Changeset 1138

Timestamp:

Nov 15, 2010, 1:36:42 PM (12 years ago)

Author:

robert@…

Message:

Implemented ability to changed password and email address when logged in (ticket 165).

Location:

trunk/grails-app

Files:

• controllers/dbnp/authentication/UserRegistrationController.groovy (modified) (5 diffs)
• i18n/messages.spring-security-ui.properties (modified) (1 diff)
• views/common/_login_panel.gsp (modified) (1 diff)
• views/userRegistration/add.gsp (modified) (1 diff)
• views/userRegistration/index.gsp (modified) (1 diff)
• views/userRegistration/profile.gsp (added)

trunk/grails-app/controllers/dbnp/authentication/UserRegistrationController.groovy

@@ -18 +18 @@
 class UserRegistrationController {
     def springSecurityService
+        def authenticationService
     
     /**
@@ -23 +24 @@
      */
     def index = {
-
     }
 
@@ -51 +51 @@
            email: params.email,
            password: springSecurityService.encodePassword(password, params.username),
-           userConfirmed: true, adminConfirmed: true)
+           userConfirmed: false, adminConfirmed: false)
        
         // Redirect user if save fails
@@ -149 +149 @@
     }
 
+    @Secured(['IS_AUTHENTICATED_REMEMBERED'])
+        def profile = {
+                [ user: authenticationService.getLoggedInUser() ]
+        }
+
+    @Secured(['IS_AUTHENTICATED_REMEMBERED'])
+        def updateProfile = { ProfileCommand command ->
+                def user = authenticationService.getLoggedInUser();
+                command.username = user.username
+                command.oldPass = user.password
+                command.validate()
+
+                if (command.hasErrors()) {
+                        render( view: 'profile', model: [user: user, command: command]);
+                        return
+                }
+
+                String salt = user.username
+                RegistrationCode.withTransaction { status ->
+                        user.password = springSecurityService.encodePassword(command.password, salt)
+                        user.email = command.email
+                        user.save()
+                }
+
+                redirect controller: 'home'
+        }
+
     private String generatePassword( int length ) {
         String validChars = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ1234567890_-!@#%^&*()/\\;:"
@@ -163 +190 @@
         return resultID
     }
+
+        static final passwordValidator = { String password, command ->
+                if( password == "" ) {
+                        return
+                }
+
+                if (command.username && command.username.equals(password)) {
+                        return 'command.password.error.username'
+                }
+
+                if (password && password.length() >= 8 && password.length() <= 64 &&
+                                (!password.matches('^.*\\p{Alpha}.*$') ||
+                                !password.matches('^.*\\p{Digit}.*$') ||
+                                !password.matches('^.*[!@#$%^&].*$'))) {
+                        return 'command.password.error.strength'
+                }
+        }
+
+        static final password2Validator = { value, command ->
+                if (command.password != command.password2) {
+                        return 'command.password2.error.mismatch'
+                }
+        }
 }
+
+class ProfileCommand {
+
+        String username
+        String oldPass
+        String email
+        String password
+        String password2
+
+        static constraints = {
+                username blank: false
+                email blank: false, email: true
+                password blank: true, minSize: 8, maxSize: 64, validator: UserRegistrationController.passwordValidator
+                password2 validator: UserRegistrationController.password2Validator
+        }
+}
+

trunk/grails-app/i18n/messages.spring-security-ui.properties

@@ -93 +93 @@
 default.date.format=d MMM yyyy HH:mm:ss
 
+profileCommand.password.error.strength Password must have at least one letter, number, and special character: \!@\#$%^&
+profileCommand.password.minSize.notmet Password must be between 8 and 64 characters
+profileCommand.password.maxSize.exceeded Password must be between 8 and 64 characters
+profileCommand.email.email.invalid Please provide a valid email address

trunk/grails-app/views/common/_login_panel.gsp

@@ -48 +48 @@
                         <li>Hello <sec:ifLoggedIn><sec:username/></sec:ifLoggedIn>
                         <sec:ifNotLoggedIn>Guest</sec:ifNotLoggedIn>!</li>
+                        <sec:ifLoggedIn>
+                        <li class="sep">|</li>
+                        <li id="toggle">
+                          <g:link controller="userRegistration" action="profile">profile</g:link>
+                        </li>
+                        </sec:ifLoggedIn>
                         <li class="sep">|</li>
                         <li id="toggle">

trunk/grails-app/views/userRegistration/add.gsp

@@ -16 +16 @@
             N.B. An administrator must approve your account before you can use it.
           </p>
-
-          <p>Username: ${username}</p>
-          <p>Password: ${password}</p>
-
         </div>
   </body>

trunk/grails-app/views/userRegistration/index.gsp

@@ -53 +53 @@
 
               <div class='fheader'>Please enter username and email address. </div>
-              <form action='/gscf/register/add' method='POST' id='loginForm' class='cssform' autocomplete='off'>
+              <form action='/gscf/userRegistration/add' method='POST' id='loginForm' class='cssform' autocomplete='off'>
                       <p>
                               <label for='username'>Username</label>