API tools faq
paste
bocajbee

Untitled

bocajbee
Nov 29th, 2021 (edited)
930
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Java 8.43 KB | None | 0 0
raw download clone embed print report
  1. package com.example.passwordKeepr.passwordKeeprTest.Users;
  2. import org.springframework.beans.factory.annotation.Autowired;
  3. import org.springframework.mail.javamail.JavaMailSender;
  4. import org.springframework.mail.javamail.MimeMessageHelper;
  5. import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
  6. import org.springframework.security.crypto.password.PasswordEncoder;
  7. import org.springframework.stereotype.Service;
  8. import javax.mail.MessagingException;
  9. import javax.mail.internet.MimeMessage;
  10. import java.io.UnsupportedEncodingException;
  11. import java.time.LocalDateTime;
  12. import java.util.HashMap;
  13. import java.util.Map;
  14.  
  15. @Service
  16. public class LoginService {
  17.  
  18.     @Autowired
  19.     private JavaMailSender mailSender;
  20.     private final UsersRepository usersRepository;
  21.     private PasswordEncoder passwordEncoder;
  22.  
  23.     @Autowired
  24.     public LoginService(UsersRepository usersRepository)  {
  25.         this.usersRepository = usersRepository;
  26.     }
  27.  
  28.     public <lookupRequestObject> HashMap<String, String> loginUser(Map<String, Object> lookupRequestObject) {
  29.         String email = (String) lookupRequestObject.get("email");
  30.         String password = (String) lookupRequestObject.get("password");
  31.  
  32.         if (email == "") {
  33.             throw new IllegalStateException("Must provide email!");
  34.         } else if (password == "") {
  35.             throw new IllegalStateException("Must provide password!");
  36.         }
  37.  
  38.         return this.loginUser(email, password);
  39.     }
  40.  
  41.     // https://stackoverflow.com/questions/32129123/how-to-convert-boolean-true-or-false-to-string-value-in-groovy
  42.     private HashMap<String, String> loginUser(String email, String password) {
  43.         this.passwordEncoder = new BCryptPasswordEncoder();
  44.         User userFromDb = usersRepository.findByEmail(email);
  45.         String emailPassword = email + password;
  46.         long accountFirstFailedAttemptTimestamp = 0;
  47.         long accountLockedTimestamp = 0;
  48.  
  49.         if (userFromDb == null) {
  50.             throw new IllegalStateException("We couldn't find an account with that email!");
  51.         }
  52.  
  53.         boolean matches = passwordEncoder.matches(emailPassword, userFromDb.getMasterPassword());
  54.  
  55.         if (userFromDb.getFirst_failed_attempt_time() != null) {
  56.             accountFirstFailedAttemptTimestamp = getMinuteDuration(userFromDb.getFirst_failed_attempt_time());
  57.         }
  58.  
  59.         if (userFromDb.getLock_time() != null) {
  60.             accountLockedTimestamp = getMinuteDuration(userFromDb.getLock_time());
  61.         }
  62.  
  63.         LocalDateTime currentDateTime = LocalDateTime.now();
  64.         long currentDateTimeSecondDuration = getMinuteDuration(LocalDateTime.now());
  65.         long minutesDifferenceFirstFailedAttempt = currentDateTimeSecondDuration - accountFirstFailedAttemptTimestamp;
  66.         long minutesDifferenceSinceAccountLock = currentDateTimeSecondDuration - accountLockedTimestamp;
  67.  
  68.         if (matches == true) {
  69.             verifyAccountIsStillLocked(userFromDb, minutesDifferenceSinceAccountLock, currentDateTime, true);
  70.             return loginUser(userFromDb);
  71.         } else {
  72.  
  73.             if (accountLockedTimestamp != 0) {
  74.                 verifyAccountIsStillLocked(userFromDb, minutesDifferenceSinceAccountLock, currentDateTime, false);
  75.             }
  76.             verifyLoginAttempts(userFromDb, currentDateTime, minutesDifferenceFirstFailedAttempt);
  77.         }
  78.  
  79.         return null;
  80.     }
  81.  
  82.     public void resetPasswordEmail(Map<String, Object> lookupRequestObject) throws UnsupportedEncodingException, MessagingException {
  83.         String email = (String) lookupRequestObject.get("passwordResetEmail");
  84.         User userFromDb = usersRepository.findByEmail(email);
  85.  
  86.         if (userFromDb == null) {
  87.             throw new IllegalStateException("Uh oh! Doesn't look like that's a valid email address! Did you make a typo?");
  88.         }
  89.  
  90.         LocalDateTime currentDateTime = LocalDateTime.now();
  91.         userFromDb.setTimestamp_pw_reset(currentDateTime);
  92.         usersRepository.save(userFromDb);
  93.  
