chteufleur
/
MedicalTrainingTracker
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add the possibility to change password.

This commit is contained in:
Geoffrey POUZET 2020-10-24 11:35:56 +02:00
parent 7d9bbbaa56
commit b4279c4a3a
5 changed files with 104 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/main/java/fr/geoffrey/medical_training_tracker/config/SecSecurityConfig.java
View File

@ -87,6 +87,7 @@ public class SecSecurityConfig extends WebSecurityConfigurerAdapter {
.antMatchers(IndexController.URL_INDEX).permitAll() .antMatchers(IndexController.URL_INDEX).permitAll()
.antMatchers(IndexController.URL_LOGIN).permitAll() .antMatchers(IndexController.URL_LOGIN).permitAll()
.antMatchers(IndexController.URL_REGISTER).permitAll() .antMatchers(IndexController.URL_REGISTER).permitAll()
.antMatchers(IndexController.URL_CHANGE_PASSWORD).hasAnyRole(ROLE_ADMIN, ROLE_USER)
.antMatchers(IndexController.URL_LOGOUT).hasAnyRole(ROLE_ADMIN, ROLE_USER) .antMatchers(IndexController.URL_LOGOUT).hasAnyRole(ROLE_ADMIN, ROLE_USER)
.anyRequest().authenticated() .anyRequest().authenticated()
.and() .and()

37
src/main/java/fr/geoffrey/medical_training_tracker/controller/LoginController.java
View File

@ -8,13 +8,13 @@ import javax.servlet.http.HttpSessionListener;
import org.springframework.beans.factory.annotation.Autowired; import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.Authentication; import org.springframework.security.core.Authentication;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Controller; import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap; import org.springframework.ui.ModelMap;
import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam; import org.springframework.web.bind.annotation.RequestParam;
@Controller @Controller
public class LoginController implements HttpSessionListener { public class LoginController implements HttpSessionListener {
@ -22,9 +22,12 @@ public class LoginController implements HttpSessionListener {
public static final String MODEL_MAP_REGISTER_NAME = "MODEL_MAP_REGISTER_NAME"; public static final String MODEL_MAP_REGISTER_NAME = "MODEL_MAP_REGISTER_NAME";
public static final String MODEL_MAP_REGISTER_ERROR_MESSAGE = "MODEL_MAP_REGISTER_ERROR_MESSAGE"; public static final String MODEL_MAP_REGISTER_ERROR_MESSAGE = "MODEL_MAP_REGISTER_ERROR_MESSAGE";
public static final String MODEL_MAP_CHANGE_PASSWORD_ERROR_MESSAGE = "MODEL_MAP_CHANGE_PASSWORD_ERROR_MESSAGE";
public static final String MODEL_MAP_CHANGE_PASSWORD_SUCCESS_MESSAGE = "MODEL_MAP_CHANGE_PASSWORD_SUCCESS_MESSAGE";
@Autowired @Autowired
IServiceRegister serviceRegister; IServiceRegister serviceRegister;
public static boolean isUserAlreadyAuth(HttpSession httpSession) { public static boolean isUserAlreadyAuth(HttpSession httpSession) {
Authentication authentication = (Authentication) httpSession.getAttribute(IndexController.SESSION_ATTRIBUTE_AUTHENTICATION); Authentication authentication = (Authentication) httpSession.getAttribute(IndexController.SESSION_ATTRIBUTE_AUTHENTICATION);
return authentication != null && authentication.isAuthenticated(); return authentication != null && authentication.isAuthenticated();
@ -35,7 +38,7 @@ public class LoginController implements HttpSessionListener {
String page = IndexController.PAGE_LOGIN; String page = IndexController.PAGE_LOGIN;
if (isUserAlreadyAuth(httpSession)) { if (isUserAlreadyAuth(httpSession)) {
// Deja authentifie, redirection sur le viewer photo // Deja authentifie, redirection sur le viewer photo
page = IndexController.URL_REDIRECT+IndexController.URL_INDEX; page = IndexController.URL_REDIRECT + IndexController.URL_INDEX;
} else if (errAuth) { } else if (errAuth) {
pModel.addAttribute("isErrorAuth", true); pModel.addAttribute("isErrorAuth", true);
} }
@ -71,6 +74,34 @@ public class LoginController implements HttpSessionListener {
pModel.addAttribute(MODEL_MAP_REGISTER_ERROR_MESSAGE, "Le login existe déjà."); pModel.addAttribute(MODEL_MAP_REGISTER_ERROR_MESSAGE, "Le login existe déjà.");
} }
return page;
}
@RequestMapping(value = IndexController.URL_CHANGE_PASSWORD, method = RequestMethod.POST)
public String doPostChangePassword(final ModelMap pModel, HttpSession httpSession,
@RequestParam(name = "old_password", required = true) String oldPassword,
@RequestParam(name = "password", required = true) String newPassword,
@RequestParam(name = "password_check", required = true) String newPasswordCheck) {
String page;
if (LoginController.isUserAlreadyAuth(httpSession)) {
Authentication authentication = (Authentication) httpSession.getAttribute(IndexController.SESSION_ATTRIBUTE_AUTHENTICATION);
Object oUserDetails = authentication.getPrincipal();
if (oUserDetails instanceof UserDetails) {
UserDetails userDetails = (UserDetails) oUserDetails;
boolean changed = serviceRegister.changePassword(userDetails.getUsername(), oldPassword, newPassword, newPasswordCheck);
if (changed) {
pModel.addAttribute(MODEL_MAP_CHANGE_PASSWORD_SUCCESS_MESSAGE, "true");
pModel.addAttribute(MODEL_MAP_CHANGE_PASSWORD_ERROR_MESSAGE, "false");
} else {
pModel.addAttribute(MODEL_MAP_CHANGE_PASSWORD_SUCCESS_MESSAGE, "false");
pModel.addAttribute(MODEL_MAP_CHANGE_PASSWORD_ERROR_MESSAGE, "true");
}
}
page = IndexController.URL_REDIRECT + IndexController.URL_ANIMAL_LIST;
} else {
page = IndexController.URL_REDIRECT + IndexController.URL_LOGIN;
}
return page; return page;
} }

