Added e-mail and password updating

Author: EmielBoss

app/src/main/java/dev/blaauwendraad/recipe_book/service/UserAuthenticationService.java

@@ -5,7 +5,7 @@
 import dev.blaauwendraad.recipe_book.repository.RefreshTokenRepository;
 import dev.blaauwendraad.recipe_book.repository.UserRepository;
 import dev.blaauwendraad.recipe_book.service.exception.AccessTokenRefreshException;
-import dev.blaauwendraad.recipe_book.service.exception.UserLoginException;
+import dev.blaauwendraad.recipe_book.service.exception.UserAuthenticationException;
 import dev.blaauwendraad.recipe_book.service.exception.UserRegistrationException;
 import dev.blaauwendraad.recipe_book.service.exception.UserRegistrationValidationException;
 import dev.blaauwendraad.recipe_book.service.model.AuthenticationDetails;
@@ -63,9 +63,9 @@ public UserAccount registerUser(String username, String emailAddress, String pas
      *
      * @param emailAddress the e-mail address of the user
      * @param password     the password of the user
-     * @throws UserLoginException if there is an error during user login
+     * @throws UserAuthenticationException if there is an error during user login
      */
-    public AuthenticationDetails login(String emailAddress, String password) throws UserLoginException {
+    public AuthenticationDetails login(String emailAddress, String password) throws UserAuthenticationException {
         UserAccount userAccount = validateCredentials(emailAddress, password);
         RefreshTokenEntity refreshTokenEntity = createAndStoreRefreshToken(userAccount);
         return new AuthenticationDetails(
@@ -123,13 +123,13 @@ private String generateRefreshToken() {
         return Base64.getUrlEncoder().withoutPadding().encodeToString(bytes);
     }
 
-    private UserAccount validateCredentials(String emailAddress, String password) throws UserLoginException {
+    private UserAccount validateCredentials(String emailAddress, String password) throws UserAuthenticationException {
         UserAccountEntity userAccountEntity = userRepository.findByEmail(emailAddress);
         if (userAccountEntity == null) {
-            throw new UserLoginException("No user account found for the provided email address.");
+            throw new UserAuthenticationException("No user account found for the provided email address.");
         }
         if (!BcryptUtil.matches(password, userAccountEntity.passwordHash)) {
-            throw new UserLoginException("Invalid password provided.");
+            throw new UserAuthenticationException("Invalid password provided.");
         }
         return UserAccountConverter.toUserAccount(userAccountEntity);
     }

app/src/main/java/dev/blaauwendraad/recipe_book/service/UserService.java

@@ -0,0 +1,58 @@
+package dev.blaauwendraad.recipe_book.service;
+
+import dev.blaauwendraad.recipe_book.data.model.UserAccountEntity;
+import dev.blaauwendraad.recipe_book.repository.UserRepository;
+import dev.blaauwendraad.recipe_book.service.exception.UserAuthenticationException;
+import io.quarkus.elytron.security.common.BcryptUtil;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
+import jakarta.transaction.Transactional;
+import jakarta.ws.rs.NotFoundException;
+
+@ApplicationScoped
+public class UserService {
+    private final UserRepository userRepository;
+
+    @Inject
+    public UserService(UserRepository userRepository) {
+        this.userRepository = userRepository;
+    }
+
+    public String getEmail(Long userId) {
+        UserAccountEntity userAccountEntity = userRepository.findById(userId);
+        if (userAccountEntity == null) {
+            throw new NotFoundException("User with userId " + userId + " does not exist");
+        }
+        return userAccountEntity.emailAddress;
+    }
+
+    @Transactional
+    public void updateEmail(Long userId, String newEmail, String currentPassword) throws UserAuthenticationException {
+        UserAccountEntity userAccountEntity = userRepository.findById(userId);
+        if (userAccountEntity == null) {
+            throw new UserAuthenticationException("No user account found for the provided email address.");
+        }
+        if (!BcryptUtil.matches(currentPassword, userAccountEntity.passwordHash)) {
+            throw new UserAuthenticationException("Invalid password provided.");
+        }
+        userAccountEntity.emailAddress = newEmail;
+        userRepository.persist(userAccountEntity);
+    }
+
+    @Transactional
+    public void updatePassword(Long userId, String currentPassword, String newPassword, String confirmPassword)
+            throws UserAuthenticationException {
+        UserAccountEntity userAccountEntity = userRepository.findById(userId);
+        if (userAccountEntity == null) {
+            throw new UserAuthenticationException("No user account found for the provided email address.");
+        }
+        if (!BcryptUtil.matches(currentPassword, userAccountEntity.passwordHash)) {
+            throw new UserAuthenticationException("Invalid password provided.");
+        }
+        if (!newPassword.equals(confirmPassword)) {
+            throw new UserAuthenticationException("New password and confirmation password do not match.");
+        }
+        userAccountEntity.passwordHash = BcryptUtil.bcryptHash(newPassword);
+        userRepository.persist(userAccountEntity);
+    }
+}

