Changeset ae83647 for petify-backend/src/main

Timestamp:

06/26/26 16:32:12 (2 days ago)

Author:

veronika-ils <ilioskaveronika@…>

Branches:

master

Parents:

fa32d0f

Message:

add functionality so that users can change passwords

Location:

petify-backend/src/main

Files:

• java/com/petify/petify/api/AdminClinicApplicationsController.java (modified) (3 diffs)
• java/com/petify/petify/api/AuthController.java (modified) (2 diffs)
• java/com/petify/petify/dto/ChangePasswordRequest.java (added)
• java/com/petify/petify/dto/ForgotPasswordRequest.java (added)
• java/com/petify/petify/repo/VetClinicRepository.java (modified) (1 diff)
• java/com/petify/petify/service/AuthService.java (modified) (5 diffs)
• java/com/petify/petify/service/ClinicApprovalService.java (added)
• java/com/petify/petify/service/ClinicCredentialsEmailService.java (added)
• resources/application.properties (modified) (1 diff)

petify-backend/src/main/java/com/petify/petify/api/AdminClinicApplicationsController.java

@@ -1 +1 @@
 package com.petify.petify.api;
 
-import com.petify.petify.domain.VetClinic;
 import com.petify.petify.domain.VetClinicApplication;
 import com.petify.petify.dto.VetClinicApplicationDTO;
 import com.petify.petify.repo.AdminRepository;
 import com.petify.petify.repo.VetClinicApplicationRepository;
-import com.petify.petify.repo.VetClinicRepository;
+import com.petify.petify.service.ClinicApprovalService;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -20 +19 @@
 
     private final VetClinicApplicationRepository applicationRepository;
-    private final VetClinicRepository clinicRepository;
     private final AdminRepository adminRepository;
+    private final ClinicApprovalService clinicApprovalService;
 
     public AdminClinicApplicationsController(VetClinicApplicationRepository applicationRepository,
-                                             VetClinicRepository clinicRepository,
-                                             AdminRepository adminRepository) {
+                                             AdminRepository adminRepository,
+                                             ClinicApprovalService clinicApprovalService) {
         this.applicationRepository = applicationRepository;
-        this.clinicRepository = clinicRepository;
         this.adminRepository = adminRepository;
+        this.clinicApprovalService = clinicApprovalService;
     }
 
@@ -56 +55 @@
                         .body(Map.of("error", "Admin access required"));
             }
-            VetClinicApplication application = applicationRepository.findById(applicationId)
-                .orElseThrow(() -> new RuntimeException("Application not found"));
-
-            application.setStatus("APPROVED");
-            application.setReviewedAt(LocalDateTime.now());
-            application.setReviewedBy(adminUserId);
-            application.setDenialReason(null);
-            VetClinicApplication saved = applicationRepository.save(application);
-
-            boolean clinicExists = clinicRepository.findAll().stream()
-                .anyMatch(clinic -> applicationId.equals(clinic.getApplicationId()));
-            if (!clinicExists) {
-                VetClinic clinic = new VetClinic();
-                clinic.setApplicationId(application.getApplicationId());
-                clinic.setName(application.getName());
-                clinic.setEmail(application.getEmail());
-                clinic.setPhone(application.getPhone());
-                clinic.setCity(application.getCity());
-                clinic.setAddress(application.getAddress());
-                clinicRepository.save(clinic);
-            }
+            VetClinicApplication saved = clinicApprovalService.approveApplication(applicationId, adminUserId);
 
             return ResponseEntity.ok(new VetClinicApplicationDTO(saved));

petify-backend/src/main/java/com/petify/petify/api/AuthController.java

@@ -2 +2 @@
 
 import com.petify.petify.dto.AuthResponse;
+import com.petify.petify.dto.ChangePasswordRequest;
+import com.petify.petify.dto.ForgotPasswordRequest;
 import com.petify.petify.dto.LoginRequest;
 import com.petify.petify.dto.SignUpRequest;
@@ -47 +49 @@
     }
 
+    @PostMapping("/change-password")
+    public ResponseEntity<?> changePassword(@RequestBody ChangePasswordRequest request) {
+        try {
+            authService.changePassword(request.getUserId(), request.getCurrentPassword(), request.getNewPassword());
+            return ResponseEntity.ok(Map.of("message", "Password changed successfully"));
+        } catch (RuntimeException e) {
+            return ResponseEntity.badRequest()
+                    .body(Map.of("message", e.getMessage()));
+        }
+    }
+
+    @PostMapping("/forgot-password")
+    public ResponseEntity<?> forgotPassword(@RequestBody ForgotPasswordRequest request) {
+        try {
+            authService.sendForgotPasswordEmail(request.getIdentifier());
+            return ResponseEntity.ok(Map.of("message", "If an account matches that username or email, a temporary password has been sent."));
+        } catch (RuntimeException e) {
+            return ResponseEntity.badRequest()
+                    .body(Map.of("message", e.getMessage()));
+        }
+    }
+
 
