Subversion Repositories SmartDukaan

Rev

Rev 24389 | Go to most recent revision | View as "text/plain" | Blame | Compare with Previous | Last modification | View Log | RSS feed

package com.spice.profitmandi.service;

import java.nio.charset.StandardCharsets;

import org.apache.commons.lang.RandomStringUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.mail.javamail.JavaMailSender;

import com.google.common.hash.Hashing;
import com.spice.profitmandi.common.exception.ProfitMandiBusinessException;
import com.spice.profitmandi.common.util.Utils;
import com.spice.profitmandi.dao.entity.auth.AuthUser;
import com.spice.profitmandi.dao.repository.auth.AuthRepository;

public class AuthServiceImpl implements AuthService {

        // private static final String RESET_PASSWORD_BODY = "Dear %s, your password has
        // been reset. Please click this <a href=\"%s\">link</a> to reset your
        // password.\n\nRegards\nSmartdukaan";
        private static final String RESET_PASSWORD_BODY = "Dear %s, your password has been reset to %s. Regards\nSmartdukaan";
        private static final String RESET_PASSWORD_SUBJECT = "Password Reset request";

        private static final Logger LOGGER = LogManager.getLogger(AuthServiceImpl.class);

        @Autowired
        AuthRepository authRepository;

        @Autowired
        JavaMailSender mailSender;

        private String getHash256(String originalString) {
                return Hashing.sha256().hashString(originalString, StandardCharsets.UTF_8).toString();
        }

        @Override
        public boolean authenticate(String emailOrMobile, String password) {
                return authRepository.authenticate(emailOrMobile, getHash256(password));
        }

        @Override
        public void resetPassword(String emailOrMobile) throws ProfitMandiBusinessException {
                AuthUser authUser = authRepository.selectByEmailOrMobile(emailOrMobile);
                String password = getRandomString();
                try {
                        Utils.sendMailWithAttachments(mailSender, authUser.getEmailId(), null, RESET_PASSWORD_SUBJECT, String.format(RESET_PASSWORD_BODY, authUser.getFirstName(), password), null);
                } catch(Exception e) {
                        throw new ProfitMandiBusinessException("Password Reset Email", emailOrMobile, "Could not send password reset mail. Password Could not be reset");
                }
                authUser.setPassword(getHash256(password));
                authRepository.persist(authUser);
        }

        @Override
        public void changePassword(String emailOrMobile, String oldPassword, String newPassword)
                        throws ProfitMandiBusinessException {
                if (authRepository.authenticate(emailOrMobile, getHash256(oldPassword))) {
                        AuthUser authUser = authRepository.selectByEmailOrMobile(emailOrMobile);
                        authUser.setPassword(getHash256(newPassword));
                        authRepository.persist(authUser);
                } else {
                        throw new ProfitMandiBusinessException("Authentication", "Credentials", "Invalid email/mobile or password");
                }
        }

        @Override
        public void addAuthUser(AuthUser authUser) throws ProfitMandiBusinessException {
                authRepository.persist(authUser);
                this.resetPassword(authUser.getEmailId());
        }

        private String getRandomString() {
                int length = 10;
                boolean useLetters = true;
                boolean useNumbers = false;
                String generatedString = RandomStringUtils.random(length, useLetters, useNumbers);
                return generatedString;
        }

}