app/src/main/java/dev/blaauwendraad/recipe_book/service/exception/UserAuthenticationException.java

@@ -0,0 +1,8 @@
+package dev.blaauwendraad.recipe_book.service.exception;
+
+public class UserAuthenticationException extends DetailedMessageException {
+
+    public UserAuthenticationException(String detailMessage) {
+        super("Failed to login user.", detailMessage);
+    }
+}

…/exception/UserLoginExceptionMapper.java …n/UserAuthenticationExceptionMapper.javaapp/src/main/java/dev/blaauwendraad/recipe_book/service/exception/UserLoginExceptionMapper.java renamed to app/src/main/java/dev/blaauwendraad/recipe_book/service/exception/UserAuthenticationExceptionMapper.java app/src/main/java/dev/blaauwendraad/recipe_book/service/exception/UserLoginExceptionMapper.java renamed to app/src/main/java/dev/blaauwendraad/recipe_book/service/exception/UserAuthenticationExceptionMapper.java

@@ -7,22 +7,22 @@
 import jakarta.ws.rs.ext.Provider;
 
 @Provider
-public class UserLoginExceptionMapper implements ExceptionMapper<UserLoginException> {
+public class UserAuthenticationExceptionMapper implements ExceptionMapper<UserAuthenticationException> {
 
     @Override
-    public Response toResponse(UserLoginException exception) {
+    public Response toResponse(UserAuthenticationException exception) {
         var errorResponse = toErrorResponse(exception);
         return Response.status(errorResponse.httpStatusCode())
                 .type(MediaType.APPLICATION_JSON_TYPE)
                 .entity(errorResponse)
                 .build();
     }
 
-    private static ErrorResponse toErrorResponse(UserLoginException exception) {
+    private static ErrorResponse toErrorResponse(UserAuthenticationException exception) {
         return new ErrorResponse(
                 exception.getMessage() != null
                         ? exception.getMessage()
-                        : "An unexpected error occurred while trying to log in",
+                        : "An unexpected error occurred while trying to authenticate the user.",
                 exception.getDetailMessage(),
                 Response.Status.BAD_REQUEST.getStatusCode());
     }

app/src/main/java/dev/blaauwendraad/recipe_book/service/exception/UserLoginException.java

@@ -2,7 +2,7 @@
 
 import dev.blaauwendraad.recipe_book.service.UserAuthenticationService;
 import dev.blaauwendraad.recipe_book.service.exception.AccessTokenRefreshException;
-import dev.blaauwendraad.recipe_book.service.exception.UserLoginException;
+import dev.blaauwendraad.recipe_book.service.exception.UserAuthenticationException;
 import dev.blaauwendraad.recipe_book.service.exception.UserRegistrationException;
 import dev.blaauwendraad.recipe_book.service.model.AuthenticationDetails;
 import dev.blaauwendraad.recipe_book.service.model.UserAccount;
@@ -35,7 +35,8 @@ public UserAuthenticationResource(UserAuthenticationService userAuthenticationSe
     @POST
     @PermitAll
     @Path("/login")
-    public LoginResponse login(@Valid @NotNull LoginAttemptRequest loginAttemptRequest) throws UserLoginException {
+    public LoginResponse login(@Valid @NotNull LoginAttemptRequest loginAttemptRequest)
+            throws UserAuthenticationException {
         AuthenticationDetails loginDetails =
                 userAuthenticationService.login(loginAttemptRequest.emailAddress(), loginAttemptRequest.password());
         return new LoginResponse(

app/src/main/java/dev/blaauwendraad/recipe_book/web/UserAuthenticationResource.java

