Search in sources :

Example 6 with UserCredentials

use of org.thingsboard.server.common.data.security.UserCredentials in project thingsboard by thingsboard.

the class JpaUserCredentialsDaoTest method testFindByUserId.

@Test
@DatabaseSetup("classpath:dbunit/user_credentials.xml")
public void testFindByUserId() {
    UserCredentials userCredentials = userCredentialsDao.findByUserId(UUID.fromString("787827e6-27d7-11e7-93ae-92361f002671"));
    assertNotNull(userCredentials);
    assertEquals("4b9e010c-27d5-11e7-93ae-92361f002671", userCredentials.getId().toString());
    assertEquals(true, userCredentials.isEnabled());
    assertEquals("password", userCredentials.getPassword());
    assertEquals("ACTIVATE_TOKEN_2", userCredentials.getActivateToken());
    assertEquals("RESET_TOKEN_2", userCredentials.getResetToken());
}
Also used : UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) AbstractJpaDaoTest(org.thingsboard.server.dao.AbstractJpaDaoTest) Test(org.junit.Test) DatabaseSetup(com.github.springtestdbunit.annotation.DatabaseSetup)

Example 7 with UserCredentials

use of org.thingsboard.server.common.data.security.UserCredentials in project thingsboard by thingsboard.

the class BaseUserServiceTest method testSaveUser.

@Test
public void testSaveUser() {
    User tenantAdminUser = userService.findUserByEmail("tenant@thingsboard.org");
    User user = new User();
    user.setAuthority(Authority.TENANT_ADMIN);
    user.setTenantId(tenantAdminUser.getTenantId());
    user.setEmail("tenant2@thingsboard.org");
    User savedUser = userService.saveUser(user);
    Assert.assertNotNull(savedUser);
    Assert.assertNotNull(savedUser.getId());
    Assert.assertTrue(savedUser.getCreatedTime() > 0);
    Assert.assertEquals(user.getEmail(), savedUser.getEmail());
    Assert.assertEquals(user.getTenantId(), savedUser.getTenantId());
    Assert.assertEquals(user.getAuthority(), savedUser.getAuthority());
    UserCredentials userCredentials = userService.findUserCredentialsByUserId(savedUser.getId());
    Assert.assertNotNull(userCredentials);
    Assert.assertNotNull(userCredentials.getId());
    Assert.assertNotNull(userCredentials.getUserId());
    Assert.assertNotNull(userCredentials.getActivateToken());
    savedUser.setFirstName("Joe");
    savedUser.setLastName("Downs");
    userService.saveUser(savedUser);
    savedUser = userService.findUserById(savedUser.getId());
    Assert.assertEquals("Joe", savedUser.getFirstName());
    Assert.assertEquals("Downs", savedUser.getLastName());
    userService.deleteUser(savedUser.getId());
}
Also used : User(org.thingsboard.server.common.data.User) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) Test(org.junit.Test)

Example 8 with UserCredentials

use of org.thingsboard.server.common.data.security.UserCredentials in project thingsboard by thingsboard.

the class AuthController method activateUser.

@RequestMapping(value = "/noauth/activate", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
@ResponseBody
public JsonNode activateUser(@RequestBody JsonNode activateRequest, HttpServletRequest request) throws ThingsboardException {
    try {
        String activateToken = activateRequest.get("activateToken").asText();
        String password = activateRequest.get("password").asText();
        String encodedPassword = passwordEncoder.encode(password);
        UserCredentials credentials = userService.activateUserCredentials(activateToken, encodedPassword);
        User user = userService.findUserById(credentials.getUserId());
        UserPrincipal principal = new UserPrincipal(UserPrincipal.Type.USER_NAME, user.getEmail());
        SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled(), principal);
        String baseUrl = constructBaseUrl(request);
        String loginUrl = String.format("%s/login", baseUrl);
        String email = user.getEmail();
        try {
            mailService.sendAccountActivatedEmail(loginUrl, email);
        } catch (Exception e) {
            log.info("Unable to send account activation email [{}]", e.getMessage());
        }
        JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
        JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
        ObjectMapper objectMapper = new ObjectMapper();
        ObjectNode tokenObject = objectMapper.createObjectNode();
        tokenObject.put("token", accessToken.getToken());
        tokenObject.put("refreshToken", refreshToken.getToken());
        return tokenObject;
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : JwtToken(org.thingsboard.server.service.security.model.token.JwtToken) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) User(org.thingsboard.server.common.data.User) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) UserPrincipal(org.thingsboard.server.service.security.model.UserPrincipal) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)

Example 9 with UserCredentials

use of org.thingsboard.server.common.data.security.UserCredentials in project thingsboard by thingsboard.

the class AuthController method requestResetPasswordByEmail.

@RequestMapping(value = "/noauth/resetPasswordByEmail", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
public void requestResetPasswordByEmail(@RequestBody JsonNode resetPasswordByEmailRequest, HttpServletRequest request) throws ThingsboardException {
    try {
        String email = resetPasswordByEmailRequest.get("email").asText();
        UserCredentials userCredentials = userService.requestPasswordReset(email);
        String baseUrl = constructBaseUrl(request);
        String resetUrl = String.format("%s/api/noauth/resetPassword?resetToken=%s", baseUrl, userCredentials.getResetToken());
        mailService.sendResetPasswordEmail(resetUrl, email);
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException)

Example 10 with UserCredentials

use of org.thingsboard.server.common.data.security.UserCredentials in project thingsboard by thingsboard.

the class AuthController method changePassword.

@PreAuthorize("isAuthenticated()")
@RequestMapping(value = "/auth/changePassword", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
public void changePassword(@RequestBody JsonNode changePasswordRequest) throws ThingsboardException {
    try {
        String currentPassword = changePasswordRequest.get("currentPassword").asText();
        String newPassword = changePasswordRequest.get("newPassword").asText();
        SecurityUser securityUser = getCurrentUser();
        UserCredentials userCredentials = userService.findUserCredentialsByUserId(securityUser.getId());
        if (!passwordEncoder.matches(currentPassword, userCredentials.getPassword())) {
            throw new ThingsboardException("Current password doesn't match!", ThingsboardErrorCode.BAD_REQUEST_PARAMS);
        }
        userCredentials.setPassword(passwordEncoder.encode(newPassword));
        userService.saveUserCredentials(userCredentials);
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)

Aggregations

UserCredentials (org.thingsboard.server.common.data.security.UserCredentials)24 User (org.thingsboard.server.common.data.User)12 SecurityUser (org.thingsboard.server.service.security.model.SecurityUser)8 ThingsboardException (org.thingsboard.server.exception.ThingsboardException)7 URISyntaxException (java.net.URISyntaxException)6 Test (org.junit.Test)6 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)4 UserId (org.thingsboard.server.common.data.id.UserId)4 DatabaseSetup (com.github.springtestdbunit.annotation.DatabaseSetup)3 AbstractJpaDaoTest (org.thingsboard.server.dao.AbstractJpaDaoTest)3 UserPrincipal (org.thingsboard.server.service.security.model.UserPrincipal)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 ObjectNode (com.fasterxml.jackson.databind.node.ObjectNode)2 URI (java.net.URI)2 HttpHeaders (org.springframework.http.HttpHeaders)2 HttpStatus (org.springframework.http.HttpStatus)2 ResponseEntity (org.springframework.http.ResponseEntity)2 UsernameNotFoundException (org.springframework.security.core.userdetails.UsernameNotFoundException)2 UserCredentialsId (org.thingsboard.server.common.data.id.UserCredentialsId)2 IncorrectParameterException (org.thingsboard.server.dao.exception.IncorrectParameterException)2