src/java/org/mxchange/jjobs/beans/user/password/JobsUserPasswordWebRequestBean.java

   1 /*
   2  * Copyright (C) 2016 Roland Haeder
   3  *
   4  * This program is free software: you can redistribute it and/or modify
   5  * it under the terms of the GNU Affero General Public License as
   6  * published by the Free Software Foundation, either version 3 of the
   7  * License, or (at your option) any later version.
   8  *
   9  * This program is distributed in the hope that it will be useful,
  10  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  11  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12  * GNU Affero General Public License for more details.
  13  *
  14  * You should have received a copy of the GNU Affero General Public License
  15  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  16  */
  17 package org.mxchange.jjobs.beans.user.password;
  18
  19 import java.util.Objects;
  20 import javax.enterprise.context.RequestScoped;
  21 import javax.enterprise.event.Event;
  22 import javax.enterprise.inject.Any;
  23 import javax.faces.view.facelets.FaceletException;
  24 import javax.inject.Inject;
  25 import javax.inject.Named;
  26 import javax.naming.Context;
  27 import javax.naming.InitialContext;
  28 import javax.naming.NamingException;
  29 import org.mxchange.jcoreee.utils.FacesUtils;
  30 import org.mxchange.jjobs.beans.BaseJobsController;
  31 import org.mxchange.jjobs.beans.features.JobsFeaturesWebApplicationController;
  32 import org.mxchange.jjobs.beans.login.JobsUserLoginWebSessionController;
  33 import org.mxchange.jusercore.events.user.password_change.UpdatedUserPasswordEvent;
  34 import org.mxchange.jusercore.events.user.password_change.UserUpdatedPasswordEvent;
  35 import org.mxchange.jusercore.exceptions.UserNotFoundException;
  36 import org.mxchange.jusercore.exceptions.UserStatusLockedException;
  37 import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
  38 import org.mxchange.jusercore.model.user.User;
  39 import org.mxchange.jusercore.model.user.UserSessionBeanRemote;
  40 import org.mxchange.jusercore.model.user.UserUtils;
  41 import org.mxchange.jusercore.model.user.password_history.PasswordHistory;
  42
  43 /**
  44  * A user password (change) controller (bean)
  45  * <p>
  46  * @author Roland Haeder<roland@mxchange.org>
  47  */
  48 @Named ("userPasswordController")
  49 @RequestScoped
  50 public class JobsUserPasswordWebRequestBean extends BaseJobsController implements JobsUserPasswordWebRequestController {
  51
  52         /**
  53          * Serial number
  54          */
  55         private static final long serialVersionUID = 15_267_867_367_501L;
  56
  57         /**
  58          * Features controller
  59          */
  60         @Inject
  61         private JobsFeaturesWebApplicationController featureController;
  62
  63         /**
  64          * Remote user bean
  65          */
  66         private final UserSessionBeanRemote userBean;
  67
  68         /**
  69          * Login controller (bean)
  70          */
  71         @Inject
  72         private JobsUserLoginWebSessionController userLoginController;
  73
  74         /**
  75          * User password (unencrypted from web form)
  76          */
  77         private String userPassword;
  78
  79         /**
  80          * User password repeated (unencrypted from web form)
  81          */
  82         private String userPasswordRepeat;
  83
  84         /**
  85          * Event being fired when user's password has been updated
  86          */
  87         @Any
  88         @Inject
  89         private Event<UpdatedUserPasswordEvent> userUpdatedPasswordEvent;
  90
  91         /**
  92          * Default constructor
  93          */
  94         public JobsUserPasswordWebRequestBean () {
  95                 // Try it
  96                 try {
  97                         // Get initial context
  98                         Context context = new InitialContext();
  99
 100                         // Try to lookup
 101                         this.userBean = (UserSessionBeanRemote) context.lookup("java:global/jlandingpage-ejb/user!org.mxchange.jusercore.model.user.UserSessionBeanRemote"); //NOI18N
 102                 } catch (final NamingException e) {
 103                         // Throw again
 104                         throw new FaceletException(e);
 105                 }
 106         }
 107
 108         @Override
 109         public String doChangePassword () {
 110                 // This method shall only be called if the user is logged-in
 111                 if (!this.userLoginController.isUserLoggedIn()) {
 112                         // Not logged-in
 113                         throw new IllegalStateException("User is not logged-in"); //NOI18N
 114                 } else if (!this.isRequiredChangePasswordSet()) {
 115                         // Not all required fields are set
 116                         throw new FaceletException("Not all required fields are set."); //NOI18N
 117                 } else if (!this.userLoginController.ifCurrentPasswordMatches()) {
 118                         // Password mismatches
 119                         this.showFacesMessage("form_user_change_password:userCurrentPassword", "ERROR_USER_CURRENT_PASSWORD_MISMATCHING"); //NOI18N
 120
 121                         // Clear bean
 122                         this.userLoginController.setUserCurrentPassword(null);
 123                         this.clear();
 124
 125                         // No redirect
 126                         return ""; //NOI18N
 127                 } else if (!this.featureController.isFeatureEnabled("change_user_password")) { //NOI18N
