Java tutorial
/* * Copyright (c) 2013 IANA. All Rights Reserved. THE AUTHOR MAKES NO * REPRESENTATIONS OR WARRANTIES ABOUT THE SUITABILITY OF THE SOFTWARE, EITHER * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR NON-INFRINGEMENT. THE * AUTHOR SHALL NOT BE LIABLE FOR ANY DAMAGES SUFFERED BY LICENSEE AS A RESULT * OF USING, MODIFYING OR DISTRIBUTING THIS SOFTWARE OR ITS DERIVATIVES. */ package com.iana.dver.controller; import java.io.File; import java.io.FileOutputStream; import java.io.IOException; import java.security.Principal; import java.text.DateFormat; import java.text.SimpleDateFormat; import java.util.Date; import java.util.Set; import javax.mail.internet.AddressException; import javax.mail.internet.InternetAddress; import javax.servlet.ServletContext; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.log4j.Logger; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Scope; import org.springframework.stereotype.Controller; import org.springframework.ui.Model; import org.springframework.ui.ModelMap; import org.springframework.util.StringUtils; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.servlet.mvc.support.RedirectAttributes; import com.iana.dver.domain.DverConfig; import com.iana.dver.domain.DverUsers; import com.iana.dver.domain.UserLogin; import com.iana.dver.service.LoginService; import com.iana.dver.util.DVERUtil; import com.iana.dver.vo.DverSecurityObj; import com.iana.dver.vo.ForgotPwdVO; import com.lowagie.text.DocumentException; import com.lowagie.text.pdf.AcroFields; import com.lowagie.text.pdf.PdfReader; import com.lowagie.text.pdf.PdfStamper; /** * @author tgbaxi * @date 10-Sep-2013 */ @Controller @Scope("request") public class LoginController { @Autowired private LoginService loginService; @Autowired private DverSecurityObj securityObj; @Autowired private ServletContext servletContext; private static final Logger logger = Logger.getLogger(LoginController.class); @RequestMapping(value = { "/" }, method = RequestMethod.GET) public String gotoLoginPage(final ModelMap model, HttpServletRequest request) { return "redirect:/login"; } @RequestMapping(value = { "/login" }, method = RequestMethod.GET) public String setupLoginPage(final ModelMap model, HttpServletRequest request) { return "index"; } @RequestMapping(value = "/loginfailed", method = RequestMethod.GET) public String loginerror(final RedirectAttributes redirectAttributes) { redirectAttributes.addFlashAttribute("error", "Invalid Username/Password"); return "redirect:/login"; } @RequestMapping(value = "/accessDenied", method = RequestMethod.GET) public String accessDenied(HttpServletRequest request) { logger.info("System has detected Unauthorised access... Kicking the user out"); if (this.securityObj != null) { request.getSession().removeAttribute("securityObj"); } return "redirect:/login"; } @RequestMapping(value = "/welcome", method = RequestMethod.GET) public String doWelcomeDver(final RedirectAttributes redirectAttributes, HttpServletRequest request, Principal user) { String name = user.getName(); String redirect = "index"; this.securityObj = loginService.login(name); request.getSession().setAttribute("securityObj", securityObj); final String userType = securityObj.getUserType(); if (userType.equalsIgnoreCase("Admin") || userType.equalsIgnoreCase("IEP") || userType.equalsIgnoreCase("MC")) { redirect = "redirect:/" + userType.toLowerCase(); } else { redirectAttributes.addFlashAttribute("failureMessage", "Invalid Username or Password"); } return redirect; } @RequestMapping(value = "/forgotpwd", method = RequestMethod.GET) public String setupForgotPwd(final Model model, @ModelAttribute("regEmail") String regEmail, @ModelAttribute("usdot") String usdot, @ModelAttribute("scac") String scac) { try { ForgotPwdVO forgotPwdVO = new ForgotPwdVO(); model.addAttribute("forgotPwdVO", forgotPwdVO); return "forgot-pass"; } catch (Exception ex) { DVERUtil.sendExceptionEmails("setupForgotPwd method of LoginController \n " + ex); logger.error("Error in submitForgotPwd....." + ex); return "error"; } } @RequestMapping(value = "/forgotpwd", method = RequestMethod.POST) public @ResponseBody String submitForgotPwd(HttpServletRequest request, HttpServletResponse response) throws IOException, DocumentException, AddressException { try { StringBuffer errors = new StringBuffer(); String scac = request.getParameter("scac"); String usdot = request.getParameter("usdot"); String email = request.getParameter("regEmail"); String userType = request.getParameter("dverUserType"); if (!StringUtils.hasText(email)) { errors.append("Email Can not be blank"); } if (!StringUtils.hasText(scac) && !StringUtils.hasText(usdot)) { errors.append("<br> Scac