Index: petify-backend/src/main/java/com/petify/petify/api/AdminClinicApplicationsController.java =================================================================== --- petify-backend/src/main/java/com/petify/petify/api/AdminClinicApplicationsController.java (revision fa32d0f462d925f109df1a21025f904e56606f8b) +++ petify-backend/src/main/java/com/petify/petify/api/AdminClinicApplicationsController.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) @@ -1,10 +1,9 @@ package com.petify.petify.api; -import com.petify.petify.domain.VetClinic; import com.petify.petify.domain.VetClinicApplication; import com.petify.petify.dto.VetClinicApplicationDTO; import com.petify.petify.repo.AdminRepository; import com.petify.petify.repo.VetClinicApplicationRepository; -import com.petify.petify.repo.VetClinicRepository; +import com.petify.petify.service.ClinicApprovalService; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -20,13 +19,13 @@ private final VetClinicApplicationRepository applicationRepository; - private final VetClinicRepository clinicRepository; private final AdminRepository adminRepository; + private final ClinicApprovalService clinicApprovalService; public AdminClinicApplicationsController(VetClinicApplicationRepository applicationRepository, - VetClinicRepository clinicRepository, - AdminRepository adminRepository) { + AdminRepository adminRepository, + ClinicApprovalService clinicApprovalService) { this.applicationRepository = applicationRepository; - this.clinicRepository = clinicRepository; this.adminRepository = adminRepository; + this.clinicApprovalService = clinicApprovalService; } @@ -56,25 +55,5 @@ .body(Map.of("error", "Admin access required")); } - VetClinicApplication application = applicationRepository.findById(applicationId) - .orElseThrow(() -> new RuntimeException("Application not found")); - - application.setStatus("APPROVED"); - application.setReviewedAt(LocalDateTime.now()); - application.setReviewedBy(adminUserId); - application.setDenialReason(null); - VetClinicApplication saved = applicationRepository.save(application); - - boolean clinicExists = clinicRepository.findAll().stream() - .anyMatch(clinic -> applicationId.equals(clinic.getApplicationId())); - if (!clinicExists) { - VetClinic clinic = new VetClinic(); - clinic.setApplicationId(application.getApplicationId()); - clinic.setName(application.getName()); - clinic.setEmail(application.getEmail()); - clinic.setPhone(application.getPhone()); - clinic.setCity(application.getCity()); - clinic.setAddress(application.getAddress()); - clinicRepository.save(clinic); - } + VetClinicApplication saved = clinicApprovalService.approveApplication(applicationId, adminUserId); return ResponseEntity.ok(new VetClinicApplicationDTO(saved)); Index: petify-backend/src/main/java/com/petify/petify/api/AuthController.java =================================================================== --- petify-backend/src/main/java/com/petify/petify/api/AuthController.java (revision fa32d0f462d925f109df1a21025f904e56606f8b) +++ petify-backend/src/main/java/com/petify/petify/api/AuthController.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) @@ -2,4 +2,6 @@ import com.petify.petify.dto.AuthResponse; +import com.petify.petify.dto.ChangePasswordRequest; +import com.petify.petify.dto.ForgotPasswordRequest; import com.petify.petify.dto.LoginRequest; import com.petify.petify.dto.SignUpRequest; @@ -47,4 +49,26 @@ } + @PostMapping("/change-password") + public ResponseEntity changePassword(@RequestBody ChangePasswordRequest request) { + try { + authService.changePassword(request.getUserId(), request.getCurrentPassword(), request.getNewPassword()); + return ResponseEntity.ok(Map.of("message", "Password changed successfully")); + } catch (RuntimeException e) { + return ResponseEntity.badRequest() + .body(Map.of("message", e.getMessage())); + } + } + + @PostMapping("/forgot-password") + public ResponseEntity forgotPassword(@RequestBody ForgotPasswordRequest request) { + try { + authService.sendForgotPasswordEmail(request.getIdentifier()); + return ResponseEntity.ok(Map.of("message", "If an account matches that username or email, a temporary password has been sent.")); + } catch (RuntimeException e) { + return ResponseEntity.badRequest() + .body(Map.of("message", e.getMessage())); + } + } + @GetMapping("/users") Index: petify-backend/src/main/java/com/petify/petify/dto/ChangePasswordRequest.java =================================================================== --- petify-backend/src/main/java/com/petify/petify/dto/ChangePasswordRequest.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) +++ petify-backend/src/main/java/com/petify/petify/dto/ChangePasswordRequest.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) @@ -0,0 +1,21 @@ +package com.petify.petify.