package com.mif13.authServer.controllers;
import com.mif13.authServer.dao.UsersDao;
import com.mif13.authServer.model.User;
import java.util.Optional;
import java.util.regex.PatternSyntaxException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
@RestController
@RequestMapping("users")
public class UserRestController {
private final UsersDao usersRepo;
@Autowired
public UserRestController(UsersDao usersRepo) {
this.usersRepo = usersRepo;
}
@GetMapping(value = "/{id}", produces = "application/json")
public ResponseEntity<User> getUser(@PathVariable String id) {
ResponseEntity<User> response;
Optional<User> optionalUser = usersRepo.get(id);
if (optionalUser.isPresent()) {
User user = optionalUser.get();
response = new ResponseEntity<>(user, HttpStatus.OK);
} else {
response = new ResponseEntity<>(HttpStatus.NOT_FOUND);
}
return response;
}
@PostMapping
public ResponseEntity<Void> createUser(@RequestParam("login") String login,
@RequestParam("password") String password) {
ResponseEntity<Void> response;
try {
if (verifyLogin(login) && verifyPassword(password)) {
Optional<User> optionalUser = usersRepo.get(login);
if (optionalUser.isEmpty()) {
User user = new User(login, password);
usersRepo.save(user);
response = new ResponseEntity<>(HttpStatus.CREATED);
} else {
response = new ResponseEntity<>(HttpStatus.FORBIDDEN);
}
} else {
response = new ResponseEntity<>(HttpStatus.BAD_REQUEST);
}
} catch (PatternSyntaxException e) {
response = new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
}
return response;
}
/**
* Procedure to modify the user password
* @param login
* @param new_password
* @return
*/
@PutMapping
public ResponseEntity<Void> modifyUserPassword(@RequestParam("login") String login, @RequestParam("new_password") String new_password){
ResponseEntity<Void> response;
Optional<User> optionalUser = usersRepo.get(login);
try {
if(optionalUser.isPresent()) {
User user = optionalUser.get();
if(user.isConnected()) {
user.setPassword(new_password);
response = new ResponseEntity<>(HttpStatus.NO_CONTENT);
} else response = new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
} else response = new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
} catch(Exception e) {
e.printStackTrace();
response = new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
}
return response;
}
/**
* Procedure to delet a user
* @param login
* @param new_password
* @return
*/
@DeleteMapping
public ResponseEntity<Void> deletUser(@RequestParam("login") String login, @RequestParam("password") String password){
ResponseEntity<Void> response;
Optional<User> optionalUser = usersRepo.get(login);
try {
if(optionalUser.isPresent()) {
User user = optionalUser.get();
if(user.isConnected()) {
user.disconnect();
usersRepo.delete(user);
response = new ResponseEntity<>(HttpStatus.NO_CONTENT);
} else response = new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
} else response = new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
} catch(Exception e) {
e.printStackTrace();
response = new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
}
return response;
}
private boolean verifyLogin(String login) throws PatternSyntaxException {
String regex = "^[a-zA-Z][a-zA-Z0-9._-]{3,20}$";
return login.matches(regex);
}
private boolean verifyPassword(String pwd) throws PatternSyntaxException {
String regex =
"^(?=.*[a-z])(?=.*[A-Z])(?=.*[0-9])(?=.*[!@#&()–[{}]:;',?/*~$^+=<>]).{8,25}$";
return pwd.matches(regex);
}
}