  94.         String siteUrl = "http:/localhost:3000";
  95.         String verifyUrl = siteUrl + "/resetPasswordForm" + userFromDb.getVerificationCode();
  96.         String subject = "Please click on the following link to reset your password";
  97.         String senderName = "PasswordKeepr Team";
  98.         String mailContent = "<p>Dear " + userFromDb.getEmail() + ", </p>";
  99.         mailContent += "<p>Please click the link below to reset your master password and access passWordKeepr's features!</p>";
  100.         mailContent += "<h3><a =\"href=" + verifyUrl + "\">VERIFY</a></h3>";
  101.         mailContent += "<p>Thank you, The PasswordKeepr team</p>";
  102.  
  103.         MimeMessage message = mailSender.createMimeMessage();
  104.         MimeMessageHelper helper = new MimeMessageHelper(message);
  105.  
  106.         helper.setFrom("jallen209972@gmail.com", senderName);
  107.         helper.setTo(userFromDb.getEmail());
  108.         helper.setSubject(subject);
  109.         helper.setText(mailContent, true);
  110.  
  111.         mailSender.send(message);
  112.     }
  113.  
  114.     public String verify(String verificationCode) {
  115.         User userToVerify = usersRepository.findByVerificationCode(verificationCode);
  116.  
  117.         if (userToVerify == null) {
  118.             return "Oops, doesn't look like a valid account exists for this request!";
  119.         } else if (userToVerify.getEnabled()) {
  120.             return "This user has already been verified! Go log in!";
  121.         } else {
  122.             usersRepository.enableUser(userToVerify.getId());
  123.             return "Account successfully verified! Go log in!";
  124.         }
  125.     }
  126.  
  127.     private long getMinuteDuration(LocalDateTime t) {
  128.         long hour = t.getHour();
  129.         long minute = t.getMinute();
  130.         long second = t.getSecond();
  131.         return  ((hour * 3600) + (minute * 60) + second) / 60;
  132.     }
  133.  
  134.     private void verifyAccountIsStillLocked(User userFromDb, long minutesDifferenceSinceAccountLock, LocalDateTime currentDateTime, boolean loginSuccess) {
  135.  
  136.         if (userFromDb.getAccount_locked() == true && minutesDifferenceSinceAccountLock < 60) {
  137.             throw new IllegalStateException("Sorry your account is locked for 1 hour!");
  138.         } else if (userFromDb.getAccount_locked() == true && minutesDifferenceSinceAccountLock > 60 && loginSuccess == false) {
  139.             userFromDb.setAccount_locked(false);
  140.             userFromDb.setFailed_attempt(1);
  141.             userFromDb.setFirst_failed_attempt_time(currentDateTime);
  142.             usersRepository.save(userFromDb);
  143.             throw new IllegalStateException("Sorry that password is incorrect!");
  144.         } else if(userFromDb.getAccount_locked() == true && minutesDifferenceSinceAccountLock > 60 && loginSuccess == true) {
  145.             userFromDb.setAccount_locked(false);
  146.             userFromDb.setFailed_attempt(0);
  147.             userFromDb.setFirst_failed_attempt_time(null);
  148.             usersRepository.save(userFromDb);
  149.         }
  150.  
  151.         return;
  152.     }
  153.  
  154.     private void verifyLoginAttempts(User userFromDb, LocalDateTime currentDateTime, long minutesDifferenceFirstFailedAttempt) {
  155.  
  156.         if (userFromDb.getFailed_attempt() == 0) {
  157.             int updatedFailedAttempt = userFromDb.getFailed_attempt() + 1;
  158.             userFromDb.setFirst_failed_attempt_time(currentDateTime);
  159.             userFromDb.setFailed_attempt(updatedFailedAttempt);
  160.         } else if (userFromDb.getFailed_attempt() < 3 && minutesDifferenceFirstFailedAttempt < 20) {
  161.             int updatedFailedAttempt = userFromDb.getFailed_attempt() + 1;
  162.             userFromDb.setFailed_attempt(updatedFailedAttempt);
  163.         } else if (userFromDb.getFailed_attempt() < 3 && minutesDifferenceFirstFailedAttempt > 20) {
  164.             userFromDb.setFirst_failed_attempt_time(currentDateTime);
  165.             userFromDb.setFailed_attempt(1);
  166.         } else if (userFromDb.getFailed_attempt() >= 3) {
  167.             userFromDb.setAccount_locked(true);
  168.             userFromDb.setLock_time(currentDateTime);
  169.             userFromDb.setFailed_attempt(0);
  170.         }
  171.  
  172.         usersRepository.save(userFromDb);
  173.         throw new IllegalStateException("Sorry that password is incorrect!");
  174.     }
  175.  
  176.     private HashMap loginUser(User userFromDb) {
  177.         userFromDb.setFailed_attempt(0);
  178.         String uuid = userFromDb.getUuid();
  179.         String enabled = String.valueOf(userFromDb.getEnabled());
  180.         HashMap<String, String> map = new HashMap<>();
  181.         map.put("uuid", uuid);
  182.         map.put("enabled", enabled);
  183.         usersRepository.save(userFromDb);
  184.         return map;
  185.     }
  186. }
  187.  
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!