or Usdot require to perform operation."); } if (errors.length() == 0) { ForgotPwdVO forgotPwdVO = new ForgotPwdVO(); forgotPwdVO.setRegEmail(email); forgotPwdVO.setScac(scac); forgotPwdVO.setUsdot(usdot); forgotPwdVO.setDverUserType(Integer.parseInt(userType)); DverUsers dverUser = loginService.forgotPassword(forgotPwdVO); DverConfig dverConfig = null; UserLogin dverUserLogin = null; if (dverUser != null) { Set<DverConfig> dverConfigs = dverUser.getDverConfigs(); for (DverConfig temp : dverConfigs) { dverConfig = temp; break; } Set<UserLogin> userLogins = dverUser.getUserLogins(); for (UserLogin temp : userLogins) { dverUserLogin = temp; } sendForgotPwdEmail(dverUser, dverConfig, dverUserLogin); return "success"; } else { errors.append("Given details not match with existing details."); return errors.toString(); } } else { return errors.toString(); } } catch (Exception ex) { DVERUtil.sendExceptionEmails("submitForgotPwd method of LoginController \n " + ex); logger.error("Error in submitForgotPwd....." + ex); return "error"; } } private void sendForgotPwdEmail(DverUsers dverUser, DverConfig dverConfig, UserLogin dverUserLogin) throws IOException, DocumentException, AddressException { try { PdfReader reader = new PdfReader( servletContext.getResourceAsStream("/WEB-INF/email_templates/DVER_FORGOT_PWD_FORM.pdf")); File tempFile = File.createTempFile("DVER_FORGOT_PWD_" + dverUserLogin.getUserName(), ".pdf"); PdfStamper filledOutForm = new PdfStamper(reader, new FileOutputStream(tempFile)); AcroFields form = filledOutForm.getAcroFields(); DateFormat dateFormat = new SimpleDateFormat("MM/dd/yyyy HH:mm:ss"); Date date = new Date(); form.setField("topmostSubform[0].Page1[0].notif_dt[0]", dateFormat.format(date)); form.setField("topmostSubform[0].Page1[0].contact_nm[0]", dverUser.getFname() + " " + dverUser.getLname()); form.setField("topmostSubform[0].Page1[0].company[0]", dverUser.getCompanyName()); form.setField("topmostSubform[0].Page1[0].address[0]", dverUser.getAddr1() + " " + dverUser.getAddr2()); form.setField("topmostSubform[0].Page1[0].city[0]", dverUser.getCity() + ", " + dverUser.getState() + " " + dverUser.getZip()); form.setField("topmostSubform[0].Page1[0].scac[0]", dverUser.getScac()); form.setField("topmostSubform[0].Page1[0].pwd[0]", dverUserLogin.getPassword()); filledOutForm.setFormFlattening(Boolean.TRUE); filledOutForm.close(); DVERUtil.sendEmailWithAttachments("admin@dver.intermodal.org", "DVER - Password Recovery", new InternetAddress[] { new InternetAddress(dverUser.getEmail()) }, "Please see attached to know your forgotten password.", tempFile); if (!dverUser.getEmail().equals(dverConfig.getEmail())) { PdfReader reader1 = new PdfReader( servletContext.getResourceAsStream("/WEB-INF/email_templates/DVER_FORGOT_PWD_FORM.pdf")); File tempFile1 = File.createTempFile("DVER_FORGOT_PWD_NOTIF_" + dverUserLogin.getUserName(), ".pdf"); PdfStamper filledOutForm1 = new PdfStamper(reader1, new FileOutputStream(tempFile1)); AcroFields form1 = filledOutForm1.getAcroFields(); form1.setField("topmostSubform[0].Page1[0].notif_dt[0]", dateFormat.format(date)); form1.setField("topmostSubform[0].Page1[0].contact_nm[0]", dverConfig.getFname() + " " + dverConfig.getLname()); form1.setField("topmostSubform[0].Page1[0].company[0]", dverUser.getCompanyName()); form1.setField("topmostSubform[0].Page1[0].address[0]", dverUser.getAddr1() + " " + dverUser.getAddr2()); form1.setField("topmostSubform[0].Page1[0].city[0]", dverUser.getCity() + ", " + dverUser.getState() + " " + dverUser.getZip()); form1.setField("topmostSubform[0].Page1[0].scac[0]", dverUser.getScac()); form1.setField("topmostSubform[0].Page1[0].pwd[0]", dverUserLogin.getPassword()); filledOutForm1.setFormFlattening(Boolean.TRUE); filledOutForm1.close(); DVERUtil.sendEmailWithAttachments("admin@dver.intermodal.org", "DVER - Password Recovery", new InternetAddress[] { new InternetAddress(dverConfig.getEmail()) }, "Please see attached to know your forgotten password.", tempFile1); } tempFile.deleteOnExit(); } catch (Exception ex) { logger.error("Error in sendForgotPwdEmail....." + ex); DVERUtil.sendExceptionEmails("sendForgotPwdEmail method of LoginController \n " + ex); } } /** * @return the loginService */ public LoginService getLoginService() { return loginService; } /** * @param loginService * the loginService to set */ public void setLoginService(LoginService loginService) { this.loginService = loginService; } /** * @return the securityObj */ public DverSecurityObj getSecurityObj() { return securityObj; } /** * @param securityObj * the securityObj to set */ public void setSecurityObj(DverSecurityObj securityObj) { this.securityObj = securityObj; } }