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class ChangePasswordRequest { + private Long userId; + private String currentPassword; + private String newPassword; + + public ChangePasswordRequest() { + } + + public ChangePasswordRequest(Long userId, String currentPassword, String newPassword) { + this.userId = userId; + this.currentPassword = currentPassword; + this.newPassword = newPassword; + } +} Index: petify-backend/src/main/java/com/petify/petify/dto/ForgotPasswordRequest.java =================================================================== --- petify-backend/src/main/java/com/petify/petify/dto/ForgotPasswordRequest.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) +++ petify-backend/src/main/java/com/petify/petify/dto/ForgotPasswordRequest.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) @@ -0,0 +1,17 @@ +package com.petify.petify.dto; + +import lombok.Getter; +import lombok.Setter; + +@Getter +@Setter +public class ForgotPasswordRequest { + private String identifier; + + public ForgotPasswordRequest() { + } + + public ForgotPasswordRequest(String identifier) { + this.identifier = identifier; + } +} Index: petify-backend/src/main/java/com/petify/petify/repo/VetClinicRepository.java =================================================================== --- petify-backend/src/main/java/com/petify/petify/repo/VetClinicRepository.java (revision fa32d0f462d925f109df1a21025f904e56606f8b) +++ petify-backend/src/main/java/com/petify/petify/repo/VetClinicRepository.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) @@ -10,4 +10,5 @@ public interface VetClinicRepository extends JpaRepository { java.util.List findAllByOrderByNameAsc(); + Optional findByApplicationId(Long applicationId); Optional findByUserId(Long userId); boolean existsByUserId(Long userId); Index: petify-backend/src/main/java/com/petify/petify/service/AuthService.java =================================================================== --- petify-backend/src/main/java/com/petify/petify/service/AuthService.java (revision fa32d0f462d925f109df1a21025f904e56606f8b) +++ petify-backend/src/main/java/com/petify/petify/service/AuthService.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) @@ -22,4 +22,5 @@ import org.springframework.transaction.annotation.Transactional; +import java.security.SecureRandom; import java.time.LocalDateTime; import java.util.List; @@ -31,4 +32,6 @@ private static final Logger logger = LoggerFactory.getLogger(AuthService.class); + private static final String PASSWORD_CHARS = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz23456789!@#$%"; + private static final SecureRandom SECURE_RANDOM = new SecureRandom(); private final UserRepository userRepository; @@ -39,9 +42,11 @@ private final AnalyticsRepository analyticsRepository; private final VetClinicRepository vetClinicRepository; + private final ClinicCredentialsEmailService credentialsEmailService; public AuthService(UserRepository userRepository, ClientRepository clientRepository, OwnerRepository ownerRepository, AdminRepository adminRepository, PasswordEncoder passwordEncoder, AnalyticsRepository analyticsRepository, - VetClinicRepository vetClinicRepository) { + VetClinicRepository vetClinicRepository, + ClinicCredentialsEmailService credentialsEmailService) { this.userRepository = userRepository; this.clientRepository = clientRepository; @@ -51,4 +56,5 @@ this.analyticsRepository = analyticsRepository; this.vetClinicRepository = vetClinicRepository; + this.credentialsEmailService = credentialsEmailService; } @@ -177,4 +183,69 @@ isVerified ); + } + + @Transactional + public void changePassword(Long userId, String currentPassword, String newPassword) { + if (userId == null) { + throw new RuntimeException("User is required"); + } + if (currentPassword == null || currentPassword.isBlank()) { + throw new RuntimeException("Current password is required"); + } + if (newPassword == null || newPassword.isBlank()) { + throw new RuntimeException("New password is required"); + } + if (newPassword.length() < 8) { + throw new RuntimeException("New password must be at least 8 characters long"); + } + if (newPassword.equals(currentPassword)) { + throw new RuntimeException("New password must be different from the current password"); + } + + User user = userRepository.findById(userId) + .orElseThrow(() -> new RuntimeException("User not found")); + + boolean passwordMatches = passwordEncoder.matches(currentPassword, user.getPassword()); + if (!passwordMatches && !currentPassword.equals(user.getPassword())) { + throw new RuntimeException("Current password is incorrect"); + } + + user.setPassword(passwordEncoder.encode(newPassword)); + userRepository.save(user); + logger.info("Password changed successfully for user: {}", user.getUsername()); + } + + @Transactional + public void sendForgotPasswordEmail(String identifier) { + if (identifier == null || identifier.isBlank()) { + throw new RuntimeException("Username or email is required"); + } + + Optional user = userRepository.findByUsernameOrEmail(identifier.trim(), identifier.trim()); + if (user.isEmpty()) { + logger.info("Password reset requested for unknown identifier: {}", identifier); + return; + } + + User foundUser = user.get(); + String temporaryPassword = generateTemporaryPassword(); + foundUser.setPassword(passwordEncoder.encode(temporaryPassword)); + userRepository.save(foundUser); + + credentialsEmailService.sendTemporaryPassword( + foundUser.getEmail(), + foundUser.getFirstName(), + foundUser.getUsername(), + temporaryPassword + ); + logger.info("Temporary password sent for user: {}", foundUser.getUsername()); + } + + private String generateTemporaryPassword() { + StringBuilder password = new StringBuilder(); + for (int i = 0; i < 14; i++) { + password.append(PASSWORD_CHARS.charAt(SECURE_RANDOM.nextInt(PASSWORD_CHARS.length()))); + } + return password.toString(); } Index: petify-backend/src/main/java/com/petify/petify/service/ClinicApprovalService.java =================================================================== --- petify-backend/src/main/java/com/petify/petify/service/ClinicApprovalService.