Babak Gohardani
Reputation: 156
Updating user info (Spring boot)
I have a entity class that contains userinfo :
@Entity
@Table(name = "user")
@PasswordMatch(message="{register.repeatPassword.mismatch}")
@DynamicUpdate
public class SiteUser {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
@Column(name = "id")
private Long id;
@Column(name = "email", unique=true)
@Email(message="{register.email.invalid}")
@NotBlank(message="{register.email.invalid}")
private String email;
@Transient
@Size(min=5, max=15, message="{register.password.size}")
private String plainPassword;
@Transient
private String repeatPassword;
@Column(name = "password", length=60)
private String password;
@Column(name="enabled")
private boolean enabled = false;
@Column(name="role", length=20)
private String role;
@NotNull
@Column(name="firstname", length=20)
@Size(min=2, max=20, message="{register.firstname.size}")
private String firstname;
@NotNull
@Column(name="surname", length=25)
@Size(min=2, max=25, message="{register.surname.size}")
private String surname;
public SiteUser() {
}
public SiteUser(String email, String password, String firstname, String surname) {
this.email = email;
this.setPlainPassword(password);
this.repeatPassword = password;
this.enabled= true;
this.firstname= firstname;
this.surname= surname;
}
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
public String getRole() {
return role;
}
public void setRole(String role) {
this.role = role;
}
public String getPlainPassword() {
return plainPassword;
}
public void setPlainPassword(String plainPassword) {
this.password = new BCryptPasswordEncoder().encode(plainPassword);
this.plainPassword = plainPassword;
}
public String getRepeatPassword() {
return repeatPassword;
}
public void setRepeatPassword(String repeatPassword) {
this.repeatPassword = repeatPassword;
}
public boolean isEnabled() {
return enabled;
}
public void setEnabled(boolean enabled) {
this.enabled = enabled;
}
public String getFirstname() {
return firstname;
}
public void setFirstname(String firstname) {
this.firstname = firstname;
}
public String getSurname() {
return surname;
}
public void setSurname(String surname) {
this.surname = surname;
}
}
My problem is that for registering users I added unique and @NotBlank annotations to my email and firstname / lastname columns so now that I want to only update my password I have 2 problems
1- I have to add other fields as hidden in the update form since they can't be empty
2- when i try to update my data using save() method of the Dao I get an error that there is same email in database.
Is there any kind of logical solution for this issue?
====================Update=========================
Controller :
@RequestMapping(value ="/resetPassword", method = RequestMethod.GET)
ModelAndView resetPasswordMailRecieved(ModelAndView modelAndView, @RequestParam("t") String tokenString) {
VerificationToken token = userService.getVerificationToken(tokenString);
SiteUser user = token.getUser();
if(token == null)
{
modelAndView.setViewName("redirect:/invalidUser");
return modelAndView;
}
Date expirydate = token.getExpiry();
if(expirydate.before(new Date()))
{
modelAndView.setViewName("redirect:/expiredToken");
userService.deleteToken(token);
return modelAndView;
}
userService.deleteToken(token);
modelAndView.getModel().put("user", user);
modelAndView.setViewName("app.resetPass");
return modelAndView;
}
jSP file :
<form:form method="post" modelAttribute="user" class="login-form">
<form:input type="hidden" path="firstname" />
<form:input type="hidden" path="surname" />
<form:input type="hidden" path="email" />
<div class="input-group">
<form:input type="password" path="plainPassword"
placeholder="Password" class="form-control" />
</div>
<div class="input-group">
<form:input path="repeatPassword" type="password"
placeholder="Repeat password" class="form-control" />
</div>
<div class="input-group">
<button type="submit" class="btn-primary pull-right">Change
Password</button>
</div>
</form:form>
UserDao :
@Repository
public interface UserDao extends CrudRepository<SiteUser, Long> {
SiteUser findByEmail(String email);
}
UserService :
@Service
public class UserService implements UserDetailsService {
@Autowired
private UserDao userDao;
@Autowired
PasswordEncoder encoder;
@Autowired
private VerificationDao verificationDao;
public void register(SiteUser user) {
user.setRole("ROLE_USER");
userDao.save(user);
}
@Override
public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException {
SiteUser user = userDao.findByEmail(email);
if (user == null) {
return null;
}
List<GrantedAuthority> auth = AuthorityUtils.commaSeparatedStringToAuthorityList(user.getRole());
