(user);
Assert.assertNotNull(savedUser);
Assert.assertNotNull(savedUser.getId());
Assert.assertTrue(savedUser.getCreatedTime() > 0);
Assert.assertEquals(user.getEmail(), savedUser.getEmail());
Assert.assertEquals(user.getTenantId(), savedUser.getTenantId());
Assert.assertEquals(user.getAuthority(), savedUser.getAuthority());
UserCredentials userCredentials = userService.findUserCredentialsByUserId(savedUser.getId());
Assert.assertNotNull(userCredentials);
Assert.assertNotNull(userCredentials.getId());
Assert.assertNotNull(userCredentials.getUserId());
Assert.assertNotNull(userCredentials.getActivateToken());
savedUser.setFirstName("Joe");
savedUser.setLastName("Downs");
userService.saveUser(savedUser);
savedUser = userService.findUserById(savedUser.getId());
Assert.assertEquals("Joe", savedUser.getFirstName());
Assert.assertEquals("Downs", savedUser.getLastName());
userService.deleteUser(savedUser.getId());
}
use of org.thingsboard.server.common.data.security.UserCredentials in project thingsboard by thingsboard.
the class AuthController method activateUser.
@RequestMapping(value = "/noauth/activate", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
@ResponseBody
public JsonNode activateUser(@RequestBody JsonNode activateRequest, HttpServletRequest request) throws ThingsboardException {
try {
String activateToken = activateRequest.get("activateToken").asText();
String password = activateRequest.get("password").asText();
String encodedPassword = passwordEncoder.encode(password);
UserCredentials credentials = userService.activateUserCredentials(activateToken, encodedPassword);
User user = userService.findUserById(credentials.getUserId());
UserPrincipal principal = new UserPrincipal(UserPrincipal.Type.USER_NAME, user.getEmail());
SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled(), principal);
String baseUrl = constructBaseUrl(request);
String loginUrl = String.format("%s/login", baseUrl);
String email = user.getEmail();
try {
mailService.sendAccountActivatedEmail(loginUrl, email);
} catch (Exception e) {
log.info("Unable to send account activation email [{}]", e.getMessage());
}
JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
ObjectMapper objectMapper = new ObjectMapper();
ObjectNode tokenObject = objectMapper.createObjectNode();
tokenObject.put("token", accessToken.getToken());
tokenObject.put("refreshToken", refreshToken.getToken());
return tokenObject;
} catch (Exception e) {
throw handleException(e);
}
}
use of org.thingsboard.server.common.data.security.UserCredentials in project thingsboard by thingsboard.
the class AuthController method requestResetPasswordByEmail.
@RequestMapping(value = "/noauth/resetPasswordByEmail", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
public void requestResetPasswordByEmail(@RequestBody JsonNode resetPasswordByEmailRequest, HttpServletRequest request) throws ThingsboardException {
try {
String email = resetPasswordByEmailRequest.get("email").asText();
UserCredentials userCredentials = userService.requestPasswordReset(email);
String baseUrl = constructBaseUrl(request);
String resetUrl = String.format("%s/api/noauth/resetPassword?resetToken=%s", baseUrl, userCredentials.getResetToken());
mailService.sendResetPasswordEmail(resetUrl, email);
} catch (Exception e) {
throw handleException(e);
}
}
use of org.thingsboard.server.common.data.security.UserCredentials in project thingsboard by thingsboard.
the class AuthController method changePassword.
@PreAuthorize("isAuthenticated()")
@RequestMapping(value = "/auth/changePassword", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
public void changePassword(@RequestBody JsonNode changePasswordRequest) throws ThingsboardException {
try {
String currentPassword = changePasswordRequest.get("currentPassword").asText();
String newPassword = changePasswordRequest.get("newPassword").asText();
SecurityUser securityUser = getCurrentUser();
UserCredentials userCredentials = userService.findUserCredentialsByUserId(securityUser.getId());
if (!passwordEncoder.matches(currentPassword, userCredentials.getPassword())) {
throw new ThingsboardException("Current password doesn't match!", ThingsboardErrorCode.BAD_REQUEST_PARAMS);
}
userCredentials.setPassword(passwordEncoder.encode(newPassword));
userService.saveUserCredentials(userCredentials);
} catch (Exception e) {
throw handleException(e);
}
}
Aggregations