diff --git a/db/sys_config.sql b/db/sys_config.sql index 99a2c66..9bfcb6a 100644 --- a/db/sys_config.sql +++ b/db/sys_config.sql @@ -3,4 +3,13 @@ BEGIN INSERT INTO roles(name, active) VALUES ('ROLE_ADMIN', 1); INSERT INTO roles(name, active) VALUES ('ROLE_INSTITUTION', 1); INSERT INTO roles(name, active) VALUES ('ROLE_CLIENT', 1); + + INSERT INTO forgotpassword_questions(question, active) VALUES ('Qual a sua cor predileta?', 1); + INSERT INTO forgotpassword_questions(question, active) VALUES ('Qual foi o seu livro predileto?', 1); + INSERT INTO forgotpassword_questions(question, active) VALUES ('Qual o nome da rua em que você cresceu?', 1); + INSERT INTO forgotpassword_questions(question, active) VALUES ('Qual o nome do seu bicho de estimação predileto?', 1); + INSERT INTO forgotpassword_questions(question, active) VALUES ('Qual a sua comida predileta?', 1); + INSERT INTO forgotpassword_questions(question, active) VALUES ('Qual cidade você nasceu?', 1); + INSERT INTO forgotpassword_questions(question, active) VALUES ('Qual é o seu país preferido?', 1); + INSERT INTO forgotpassword_questions(question, active) VALUES ('Qual é a sua marca de carro predileto?', 1); END $$; diff --git a/src/main/java/org/waterproofingdata/wpdauth/controller/ForgotPasswordController.java b/src/main/java/org/waterproofingdata/wpdauth/controller/ForgotPasswordController.java index 036e2b0..ab5af8b 100644 --- a/src/main/java/org/waterproofingdata/wpdauth/controller/ForgotPasswordController.java +++ b/src/main/java/org/waterproofingdata/wpdauth/controller/ForgotPasswordController.java @@ -1,10 +1,19 @@ package org.waterproofingdata.wpdauth.controller; +import java.util.List; + +import org.modelmapper.ModelMapper; import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RestController; +import org.springframework.web.bind.annotation.RequestBody; +import org.waterproofingdata.wpdauth.dto.ForgotPasswordQuestionsResponseDTO; +import org.waterproofingdata.wpdauth.dto.ForgotPasswordQuestionsUsersAnswersRequestDTO; +import org.waterproofingdata.wpdauth.model.ForgotPasswordQuestionsUsersAnswers; +import org.waterproofingdata.wpdauth.dto.CustomMapper; import org.waterproofingdata.wpdauth.service.ForgotPasswordService; import io.swagger.annotations.Api; @@ -12,6 +21,7 @@ import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import io.swagger.annotations.ApiResponse; import io.swagger.annotations.ApiResponses; +import io.swagger.annotations.Authorization; @RestController @RequestMapping("/forgotpassword") @@ -39,4 +49,48 @@ public class ForgotPasswordController { @ApiParam("Key") @RequestParam String key) { return forgotPasswordService.loginByEmailAndKey(email, key); } + + @PostMapping("/passwordupdatebyemail") + @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_INSTITUTION') or hasRole('ROLE_CLIENT')") + @ApiOperation(value = "${ForgotPasswordController.passwordupdatebyemail}", authorizations = { @Authorization(value="apiKey") }) + @ApiResponses(value = {// + @ApiResponse(code = 400, message = "Something went wrong"), // + @ApiResponse(code = 403, message = "Access denied"), // + @ApiResponse(code = 404, message = "The user doesn't exist"), // + @ApiResponse(code = 500, message = "Expired or invalid JWT token")}) + public void passwordupdatebyemail(@ApiParam("Email") @RequestParam String email, @ApiParam("NewPassword") @RequestParam String newPassword) { + forgotPasswordService.passwordUpdateByEmail(email, newPassword); + } + + @PostMapping("/findallforgotpasswordquestions") + @ApiOperation(value = "${ForgotPasswordController.findallforgotpasswordquestions}") + @ApiResponses(value = {// + @ApiResponse(code = 400, message = "Something went wrong")}) + public List findallforgotpasswordquestions() { + return CustomMapper.mapAll(forgotPasswordService.findAllForgotPasswordQuestions(), ForgotPasswordQuestionsResponseDTO.class); + } + + @PostMapping("/saveforgotpasswordquestionsusersanswers") + @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_INSTITUTION') or hasRole('ROLE_CLIENT')") + @ApiOperation(value = "${ForgotPasswordController.saveforgotpasswordquestionsusersanswers}", authorizations = { @Authorization(value="apiKey") }) + @ApiResponses(value = {// + @ApiResponse(code = 400, message = "Something went wrong"), // + @ApiResponse(code = 403, message = "Access denied"), // + @ApiResponse(code = 404, message = "The user or forgot password questions don't exist"), // + @ApiResponse(code = 500, message = "Expired or invalid JWT token")}) + public void saveforgotpasswordquestionsusersanswers(@ApiParam("Forgot Password Questions Users Answers") @RequestBody ForgotPasswordQuestionsUsersAnswersRequestDTO answer) { + forgotPasswordService.saveForgotPasswordQuestionsUsersAnswers(CustomMapper.map(answer, ForgotPasswordQuestionsUsersAnswers.class)); + } + + @PostMapping("/loginbyemailandanswers") + @ApiOperation(value = "${ForgotPasswordController.loginbyemailandanswers}") + @ApiResponses(value = {// + @ApiResponse(code = 400, message = "Something went wrong"), // + @ApiResponse(code = 404, message = "The user or answer don't exist"), // + @ApiResponse(code = 422, message = "Invalid answers supplied to login. Must have at least 2 correct ones.")