Throyer
diff --git a/‎src/main/java/com/github/throyer/common/springboot/controllers/api/RecoveriesController.java
Lines changed: 13 additions & 5 deletions b/‎src/main/java/com/github/throyer/common/springboot/controllers/api/RecoveriesController.java
Lines changed: 13 additions & 5 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/controllers/app/RecoveryController.java
Lines changed: 38 additions & 11 deletions b/‎src/main/java/com/github/throyer/common/springboot/controllers/app/RecoveryController.java
Lines changed: 38 additions & 11 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/domain/services/recovery/RecoveryConfirmService.java
Lines changed: 73 additions & 0 deletions b/‎src/main/java/com/github/throyer/common/springboot/domain/services/recovery/RecoveryConfirmService.java
Lines changed: 73 additions & 0 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/domain/services/recovery/RecoveryService.java
Lines changed: 63 additions & 0 deletions b/‎src/main/java/com/github/throyer/common/springboot/domain/services/recovery/RecoveryService.java
Lines changed: 63 additions & 0 deletions
diff --git a/‎src/main/java/com/github/throyer/common/springboot/domain/services/recovery/RecoveryUpdateService.java
Lines changed: 73 additions & 0 deletions b/‎src/main/java/com/github/throyer/common/springboot/domain/services/recovery/RecoveryUpdateService.java
Lines changed: 73 additions & 0 deletions
@@ -1,8 +1,10 @@
 package com.github.throyer.common.springboot.controllers.api;
 
+import com.github.throyer.common.springboot.domain.services.recovery.RecoveryConfirmService;
+import com.github.throyer.common.springboot.domain.services.recovery.RecoveryService;
+import com.github.throyer.common.springboot.domain.services.recovery.RecoveryUpdateService;
 import static org.springframework.http.HttpStatus.NO_CONTENT;
 
-import com.github.throyer.common.springboot.domain.services.user.RecoveryPasswordService;
 import com.github.throyer.common.springboot.domain.services.user.dto.RecoveryConfirm;
 import com.github.throyer.common.springboot.domain.services.user.dto.RecoveryRequest;
 import com.github.throyer.common.springboot.domain.services.user.dto.RecoveryUpdate;
@@ -22,22 +24,28 @@
 public class RecoveriesController {
 
     @Autowired
-    private RecoveryPasswordService service;
+    private RecoveryService recoveryService;
+    
+    @Autowired
+    private RecoveryConfirmService confirmService;
+    
+    @Autowired
+    private RecoveryUpdateService updateService;
 
     @PostMapping
     @ResponseStatus(NO_CONTENT)
     public void index(@RequestBody RecoveryRequest request) {        
-        service.recovery(request.getEmail());
+        recoveryService.recovery(request.getEmail());
     }
 
     @PostMapping("/confirm")
     public void confirm(@RequestBody RecoveryConfirm confirm) {        
-        service.confirm(confirm.getEmail(), confirm.getCode());
+        confirmService.confirm(confirm.getEmail(), confirm.getCode());
     }
 
     @PostMapping("/update")
     @ResponseStatus(NO_CONTENT)
     public void update(@RequestBody RecoveryUpdate update) {        
-        service.update(update.getEmail(), update.getCode(), update.getPassword());
+        updateService.update(update.getEmail(), update.getCode(), update.getPassword());
     }
 }
@@ -1,8 +1,11 @@
 package com.github.throyer.common.springboot.controllers.app;
 
-import com.github.throyer.common.springboot.domain.services.user.RecoveryPasswordService;
+import com.github.throyer.common.springboot.domain.services.recovery.RecoveryConfirmService;
+import com.github.throyer.common.springboot.domain.services.recovery.RecoveryService;
+import com.github.throyer.common.springboot.domain.services.recovery.RecoveryUpdateService;
 import com.github.throyer.common.springboot.domain.services.user.dto.Codes;
 import com.github.throyer.common.springboot.domain.services.user.dto.RecoveryRequest;
+import com.github.throyer.common.springboot.domain.services.user.dto.Update;
 import javax.validation.Valid;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
@@ -11,41 +14,65 @@
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
 
