2 * Copyright (C) 2016 Roland Haeder
4 * This program is free software: you can redistribute it and/or modify
5 * it under the terms of the GNU Affero General Public License as
6 * published by the Free Software Foundation, either version 3 of the
7 * License, or (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU Affero General Public License for more details.
14 * You should have received a copy of the GNU Affero General Public License
15 * along with this program. If not, see <http://www.gnu.org/licenses/>.
17 package org.mxchange.jjobs.beans.user.password;
19 import java.util.Objects;
20 import javax.enterprise.context.RequestScoped;
21 import javax.enterprise.event.Event;
22 import javax.enterprise.inject.Any;
23 import javax.faces.view.facelets.FaceletException;
24 import javax.inject.Inject;
25 import javax.inject.Named;
26 import javax.naming.Context;
27 import javax.naming.InitialContext;
28 import javax.naming.NamingException;
29 import org.mxchange.jcoreee.utils.FacesUtils;
30 import org.mxchange.jjobs.beans.BaseJobsController;
31 import org.mxchange.jjobs.beans.features.JobsFeaturesWebApplicationController;
32 import org.mxchange.jjobs.beans.login.JobsUserLoginWebSessionController;
33 import org.mxchange.jusercore.events.user.password_change.UpdatedUserPasswordEvent;
34 import org.mxchange.jusercore.events.user.password_change.UserUpdatedPasswordEvent;
35 import org.mxchange.jusercore.exceptions.UserNotFoundException;
36 import org.mxchange.jusercore.exceptions.UserStatusLockedException;
37 import org.mxchange.jusercore.exceptions.UserStatusUnconfirmedException;
38 import org.mxchange.jusercore.model.user.User;
39 import org.mxchange.jusercore.model.user.UserSessionBeanRemote;
40 import org.mxchange.jusercore.model.user.UserUtils;
41 import org.mxchange.jusercore.model.user.password_history.PasswordHistory;
44 * A user password (change) controller (bean)
46 * @author Roland Haeder<roland@mxchange.org>
48 @Named ("userPasswordController")
50 public class JobsUserPasswordWebRequestBean extends BaseJobsController implements JobsUserPasswordWebRequestController {
55 private static final long serialVersionUID = 15_267_867_367_501L;
61 private JobsFeaturesWebApplicationController featureController;
66 private final UserSessionBeanRemote userBean;
69 * Login controller (bean)
72 private JobsUserLoginWebSessionController userLoginController;
75 * User password (unencrypted from web form)
77 private String userPassword;
80 * User password repeated (unencrypted from web form)
82 private String userPasswordRepeat;
85 * Event being fired when user's password has been updated
89 private Event<UpdatedUserPasswordEvent> userUpdatedPasswordEvent;
94 public JobsUserPasswordWebRequestBean () {
97 // Get initial context
98 Context context = new InitialContext();
101 this.userBean = (UserSessionBeanRemote) context.lookup("java:global/jlandingpage-ejb/user!org.mxchange.jusercore.model.user.UserSessionBeanRemote"); //NOI18N
102 } catch (final NamingException e) {
104 throw new FaceletException(e);
109 public String doChangePassword () {
110 // This method shall only be called if the user is logged-in
111 if (!this.userLoginController.isUserLoggedIn()) {
113 throw new IllegalStateException("User is not logged-in"); //NOI18N
114 } else if (!this.isRequiredChangePasswordSet()) {
115 // Not all required fields are set
116 throw new FaceletException("Not all required fields are set."); //NOI18N
117 } else if (!this.userLoginController.ifCurrentPasswordMatches()) {
118 // Password mismatches
119 this.showFacesMessage("form_user_change_password:userCurrentPassword", "ERROR_USER_CURRENT_PASSWORD_MISMATCHING"); //NOI18N
122 this.userLoginController.setUserCurrentPassword(null);
127 } else if (!this.featureController.isFeatureEnabled("change_user_password")) { //NOI18N
128 // Editing is not allowed
129 throw new IllegalStateException("User tried to change password."); //NOI18N
130 } else if (!Objects.equals(this.getUserPassword(), this.getUserPasswordRepeat())) {
131 // Both entered passwords don't match
132 this.showFacesMessage("form_user_change_password:userPasswordRepeat", "ERROR_USER_NEW_PASSWORDS_MISMATCH"); //NOI18N
135 this.userLoginController.setUserCurrentPassword(null);
140 } else if (Objects.equals(this.userLoginController.getUserCurrentPassword(), this.getUserPassword())) {
141 // New password matches current
142 this.showFacesMessage("form_user_change_password:userPassword", "ERROR_USER_NEW_PASSWORD_SAME_AS_CURRENT"); //NOI18N
145 this.userLoginController.setUserCurrentPassword(null);
150 } else if (this.userLoginController.isPasswordInHistory(this.getUserPassword())) {
151 // Is already in list (to old passwords are ignored)
152 this.showFacesMessage("form_user_change_password:userPassword", "ERROR_USER_NEW_PASSWORD_ALREADY_ENTERED"); //NOI18N
155 this.userLoginController.setUserCurrentPassword(null);
163 User user = this.userLoginController.getLoggedInUser();
166 String encryptedPassword = UserUtils.encryptPassword(this.getUserPassword());
169 user.setUserMustChangePassword(Boolean.FALSE);
170 user.setUserEncryptedPassword(encryptedPassword);
174 String baseUrl = FacesUtils.generateBaseUrl();
176 // All is set, then update password
177 PasswordHistory passwordHistory = this.userBean.updateUserPassword(user, baseUrl);
180 this.userUpdatedPasswordEvent.fire(new UserUpdatedPasswordEvent(passwordHistory));
181 } catch (final UserNotFoundException | UserStatusUnconfirmedException | UserStatusLockedException ex) {
183 this.userLoginController.setUserCurrentPassword(null);
187 throw new FaceletException(ex);
194 return "user_data_saved"; //NOI18N
198 public String getUserPassword () {
199 return this.userPassword;
203 public void setUserPassword (final String userPassword) {
204 this.userPassword = userPassword;
208 public String getUserPasswordRepeat () {
209 return this.userPasswordRepeat;
213 public void setUserPasswordRepeat (final String userPasswordRepeat) {
214 this.userPasswordRepeat = userPasswordRepeat;
218 public boolean isRequiredChangePasswordSet () {
220 return ((this.userLoginController.getUserCurrentPassword() != null) &&
221 (!this.userLoginController.getUserCurrentPassword().isEmpty()) &&
222 (this.getUserPassword() != null) &&
223 (!this.getUserPassword().isEmpty()) &&
224 (this.getUserPasswordRepeat() != null) &&
225 (!this.getUserPasswordRepeat().isEmpty()));
231 private void clear () {
233 this.setUserPassword(null);
234 this.setUserPasswordRepeat(null);