}) + public String loginbyemailandanswers(// + @ApiParam("Email") @RequestParam String email, // + @ApiParam("Answers") @RequestParam List answers) { + return forgotPasswordService.loginByEmailAndAnswers(email, CustomMapper.mapAll(answers, ForgotPasswordQuestionsUsersAnswers.class)); + } } diff --git a/src/main/java/org/waterproofingdata/wpdauth/dto/ForgotPasswordQuestionsResponseDTO.java b/src/main/java/org/waterproofingdata/wpdauth/dto/ForgotPasswordQuestionsResponseDTO.java new file mode 100644 index 0000000..c86eac0 --- /dev/null +++ b/src/main/java/org/waterproofingdata/wpdauth/dto/ForgotPasswordQuestionsResponseDTO.java @@ -0,0 +1,18 @@ +package org.waterproofingdata.wpdauth.dto; + +import io.swagger.annotations.ApiModelProperty; +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class ForgotPasswordQuestionsResponseDTO { + @ApiModelProperty(position = 0) + private Integer id; + + @ApiModelProperty(position = 1) + private String question; + + @ApiModelProperty(position = 2) + private Integer active; +} diff --git a/src/main/java/org/waterproofingdata/wpdauth/dto/ForgotPasswordQuestionsUsersAnswersRequestDTO.java b/src/main/java/org/waterproofingdata/wpdauth/dto/ForgotPasswordQuestionsUsersAnswersRequestDTO.java new file mode 100644 index 0000000..7fd1f0b --- /dev/null +++ b/src/main/java/org/waterproofingdata/wpdauth/dto/ForgotPasswordQuestionsUsersAnswersRequestDTO.java @@ -0,0 +1,22 @@ +package org.waterproofingdata.wpdauth.dto; + +import io.swagger.annotations.ApiModelProperty; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class ForgotPasswordQuestionsUsersAnswersRequestDTO { + @ApiModelProperty(position = 0) + private Integer id; + + @ApiModelProperty(position = 1) + private Integer forgotpasswordquestionsid; + + @ApiModelProperty(position = 2) + private Integer usersid; + + @ApiModelProperty(position = 3) + private String answer; +} diff --git a/src/test/java/org/waterproofingdata/wpdauth/integrationtest/ForgotPasswordServiceIntegrationTest.java b/src/test/java/org/waterproofingdata/wpdauth/integrationtest/ForgotPasswordServiceIntegrationTest.java new file mode 100644 index 0000000..8856206 --- /dev/null +++ b/src/test/java/org/waterproofingdata/wpdauth/integrationtest/ForgotPasswordServiceIntegrationTest.java @@ -0,0 +1,24 @@ +package org.waterproofingdata.wpdauth.integrationtest; + +import static org.junit.jupiter.api.Assertions.assertTrue; + +import java.util.List; + +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.waterproofingdata.wpdauth.model.ForgotPasswordQuestions; +import org.waterproofingdata.wpdauth.service.ForgotPasswordService; + +@SpringBootTest +public class ForgotPasswordServiceIntegrationTest { + @Autowired + private ForgotPasswordService forgotPasswordService; + + @Test + public void testFindAllForgotPasswordQuestions() { + List r = forgotPasswordService.findAllForgotPasswordQuestions(); + assertTrue(r.size() > 0); + } + +} diff --git a/src/test/java/org/waterproofingdata/wpdauth/integrationtest/UsersServiceIntegrationTest.java b/src/test/java/org/waterproofingdata/wpdauth/integrationtest/UsersServiceIntegrationTest.java new file mode 100644 index 0000000..d929bdd --- /dev/null +++ b/src/test/java/org/waterproofingdata/wpdauth/integrationtest/UsersServiceIntegrationTest.java @@ -0,0 +1,37 @@ +package org.waterproofingdata.wpdauth.integrationtest; + +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.junit.jupiter.api.Assertions.assertTrue; + +import org.junit.jupiter.api.Test; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.boot.test.context.SpringBootTest; +import org.springframework.http.HttpStatus; +import org.waterproofingdata.wpdauth.exception.CustomException; +import org.waterproofingdata.wpdauth.service.UsersService; + +@SpringBootTest +public class UsersServiceIntegrationTest { + @Autowired + private UsersService usersService; + + @Test + public void testInvalidLogin() { + CustomException thrown = assertThrows( + CustomException.class, + () -> usersService.login("xpto", "xpto"), + "Expected usersService.login(xpto, xpto) to throw, but it didn't" + ); + + assertTrue(thrown.getMessage().contains("Invalid username/password supplied")); + assertEquals(HttpStatus.UNPROCESSABLE_ENTITY, thrown.getHttpStatus()); + } + + @Test + public void testAdmUserLogin() { + String login = usersService.login("admin", "admin"); + assertNotNull(login, "Login token returned from usersService.login() should not be null"); + } +}