String password = user.getPassword();
boolean enabled = user.isEnabled();
return new User(email, password, enabled, true, true, true, auth);
}
public void save(SiteUser user)
{
userDao.save(user);
}
public void updatePass(SiteUser user,String pass){
user.setPlainPassword(pass);
}
public String createEmailVerificationToken(SiteUser user)
{
VerificationToken token = new VerificationToken(UUID.randomUUID().toString(), user, TokenType.REGISTRATION);
verificationDao.save(token);
return token.getToken();
}
public String createPasswordResetVerificationToken(SiteUser user)
{
VerificationToken token = new VerificationToken(UUID.randomUUID().toString(), user, TokenType.PASSWORD_RESET);
verificationDao.save(token);
return token.getToken();
}
public VerificationToken getVerificationToken(String token)
{
return verificationDao.findByToken(token);
}
public void deleteToken(VerificationToken token) {
verificationDao.delete(token);
}
public SiteUser get(String email) {
return userDao.findByEmail(email);
}
public SiteUser get(Long id) {
return userDao.findOne(id);
}
}
Upvotes: 0
Views: 13305
Answers (3)
Mohd Umer Faisal
Reputation: 1
PasswordRequest:
@Data
@AllArgsConstructor
@NoArgsConstructor
public class PasswordRequest {
private String oldPassword;
private String newPassword;
}
Controller:
@PutMapping("/changePassword")
public ResponseEntity changePassword(@RequestBody PasswordRequest pwdRequest, Principal principal) {
String LoggedInUserUsername=principal.getName();
User currentUser=this.userRepository.findByUsername(LoggedInUserUsername);
if(pwdRequest.getNewPassword() != null && !pwdRequest.getNewPassword().isEmpty()
&& !pwdRequest.getNewPassword().equals("") && !pwdRequest.getNewPassword().contains(" ")) {
bCryptPasswordEncoder.matches(pwdRequest.getOldPassword(),currentUser.getPassword());//this will check old pwd fiels with current pwd
currentUser.setPassword(bCryptPasswordEncoder.encode(pwdRequest.getNewPassword()));
userRepository.save(currentUser);
return new ResponseEntity("Success", HttpStatus.OK);
}else {
return new ResponseEntity("Somthing went wrong", HttpStatus.BAD_REQUEST);
}
}
Upvotes: 0
Vikram Pal
Reputation: 11
@RequestMapping(value="/updateUserInfo", method=RequestMethod.POST)
public ResponseEntity profileInfo(
@RequestBody HashMap<String, Object> mapper
) throws Exception{
int id = (Integer) mapper.get("id");
String email = (String) mapper.get("email");
String username = (String) mapper.get("username");
String firstName = (String) mapper.get("firstName");
String lastName = (String) mapper.get("lastName");
String newPassword = (String) mapper.get("newPassword");
String currentPassword = (String) mapper.get("currentPassword");
User currentUser = userService.findById(Long.valueOf(id));
if(currentUser == null) {
throw new Exception ("User not found");
}
if(userService.findByEmail(email) != null) {
if(userService.findByEmail(email).getId() != currentUser.getId()) {
return new ResponseEntity("Email not found!", HttpStatus.BAD_REQUEST);
}
}
if(userService.findByUsername(username) != null) {
if(userService.findByUsername(username).getId() != currentUser.getId()) {
return new ResponseEntity("Username not found!", HttpStatus.BAD_REQUEST);
}
}
SecurityConfig securityConfig = new SecurityConfig();
BCryptPasswordEncoder passwordEncoder = SecurityUtility.passwordEncoder();
String dbPassword = currentUser.getPassword();
if(null != currentPassword)
if(passwordEncoder.matches(currentPassword, dbPassword)) {
if(newPassword != null && !newPassword.isEmpty() && !newPassword.equals("")) {
currentUser.setPassword(passwordEncoder.encode(newPassword));
}
currentUser.setEmail(email);
} else {
return new ResponseEntity("Incorrect current password!", HttpStatus.BAD_REQUEST);
}
currentUser.setFirstName(firstName);
currentUser.setLastName(lastName);
currentUser.setUsername(username);
userService.save(currentUser);
return new ResponseEntity("Update Success", HttpStatus.OK);
}
Upvotes: 0
Luiz Augusto
Reputation: 25
Add in your JSP file the following, just after the other hidden fields:
<form:input type="hidden" path="id"/>
Upvotes: 1
Related Questions
- SPRING: Add custom user details to spring security user
- How to update Spring Security UserDetails impls after successful login?
- Spring boot: Get current user's username
- How to update a List of Users in the User class Spring Boot
- Spring Boot 2.2.6 - Security | How to update Principal after updating user's information
- How to update the currently available UserDetails object in security context in Spring boot
- Spring Security User Information
- Spring Login user information retreival
- Spring Security how to update userDetails without log in
- Spring Security User