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) +++ petify-backend/src/main/java/com/petify/petify/service/ClinicApprovalService.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) @@ -0,0 +1,126 @@ +package com.petify.petify.service; + +import com.petify.petify.domain.User; +import com.petify.petify.domain.VetClinic; +import com.petify.petify.domain.VetClinicApplication; +import com.petify.petify.repo.UserRepository; +import com.petify.petify.repo.VetClinicApplicationRepository; +import com.petify.petify.repo.VetClinicRepository; +import org.springframework.security.crypto.password.PasswordEncoder; +import org.springframework.stereotype.Service; +import org.springframework.transaction.annotation.Transactional; +import org.springframework.util.StringUtils; + +import java.security.SecureRandom; +import java.time.LocalDateTime; +import java.util.Locale; + +@Service +public class ClinicApprovalService { + + private static final int MAX_USERNAME_LENGTH = 30; + private static final String PASSWORD_CHARS = "ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz23456789!@#$%"; + private static final SecureRandom SECURE_RANDOM = new SecureRandom(); + + private final VetClinicApplicationRepository applicationRepository; + private final VetClinicRepository clinicRepository; + private final UserRepository userRepository; + private final PasswordEncoder passwordEncoder; + private final ClinicCredentialsEmailService credentialsEmailService; + + public ClinicApprovalService(VetClinicApplicationRepository applicationRepository, + VetClinicRepository clinicRepository, + UserRepository userRepository, + PasswordEncoder passwordEncoder, + ClinicCredentialsEmailService credentialsEmailService) { + this.applicationRepository = applicationRepository; + this.clinicRepository = clinicRepository; + this.userRepository = userRepository; + this.passwordEncoder = passwordEncoder; + this.credentialsEmailService = credentialsEmailService; + } + + @Transactional + public VetClinicApplication approveApplication(Long applicationId, Long adminUserId) { + VetClinicApplication application = applicationRepository.findById(applicationId) + .orElseThrow(() -> new RuntimeException("Application not found")); + + application.setStatus("APPROVED"); + application.setReviewedAt(LocalDateTime.now()); + application.setReviewedBy(adminUserId); + application.setDenialReason(null); + VetClinicApplication savedApplication = applicationRepository.save(application); + + VetClinic clinic = clinicRepository.findByApplicationId(applicationId) + .orElseGet(() -> createClinic(application)); + + if (clinic.getUserId() == null) { + if (!StringUtils.hasText(application.getEmail())) { + throw new IllegalArgumentException("Clinic email is required to create and send account credentials"); + } + if (userRepository.findByEmail(application.getEmail()).isPresent()) { + throw new IllegalArgumentException("A user with this clinic email already exists"); + } + + String username = generateUniqueUsername(application.getName()); + String password = generatePassword(); + User user = new User( + username, + application.getEmail(), + passwordEncoder.encode(password), + truncate(application.getName(), 60), + "Clinic" + ); + + User savedUser = userRepository.save(user); + clinic.setUserId(savedUser.getUserId()); + clinicRepository.save(clinic); + + credentialsEmailService.sendCredentials(application.getEmail(), application.getName(), username, password); + } + + return savedApplication; + } + + private VetClinic createClinic(VetClinicApplication application) { + VetClinic clinic = new VetClinic(); + clinic.setApplicationId(application.getApplicationId()); + clinic.setName(application.getName()); + clinic.setEmail(application.getEmail()); + clinic.setPhone(application.getPhone()); + clinic.setCity(application.getCity()); + clinic.setAddress(application.getAddress()); + return clinicRepository.save(clinic); + } + + private String generateUniqueUsername(String clinicName) { + String base = "clinic." + clinicName.toLowerCase(Locale.ROOT).replaceAll("[^a-z0-9]+", ""); + if (base.equals("clinic.")) { + base = "clinic.account"; + } + base = truncate(base, MAX_USERNAME_LENGTH); + + String username = base; + int suffix = 2; + while (userRepository.findByUsername(username).isPresent()) { + String suffixText = String.valueOf(suffix++); + username = truncate(base, MAX_USERNAME_LENGTH - suffixText.length()) + suffixText; + } + return username; + } + + private String generatePassword() { + StringBuilder password = new StringBuilder(); + for (int i = 0; i < 14; i++) { + password.append(PASSWORD_CHARS.charAt(SECURE_RANDOM.nextInt(PASSWORD_CHARS.length()))); + } + return password.toString(); + } + + private String truncate(String value, int maxLength) { + if (value == null || value.length() <= maxLength) { + return value; + } + return value.substring(0, maxLength); + } +} Index: petify-backend/src/main/java/com/petify/petify/service/ClinicCredentialsEmailService.java =================================================================== --- petify-backend/src/main/java/com/petify/petify/service/ClinicCredentialsEmailService.