 128                         // Editing is not allowed
 129                         throw new IllegalStateException("User tried to change password."); //NOI18N
 130                 } else if (!Objects.equals(this.getUserPassword(), this.getUserPasswordRepeat())) {
 131                         // Both entered passwords don't match
 132                         this.showFacesMessage("form_user_change_password:userPasswordRepeat", "ERROR_USER_NEW_PASSWORDS_MISMATCH"); //NOI18N
 133
 134                         // Clear bean
 135                         this.userLoginController.setUserCurrentPassword(null);
 136                         this.clear();
 137
 138                         // No redirect
 139                         return ""; //NOI18N
 140                 } else if (Objects.equals(this.userLoginController.getUserCurrentPassword(), this.getUserPassword())) {
 141                         // New password matches current
 142                         this.showFacesMessage("form_user_change_password:userPassword", "ERROR_USER_NEW_PASSWORD_SAME_AS_CURRENT"); //NOI18N
 143
 144                         // Clear bean
 145                         this.userLoginController.setUserCurrentPassword(null);
 146                         this.clear();
 147
 148                         // No redirect
 149                         return ""; //NOI18N
 150                 } else if (this.userLoginController.isPasswordInHistory(this.getUserPassword())) {
 151                         // Is already in list (to old passwords are ignored)
 152                         this.showFacesMessage("form_user_change_password:userPassword", "ERROR_USER_NEW_PASSWORD_ALREADY_ENTERED"); //NOI18N
 153
 154                         // Clear bean
 155                         this.userLoginController.setUserCurrentPassword(null);
 156                         this.clear();
 157
 158                         // No redirect
 159                         return ""; //NOI18N
 160                 } else if (this.isWeakPassword(this.getUserPassword())) {
 161                         // Password is to weak
 162                         this.showFacesMessage("form_user_change_password:userPassword", "ERROR_USER_PASSWORD_TO_WEAK"); //NOI18N
 163
 164                         // Clear bean
 165                         this.userLoginController.setUserCurrentPassword(null);
 166                         this.clear();
 167
 168                         // Skip it
 169                         return ""; //NOI18N
 170                 }
 171
 172                 // Get user instance
 173                 User user = this.userLoginController.getLoggedInUser();
 174
 175                 // Encrypt password
 176                 String encryptedPassword = UserUtils.encryptPassword(this.getUserPassword());
 177
 178                 // Set it in user
 179                 user.setUserMustChangePassword(Boolean.FALSE);
 180                 user.setUserEncryptedPassword(encryptedPassword);
 181
 182                 try {
 183                         // Get base URL
 184                         String baseUrl = FacesUtils.generateBaseUrl();
 185
 186                         // All is set, then update password
 187                         PasswordHistory passwordHistory = this.userBean.updateUserPassword(user, baseUrl);
 188
 189                         // Fire event
 190                         this.userUpdatedPasswordEvent.fire(new UserUpdatedPasswordEvent(passwordHistory));
 191                 } catch (final UserNotFoundException | UserStatusUnconfirmedException | UserStatusLockedException ex) {
 192                         // Clear bean
 193                         this.userLoginController.setUserCurrentPassword(null);
 194                         this.clear();
 195
 196                         // Throw again
 197                         throw new FaceletException(ex);
 198                 }
 199
 200                 // Clear bean
 201                 this.clear();
 202
 203                 // Return outcome
 204                 return "user_data_saved"; //NOI18N
 205         }
 206
 207         @Override
 208         public String getUserPassword () {
 209                 return this.userPassword;
 210         }
 211
 212         @Override
 213         public void setUserPassword (final String userPassword) {
 214                 this.userPassword = userPassword;
 215         }
 216
 217         @Override
 218         public String getUserPasswordRepeat () {
 219                 return this.userPasswordRepeat;
 220         }
 221
 222         @Override
 223         public void setUserPasswordRepeat (final String userPasswordRepeat) {
 224                 this.userPasswordRepeat = userPasswordRepeat;
 225         }
 226
 227         @Override
 228         public boolean isRequiredChangePasswordSet () {
 229                 // Is all data set?
 230                 return ((this.userLoginController.getUserCurrentPassword() != null) &&
 231                                 (!this.userLoginController.getUserCurrentPassword().isEmpty()) &&
 232                                 (this.getUserPassword() != null) &&
 233                                 (!this.getUserPassword().isEmpty()) &&
 234                                 (this.getUserPasswordRepeat() != null) &&
 235                                 (!this.getUserPasswordRepeat().isEmpty()));
 236         }
 237
 238         /**
 239          * Clears this bean
 240          */
 241         private void clear () {
 242                 // Clear all data
 243                 this.setUserPassword(null);
 244                 this.setUserPasswordRepeat(null);
 245         }
 246
 247 }