Search in sources :

Example 1 with JwtToken

use of org.thingsboard.server.service.security.model.token.JwtToken in project thingsboard by thingsboard.

the class RestAwareAuthenticationSuccessHandler method onAuthenticationSuccess.

@Override
public void onAuthenticationSuccess(HttpServletRequest request, HttpServletResponse response, Authentication authentication) throws IOException, ServletException {
    SecurityUser securityUser = (SecurityUser) authentication.getPrincipal();
    JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
    JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
    Map<String, String> tokenMap = new HashMap<String, String>();
    tokenMap.put("token", accessToken.getToken());
    tokenMap.put("refreshToken", refreshToken.getToken());
    response.setStatus(HttpStatus.OK.value());
    response.setContentType(MediaType.APPLICATION_JSON_VALUE);
    mapper.writeValue(response.getWriter(), tokenMap);
    clearAuthenticationAttributes(request);
}
Also used : JwtToken(org.thingsboard.server.service.security.model.token.JwtToken) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) HashMap(java.util.HashMap)

Example 2 with JwtToken

use of org.thingsboard.server.service.security.model.token.JwtToken in project thingsboard by thingsboard.

the class AuthController method activateUser.

@RequestMapping(value = "/noauth/activate", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
@ResponseBody
public JsonNode activateUser(@RequestBody JsonNode activateRequest, HttpServletRequest request) throws ThingsboardException {
    try {
        String activateToken = activateRequest.get("activateToken").asText();
        String password = activateRequest.get("password").asText();
        String encodedPassword = passwordEncoder.encode(password);
        UserCredentials credentials = userService.activateUserCredentials(activateToken, encodedPassword);
        User user = userService.findUserById(credentials.getUserId());
        UserPrincipal principal = new UserPrincipal(UserPrincipal.Type.USER_NAME, user.getEmail());
        SecurityUser securityUser = new SecurityUser(user, credentials.isEnabled(), principal);
        String baseUrl = constructBaseUrl(request);
        String loginUrl = String.format("%s/login", baseUrl);
        String email = user.getEmail();
        try {
            mailService.sendAccountActivatedEmail(loginUrl, email);
        } catch (Exception e) {
            log.info("Unable to send account activation email [{}]", e.getMessage());
        }
        JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
        JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
        ObjectMapper objectMapper = new ObjectMapper();
        ObjectNode tokenObject = objectMapper.createObjectNode();
        tokenObject.put("token", accessToken.getToken());
        tokenObject.put("refreshToken", refreshToken.getToken());
        return tokenObject;
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : JwtToken(org.thingsboard.server.service.security.model.token.JwtToken) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) User(org.thingsboard.server.common.data.User) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) UserPrincipal(org.thingsboard.server.service.security.model.UserPrincipal) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)

Example 3 with JwtToken

use of org.thingsboard.server.service.security.model.token.JwtToken in project thingsboard by thingsboard.

the class AuthController method resetPassword.

@RequestMapping(value = "/noauth/resetPassword", method = RequestMethod.POST)
@ResponseStatus(value = HttpStatus.OK)
@ResponseBody
public JsonNode resetPassword(@RequestBody JsonNode resetPasswordRequest, HttpServletRequest request) throws ThingsboardException {
    try {
        String resetToken = resetPasswordRequest.get("resetToken").asText();
        String password = resetPasswordRequest.get("password").asText();
        UserCredentials userCredentials = userService.findUserCredentialsByResetToken(resetToken);
        if (userCredentials != null) {
            String encodedPassword = passwordEncoder.encode(password);
            userCredentials.setPassword(encodedPassword);
            userCredentials.setResetToken(null);
            userCredentials = userService.saveUserCredentials(userCredentials);
            User user = userService.findUserById(userCredentials.getUserId());
            UserPrincipal principal = new UserPrincipal(UserPrincipal.Type.USER_NAME, user.getEmail());
            SecurityUser securityUser = new SecurityUser(user, userCredentials.isEnabled(), principal);
            String baseUrl = constructBaseUrl(request);
            String loginUrl = String.format("%s/login", baseUrl);
            String email = user.getEmail();
            mailService.sendPasswordWasResetEmail(loginUrl, email);
            JwtToken accessToken = tokenFactory.createAccessJwtToken(securityUser);
            JwtToken refreshToken = refreshTokenRepository.requestRefreshToken(securityUser);
            ObjectMapper objectMapper = new ObjectMapper();
            ObjectNode tokenObject = objectMapper.createObjectNode();
            tokenObject.put("token", accessToken.getToken());
            tokenObject.put("refreshToken", refreshToken.getToken());
            return tokenObject;
        } else {
            throw new ThingsboardException("Invalid reset token!", ThingsboardErrorCode.BAD_REQUEST_PARAMS);
        }
    } catch (Exception e) {
        throw handleException(e);
    }
}
Also used : JwtToken(org.thingsboard.server.service.security.model.token.JwtToken) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) User(org.thingsboard.server.common.data.User) SecurityUser(org.thingsboard.server.service.security.model.SecurityUser) ObjectNode(com.fasterxml.jackson.databind.node.ObjectNode) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) UserCredentials(org.thingsboard.server.common.data.security.UserCredentials) UserPrincipal(org.thingsboard.server.service.security.model.UserPrincipal) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) ThingsboardException(org.thingsboard.server.exception.ThingsboardException) URISyntaxException(java.net.URISyntaxException)

Aggregations

SecurityUser (org.thingsboard.server.service.security.model.SecurityUser)3 JwtToken (org.thingsboard.server.service.security.model.token.JwtToken)3 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)2 ObjectNode (com.fasterxml.jackson.databind.node.ObjectNode)2 URISyntaxException (java.net.URISyntaxException)2 User (org.thingsboard.server.common.data.User)2 UserCredentials (org.thingsboard.server.common.data.security.UserCredentials)2 ThingsboardException (org.thingsboard.server.exception.ThingsboardException)2 UserPrincipal (org.thingsboard.server.service.security.model.UserPrincipal)2 HashMap (java.util.HashMap)1