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) +++ petify-backend/src/main/java/com/petify/petify/service/ClinicCredentialsEmailService.java (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) @@ -0,0 +1,94 @@ +package com.petify.petify.service; + +import org.springframework.beans.factory.ObjectProvider; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.mail.SimpleMailMessage; +import org.springframework.mail.javamail.JavaMailSender; +import org.springframework.stereotype.Service; +import org.springframework.util.StringUtils; + +@Service +public class ClinicCredentialsEmailService { + + private final ObjectProvider mailSenderProvider; + private final String fromAddress; + private final String mailPassword; + + public ClinicCredentialsEmailService(ObjectProvider mailSenderProvider, + @Value("${spring.mail.username:}") String fromAddress, + @Value("${spring.mail.password:}") String mailPassword) { + this.mailSenderProvider = mailSenderProvider; + this.fromAddress = fromAddress; + this.mailPassword = mailPassword; + } + + public void sendCredentials(String recipientEmail, String clinicName, String username, String password) { + if (!StringUtils.hasText(recipientEmail)) { + throw new IllegalArgumentException("Clinic email is required to send account credentials"); + } + + JavaMailSender mailSender = getConfiguredMailSender(); + + SimpleMailMessage message = new SimpleMailMessage(); + message.setFrom(fromAddress); + message.setTo(recipientEmail); + message.setSubject("Your Petify clinic account has been approved"); + message.setText(""" + Hello %s, + + Your clinic application has been approved. + + You can now sign in to Petify with these credentials: + Username: %s + Password: %s + + Please change this password after your first login. + + Petify Team + """.formatted(clinicName, username, password)); + + mailSender.send(message); + } + + public void sendTemporaryPassword(String recipientEmail, String firstName, String username, String temporaryPassword) { + if (!StringUtils.hasText(recipientEmail)) { + throw new IllegalArgumentException("User email is required to send password reset credentials"); + } + + JavaMailSender mailSender = getConfiguredMailSender(); + + SimpleMailMessage message = new SimpleMailMessage(); + message.setFrom(fromAddress); + message.setTo(recipientEmail); + message.setSubject("Your Petify password reset"); + message.setText(""" + Hello %s, + + We received a request to reset your Petify password. + + You can sign in with these temporary credentials: + Username: %s + Temporary password: %s + + After signing in, open your profile's Account tab and choose a new password. + + If you did not request this reset, please change your password right away. + + Petify Team + """.formatted(firstName, username, temporaryPassword)); + + mailSender.send(message); + } + + private JavaMailSender getConfiguredMailSender() { + if (!StringUtils.hasText(fromAddress) || !StringUtils.hasText(mailPassword)) { + throw new IllegalStateException("Mail username and password are not configured. Set MAIL_USERNAME and MAIL_PASSWORD before sending account emails."); + } + + JavaMailSender mailSender = mailSenderProvider.getIfAvailable(); + if (mailSender == null) { + throw new IllegalStateException("Mail sender is not configured. Set spring.mail.* properties before sending account emails."); + } + return mailSender; + } +} Index: petify-backend/src/main/resources/application.properties =================================================================== --- petify-backend/src/main/resources/application.properties (revision fa32d0f462d925f109df1a21025f904e56606f8b) +++ petify-backend/src/main/resources/application.properties (revision ae836471908c8a67e8fc2a25ad6c445b1c867e48) @@ -33,6 +33,16 @@ spring.flyway.baseline-version=0 +# Mail +spring.mail.host=${MAIL_HOST:smtp.gmail.com} +spring.mail.port=${MAIL_PORT:587} +spring.mail.username=${MAIL_USERNAME:} +spring.mail.password=${MAIL_PASSWORD:} +spring.mail.properties.mail.smtp.auth=true +spring.mail.properties.mail.smtp.starttls.enable=true +spring.mail.properties.mail.smtp.starttls.required=true +management.health.mail.enabled=false + spring.profiles.active=local -spring.config.import=optional:file:.env.properties +spring.config.import=optional:file:.env.properties,optional:file:petify-backend/.env.properties