2
src/main/java/fr/geoffrey/medical_training_tracker/dao/IUserDao.java
View File

@ -7,4 +7,6 @@ public interface IUserDao extends CommonDao {
public User getUser(String login); public User getUser(String login);
public boolean addUser(String login, String hashPassword, String name) throws UserAlreadyExistException; public boolean addUser(String login, String hashPassword, String name) throws UserAlreadyExistException;
public boolean updatePassword(String username, String hashedPassword);
} }

34
src/main/java/fr/geoffrey/medical_training_tracker/dao/bdd/postgres/UserBddDao.java
View File

@ -114,4 +114,38 @@ public class UserBddDao extends PostgresSqlDao implements IUserDao {
} }
return ret; return ret;
} }
@Override
public boolean updatePassword(String username, String hashedPassword) {
boolean ret = false;
Connection conn = null;
PreparedStatement statement = null;
try {
conn = mDataSource.getConnection();
statement = conn.prepareStatement("UPDATE "+TABLE_NAME+" SET password = ? WHERE login = ?;");
statement.setString(1, hashedPassword);
statement.setString(2, username);
System.out.println(IndexController.LOG_TAG + " SQL -> " + statement.toString());
statement.executeUpdate();
ret = true;
} catch (SQLException ex) {
System.err.println(IndexController.LOG_TAG + " SQLException -> updatePassword()");
} finally {
if (statement != null) {
try {
statement.close();
} catch (SQLException ex) {
System.err.println(IndexController.LOG_TAG + " Failed close statement -> updatePassword()");
}
}
if (conn != null) {
try {
conn.close();
} catch (SQLException ex) {
System.err.println(IndexController.LOG_TAG + " Failed close connection -> updatePassword()");
}
}
}
return ret;
}
} }

