2 * Copyright (C) 2016 Roland Haeder
4 * This program is free software: you can redistribute it and/or modify
5 * it under the terms of the GNU Affero General Public License as
6 * published by the Free Software Foundation, either version 3 of the
7 * License, or (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU Affero General Public License for more details.
14 * You should have received a copy of the GNU Affero General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 package org.mxchange.jjobs.beans.user.password;
19 import java.util.Objects;
20 import javax.enterprise.context.RequestScoped;
21 import javax.enterprise.event.Event;
22 import javax.enterprise.inject.Any;
23 import javax.faces.view.facelets.FaceletException;
24 import javax.inject.Inject;
25 import javax.inject.Named;
26 import javax.naming.Context;
27 import javax.naming.InitialContext;
28 import javax.naming.NamingException;
29 import org.mxchange.jjobs.beans.BaseJobsController;
30 import org.mxchange.jjobs.beans.features.JobsFeaturesWebApplicationController;
31 import org.mxchange.jjobs.beans.login.JobsUserLoginWebSessionController;
32 import org.mxchange.jusercore.events.user.password_change.UpdatedUserPasswordEvent;
33 import org.mxchange.jusercore.events.user.password_change.UserUpdatedPasswordEvent;
34 import org.mxchange.jusercore.exceptions.UserNotFoundException;
35 import org.mxchange.jusercore.exceptions.UserPasswordMismatchException;
36 import org.mxchange.jusercore.exceptions.UserStatusLockedException;
37 import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
38 import org.mxchange.jusercore.model.user.User;
39 import org.mxchange.jusercore.model.user.UserSessionBeanRemote;
40 import org.mxchange.jusercore.model.user.UserUtils;
41 import org.mxchange.jusercore.model.user.password_history.PasswordHistory;
44 * A user password (change) controller (bean)
46 * @author Roland Haeder<roland@mxchange.org>
48 @Named ("userPasswordController")
50 public class JobsUserPasswordWebRequestBean extends BaseJobsController implements JobsUserPasswordWebRequestController {
55 private static final long serialVersionUID = 15_267_867_367_501L;
61 private JobsFeaturesWebApplicationController featureController;
66 private final UserSessionBeanRemote userBean;
69 * Current password (for confirmation of password change)
71 private String userCurrentPassword;
74 * Login controller (bean)
77 private JobsUserLoginWebSessionController userLoginController;
80 * User password (unencrypted from web form)
82 private String userPassword;
85 * User password repeated (unencrypted from web form)
87 private String userPasswordRepeat;
90 * Event being fired when user's password has been updated
94 private Event<UpdatedUserPasswordEvent> userUpdatedPasswordEvent;
99 public JobsUserPasswordWebRequestBean () {
102 // Get initial context
103 Context context = new InitialContext();
106 this.userBean = (UserSessionBeanRemote) context.lookup("java:global/jlandingpage-ejb/user!org.mxchange.jusercore.model.user.UserSessionBeanRemote"); //NOI18N
107 } catch (final NamingException e) {
109 throw new FaceletException(e);
114 public String doChangePassword () {
115 // This method shall only be called if the user is logged-in
116 if (!this.userLoginController.isUserLoggedIn()) {
118 throw new IllegalStateException("User is not logged-in"); //NOI18N
119 } else if (!this.isRequiredChangePasswordSet()) {
120 // Not all required fields are set
121 throw new FaceletException("Not all required fields are set."); //NOI18N
122 } else if (!this.userLoginController.ifCurrentPasswordMatches()) {
123 // Password not matching
124 throw new FaceletException(new UserPasswordMismatchException(this.userLoginController.getLoggedInUser()));
125 } else if (!this.featureController.isFeatureEnabled("change_user_password")) { //NOI18N
126 // Editing is not allowed
127 throw new IllegalStateException("User tried to change password."); //NOI18N
128 } else if (!UserUtils.ifPasswordMatches(this.getUserCurrentPassword(), this.userLoginController.getLoggedInUser())) {
129 // Password mismatches
130 this.showFacesMessage("form_user_change_password:userCurrentPassword", "Entered current password does not matched stored password."); //NOI18N
137 } else if (!Objects.equals(this.getUserPassword(), this.getUserPasswordRepeat())) {
138 // Both entered passwords don't match
139 this.showFacesMessage("form_user_change_password:userPasswordRepeat", "Entered new passwords mismatch."); //NOI18N
146 } else if (Objects.equals(this.getUserCurrentPassword(), this.getUserPassword())) {
147 // New password matches current
148 this.showFacesMessage("form_user_change_password:userPassword", "Entered new password is same as current password."); //NOI18N
155 } else if (this.userLoginController.isPasswordInHistory(this.getUserPassword())) {
156 // Is already in list (to old passwords are ignored)
157 this.showFacesMessage("form_user_change_password:userPassword", "Entered new password is has already been used some time ago."); //NOI18N
167 User user = this.userLoginController.getLoggedInUser();
170 String encryptedPassword = UserUtils.encryptPassword(this.getUserPassword());
173 user.setUserEncryptedPassword(encryptedPassword);
176 // All is set, then update password
177 PasswordHistory passwordHistory = this.userBean.updateUserPassword(user);
180 this.userUpdatedPasswordEvent.fire(new UserUpdatedPasswordEvent(passwordHistory));
181 } catch (final UserNotFoundException | UserStatusUnconfirmedException | UserStatusLockedException ex) {
186 throw new FaceletException(ex);
193 return "login_data_saved"; //NOI18N
197 public String getUserCurrentPassword () {
198 return this.userCurrentPassword;
202 public void setUserCurrentPassword (final String userCurrentPassword) {
203 this.userCurrentPassword = userCurrentPassword;
207 public String getUserPassword () {
208 return this.userPassword;
212 public void setUserPassword (final String userPassword) {
213 this.userPassword = userPassword;
217 public String getUserPasswordRepeat () {
218 return this.userPasswordRepeat;
222 public void setUserPasswordRepeat (final String userPasswordRepeat) {
223 this.userPasswordRepeat = userPasswordRepeat;
226 public boolean isRequiredChangePasswordSet () {
228 return ((this.getUserCurrentPassword() != null) &&
229 (!this.getUserCurrentPassword().isEmpty()) &&
230 (this.getUserPassword() != null) &&
231 (!this.getUserPassword().isEmpty()) &&
232 (this.getUserPasswordRepeat() != null) &&
233 (!this.getUserPasswordRepeat().isEmpty()));
239 private void clear () {
241 this.setUserPassword(null);
242 this.setUserPasswordRepeat(null);