     @GetMapping("/users")

petify-backend/src/main/java/com/petify/petify/repo/VetClinicRepository.java

@@ -10 +10 @@
 public interface VetClinicRepository extends JpaRepository<VetClinic, Long> {
     java.util.List<VetClinic> findAllByOrderByNameAsc();
+    Optional<VetClinic> findByApplicationId(Long applicationId);
     Optional<VetClinic> findByUserId(Long userId);
     boolean existsByUserId(Long userId);

petify-backend/src/main/java/com/petify/petify/service/AuthService.java

@@ -22 +22 @@
 import org.springframework.transaction.annotation.Transactional;
 
+import java.security.SecureRandom;
 import java.time.LocalDateTime;
 import java.util.List;
@@ -31 +32 @@
 
     private static final Logger logger = LoggerFactory.getLogger(AuthService.class);
+    private static final String PASSWORD_CHARS = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz23456789!@#$%";
+    private static final SecureRandom SECURE_RANDOM = new SecureRandom();
 
     private final UserRepository userRepository;
@@ -39 +42 @@
     private final AnalyticsRepository analyticsRepository;
     private final VetClinicRepository vetClinicRepository;
+    private final ClinicCredentialsEmailService credentialsEmailService;
 
     public AuthService(UserRepository userRepository, ClientRepository clientRepository,
                       OwnerRepository ownerRepository, AdminRepository adminRepository,
                       PasswordEncoder passwordEncoder, AnalyticsRepository analyticsRepository,
-                      VetClinicRepository vetClinicRepository) {
+                      VetClinicRepository vetClinicRepository,
+                      ClinicCredentialsEmailService credentialsEmailService) {
         this.userRepository = userRepository;
         this.clientRepository = clientRepository;
@@ -51 +56 @@
         this.analyticsRepository = analyticsRepository;
         this.vetClinicRepository = vetClinicRepository;
+        this.credentialsEmailService = credentialsEmailService;
     }
 
@@ -177 +183 @@
             isVerified
         );
+    }
+
+    @Transactional
+    public void changePassword(Long userId, String currentPassword, String newPassword) {
+        if (userId == null) {
+            throw new RuntimeException("User is required");
+        }
+        if (currentPassword == null || currentPassword.isBlank()) {
+            throw new RuntimeException("Current password is required");
+        }
+        if (newPassword == null || newPassword.isBlank()) {
+            throw new RuntimeException("New password is required");
+        }
+        if (newPassword.length() < 8) {
+            throw new RuntimeException("New password must be at least 8 characters long");
+        }
+        if (newPassword.equals(currentPassword)) {
+            throw new RuntimeException("New password must be different from the current password");
+        }
+
+        User user = userRepository.findById(userId)
+            .orElseThrow(() -> new RuntimeException("User not found"));
+
+        boolean passwordMatches = passwordEncoder.matches(currentPassword, user.getPassword());
+        if (!passwordMatches && !currentPassword.equals(user.getPassword())) {
+            throw new RuntimeException("Current password is incorrect");
+        }
+
+        user.setPassword(passwordEncoder.encode(newPassword));
+        userRepository.save(user);
+        logger.info("Password changed successfully for user: {}", user.getUsername());
+    }
+
+    @Transactional
+    public void sendForgotPasswordEmail(String identifier) {
+        if (identifier == null || identifier.isBlank()) {
+            throw new RuntimeException("Username or email is required");
+        }
+
+        Optional<User> user = userRepository.findByUsernameOrEmail(identifier.trim(), identifier.trim());
+        if (user.isEmpty()) {
+            logger.info("Password reset requested for unknown identifier: {}", identifier);
+            return;
+        }
+
+        User foundUser = user.get();
+        String temporaryPassword = generateTemporaryPassword();
+        foundUser.setPassword(passwordEncoder.encode(temporaryPassword));
+        userRepository.save(foundUser);
+
+        credentialsEmailService.sendTemporaryPassword(
+            foundUser.getEmail(),
+            foundUser.getFirstName(),
+            foundUser.getUsername(),
+            temporaryPassword
+        );
+        logger.info("Temporary password sent for user: {}", foundUser.getUsername());
+    }
+
+    private String generateTemporaryPassword() {
+        StringBuilder password = new StringBuilder();
+        for (int i = 0; i < 14; i++) {
+            password.append(PASSWORD_CHARS.charAt(SECURE_RANDOM.nextInt(PASSWORD_CHARS.length())));
+        }
+        return password.toString();
     }
 

petify-backend/src/main/resources/application.properties

@@ -33 +33 @@
 spring.flyway.baseline-version=0
 
+# Mail
+spring.mail.host=${MAIL_HOST:smtp.gmail.com}
+spring.mail.port=${MAIL_PORT:587}
+spring.mail.username=${MAIL_USERNAME:}
+spring.mail.password=${MAIL_PASSWORD:}
+spring.mail.properties.mail.smtp.auth=true
+spring.mail.properties.mail.smtp.starttls.enable=true
+spring.mail.properties.mail.smtp.starttls.required=true
+management.health.mail.enabled=false
+
 spring.profiles.active=local
-spring.config.import=optional:file:.env.properties
+spring.config.import=optional:file:.env.properties,optional:file:petify-backend/.env.properties