@@ -0,0 +1,76 @@
+package dev.blaauwendraad.recipe_book.web;
+
+import dev.blaauwendraad.recipe_book.service.UserService;
+import dev.blaauwendraad.recipe_book.service.exception.UserAuthenticationException;
+import dev.blaauwendraad.recipe_book.web.model.UpdateEmailRequest;
+import dev.blaauwendraad.recipe_book.web.model.UpdatePasswordRequest;
+import jakarta.annotation.security.RolesAllowed;
+import jakarta.enterprise.context.ApplicationScoped;
+import jakarta.inject.Inject;
+import jakarta.validation.Valid;
+import jakarta.validation.constraints.NotNull;
+import jakarta.ws.rs.Consumes;
+import jakarta.ws.rs.ForbiddenException;
+import jakarta.ws.rs.GET;
+import jakarta.ws.rs.PUT;
+import jakarta.ws.rs.Path;
+import jakarta.ws.rs.PathParam;
+import jakarta.ws.rs.Produces;
+import jakarta.ws.rs.core.MediaType;
+import jakarta.ws.rs.core.Response;
+import org.eclipse.microprofile.jwt.JsonWebToken;
+
+@ApplicationScoped
+@Path("/api/users/{userId}")
+public class UserResource {
+    private final UserService userService;
+
+    @Inject
+    JsonWebToken jwt;
+
+    @Inject
+    public UserResource(UserService userService) {
+        this.userService = userService;
+    }
+
+    @GET
+    @Produces(MediaType.TEXT_PLAIN)
+    @Path("/email")
+    @RolesAllowed({"admin", "user"})
+    public Response getEmail(@PathParam("userId") Long userId) {
+        if (!Long.valueOf(jwt.getName()).equals(userId)) {
+            throw new ForbiddenException("Not allowed to get e-mail of other user");
+        }
+        String email = userService.getEmail(userId);
+        return Response.ok(email).build();
+    }
+
+    @PUT
+    @Produces(MediaType.APPLICATION_JSON)
+    @Consumes(MediaType.APPLICATION_JSON)
+    @Path("/email")
+    @RolesAllowed({"admin", "user"})
+    public Response updateEmail(@PathParam("userId") Long userId, @Valid @NotNull UpdateEmailRequest request)
+            throws UserAuthenticationException {
+        if (!Long.valueOf(jwt.getName()).equals(userId)) {
+            throw new ForbiddenException("Not allowed to update e-mail of other user");
+        }
+        userService.updateEmail(userId, request.newEmail(), request.currentPassword());
+        return Response.ok().build();
+    }
+
+    @PUT
+    @Produces(MediaType.APPLICATION_JSON)
+    @Consumes(MediaType.APPLICATION_JSON)
+    @Path("/password")
+    @RolesAllowed({"admin", "user"})
+    public Response updatePassword(@PathParam("userId") Long userId, @Valid @NotNull UpdatePasswordRequest request)
+            throws UserAuthenticationException {
+        if (!Long.valueOf(jwt.getName()).equals(userId)) {
+            throw new ForbiddenException("Not allowed to update password of other user");
+        }
+        System.out.println("Updating password for userId: " + userId);
+        userService.updatePassword(userId, request.currentPassword(), request.newPassword(), request.confirmPassword());
+        return Response.ok().build();
+    }
+}

app/src/main/java/dev/blaauwendraad/recipe_book/web/UserResource.java

@@ -13,7 +13,7 @@
 public record SaveRecipeRequestDto(
         @NotBlank @Size(min = 5, max = 100) String title,
         @Nullable @Size(max = 2000) String description,
-        @NotNull @NotNull @Positive @Max(100) Integer numServings,
+        @NotNull @Positive @Max(100) Integer numServings,
         @NotNull PreparationTime preparationTime,
         @Size(min = 1, max = 50) List<@Valid IngredientDto> ingredients,
         @Size(min = 1, max = 50) List<@Valid PreparationStepDto> preparationSteps) {}

app/src/main/java/dev/blaauwendraad/recipe_book/web/model/SaveRecipeRequestDto.java

@@ -0,0 +1,6 @@
+package dev.blaauwendraad.recipe_book.web.model;
+
+import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotNull;
+
+public record UpdateEmailRequest(@NotNull @Email String newEmail, @NotNull String currentPassword) {}

app/src/main/java/dev/blaauwendraad/recipe_book/web/model/UpdateEmailRequest.java

@@ -0,0 +1,7 @@
+package dev.blaauwendraad.recipe_book.web.model;
+
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Size;
+
+public record UpdatePasswordRequest(
+        @NotNull String currentPassword, @NotNull @Size(min = 8) String newPassword, @NotNull String confirmPassword) {}