40
src/main/webapp/vue/animal_list.jsp
View File

@ -4,6 +4,7 @@
<%@ taglib uri="http://www.springframework.org/tags" prefix="spring"%> <%@ taglib uri="http://www.springframework.org/tags" prefix="spring"%>
<%@ page isELIgnored="false" %> <%@ page isELIgnored="false" %>
<spring:url value="/animal/delete" var="animalDeleteURL" /> <spring:url value="/animal/delete" var="animalDeleteURL" />
<spring:url value="/change_password" var="changePasswordURL" />
<%@ include file="base/language.jsp" %> <%@ include file="base/language.jsp" %>
@ -33,7 +34,7 @@
<%@ include file="base/navbar.jsp" %> <%@ include file="base/navbar.jsp" %>
<div class="row"> <div class="row">
<div class="col-lg-3"> <div class="col-lg-5">
<h4>List de vos animaux</h4> <h4>List de vos animaux</h4>
<div class="list-group"> <div class="list-group">
<c:forEach items="${MODEL_MAP_ANIMAL_LIST}" var="animal"> <c:forEach items="${MODEL_MAP_ANIMAL_LIST}" var="animal">
@ -51,26 +52,51 @@
</div>--> </div>-->
</c:forEach> </c:forEach>
</div> </div>
</div>
<div class="col-lg-3"> <hr/>
</div>
<div class="col-lg-6">
<h4>Ajouter un animal</h4> <h4>Ajouter un animal</h4>
<form id="addAnimalForm" class="form-inline" action="${animalURL}" method="POST"> <form id="addAnimalForm" class="form-inline" action="${animalURL}" method="POST">
<div class="form-group"> <div class="form-group">
<label for="form_animal_name">Nom de l'animal :</label> <label for="form_animal_name">Nom de l'animal :</label>
<input type="text" id="form_animal_name" name="name" class="form-control" placeholder="Nom" /> <input type="text" id="form_animal_name" name="name" class="form-control" placeholder="Nom" />
</div> </div>
<button class="btn btn btn-primary" type="submit">Ajouter</button> <button class="btn btn btn-success" type="submit" data-toggle="tooltip" data-placement="bottom" title="Ajouter"><span class="glyphicon glyphicon-plus" aria-hidden="true"></span></button>
</form> </form>
</div> </div>
<div class="col-lg-2">
</div>
<div class="col-lg-5">
<h4>Changer de mot de passe</h4>
<form id="addAnimalForm" action="${changePasswordURL}" method="POST">
<div class="form-group">
<label for="old_password">Ancien mot de passe :</label>
<input type="password" id="old_password" name="old_password" class="form-control" placeholder="Ancien mot de passe" required/>
<label for="password">Nouveau mot de passe :</label>
<input type="password" id="password" name="password" class="form-control" placeholder="Nouveau mot de passe" required/>
<label for="password_check">Nouveau mot de passe :</label>
<input type="password" id="password_check" name="password_check" class="form-control" placeholder="Nouveau mot de passe" required/>
</div>
<button class="btn btn btn-primary" type="submit">Changer le mot de passe</button>
</form>
<c:if test="${MODEL_MAP_CHANGE_PASSWORD_ERROR_MESSAGE == 'true'}">
<div class="list-group">
<h5 class="list-group-item list-group-item-danger" style="border-radius: 5px;">Erreur lors de la mise à jour du mot de passe</h5>
</div>
</c:if>
<c:if test="${MODEL_MAP_CHANGE_PASSWORD_SUCCESS_MESSAGE == 'true'}">
<div class="list-group">
<h5 class="list-group-item list-group-item-success" style="border-radius: 5px;">Mot de passe mit à jour avec succès</h5>
</div>
</c:if>
</div>
</div> </div>
<%@ include file="base/footer.jsp" %> <%@ include file="base/footer.jsp" %>
</div> </div>
</body> </body>
<script> <script type="text/javascript">
$(document).ready(function () { $(document).ready(function () {
$('[data-toggle="tooltip"]').tooltip(); $('[data-toggle="tooltip"]').tooltip();
}); });