 @Controller
 @RequestMapping("/app/recovery")
 public class RecoveryController {
 
     @Autowired
-    private RecoveryPasswordService service;
-
+    private RecoveryService recoveryService;
+    
+    @Autowired
+    private RecoveryConfirmService confirmService;
+    
+    @Autowired
+    private RecoveryUpdateService updateService;
+    
     @GetMapping
     public String index(Model model) {
         model.addAttribute("recovery", new RecoveryRequest());
         return "/app/recovery/index";
     }
 
     @PostMapping
-    public String create(
+    public String index(
         @Valid RecoveryRequest recovery,
         BindingResult result,
         Model model
     ) {
-        return service.recovery(recovery, result, model);
+        return recoveryService.recovery(recovery, result, model);
     }
 
-    @GetMapping("/confirm")
-    public String codes(Model model) {
-        model.addAttribute("codes", new Codes());
-        return "/app/recovery/confirm";
-    }
+//    @GetMapping("/confirm")
+//    public String confirm(Model model) {
+//        model.addAttribute("codes", new Codes());
+//        return "/app/recovery/confirm";
+//    }
 
     @PostMapping("/confirm")
     public String confirm(
         @Valid Codes codes,
         BindingResult result,
+        RedirectAttributes redirect,
+        Model model
+    ) {
+        return confirmService.confirm(codes, result, model, redirect);
+    }
+
+//    @GetMapping("/update")
+//    public String update(Model model) {
+//        model.addAttribute("update", new Update());
+//        return "/app/recovery/update";
+//    }
+
+    @PostMapping("/update")
+    public String update(
+        @Valid Update update,
+        BindingResult result,
+        RedirectAttributes redirect,
         Model model
     ) {
-        return service.confirm(codes, result, model);
+        return updateService.update(update, result, model, redirect);
     }
 }
@@ -0,0 +1,73 @@
+package com.github.throyer.common.springboot.domain.services.recovery;
+
+import com.github.throyer.common.springboot.domain.models.shared.Type;
+import com.github.throyer.common.springboot.domain.repositories.RecoveryRepository;
+import com.github.throyer.common.springboot.domain.repositories.UserRepository;
+import com.github.throyer.common.springboot.domain.services.user.dto.Codes;
+import com.github.throyer.common.springboot.domain.services.user.dto.Update;
+import com.github.throyer.common.springboot.utils.Toasts;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Service;
+import org.springframework.ui.Model;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.server.ResponseStatusException;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
+
+@Service
+public class RecoveryConfirmService {
+
+    @Autowired
+    private UserRepository users;
+
+    @Autowired
+    private RecoveryRepository recoveries;
+
+    public String confirm(Codes codes, BindingResult result, Model model, RedirectAttributes redirect) {
+        
+        if (result.hasErrors()) {
+            Toasts.add(model, result);
+            model.addAttribute("confirm", codes);
+            return "/app/recovery/confirm";
+        }
+
+        try {
+            
+            confirm(codes.getEmail(), codes.code());
+            return "redirect:/app/recovery/update";
+            
+        } catch (ResponseStatusException exception) {
+            
+            if (exception.getStatus().equals(HttpStatus.FORBIDDEN)) {
+                
+                Toasts.add(model, "Código expirado ou invalido.", Type.DANGER);
+                model.addAttribute("confirm", codes);
+                
+                return "/app/recovery/confirm";
+            }
+            
+            model.addAttribute("update", new Update(codes));
+            
+            return "/app/recovery/update";
+        }
+    }
+
+    public void confirm(String email, String code) {
+        var user = users.findOptionalByEmail(email)
+                .orElseThrow(() -> new ResponseStatusException(HttpStatus.FORBIDDEN));
+
+        var recovery = recoveries
+                .findFirstOptionalByUser_IdAndConfirmedIsFalseAndUsedIsFalseOrderByExpiresInDesc(user.getId())
+                .orElseThrow(() -> new ResponseStatusException(HttpStatus.FORBIDDEN));
+
+        if (!recovery.nonExpired() || !recovery.getCode().equals(code)) {
+            throw new ResponseStatusException(HttpStatus.FORBIDDEN);
+        }
+
+        recovery.setConfirmed(true);
+
+        recoveries.save(recovery);
+
+        throw new ResponseStatusException(HttpStatus.NO_CONTENT);
+    }
+}
@@ -0,0 +1,63 @@
+package com.github.throyer.common.springboot.domain.services.recovery;
+
+import com.github.throyer.common.springboot.domain.models.emails.RecoveryEmail;
+import com.github.throyer.common.springboot.domain.models.entity.Recovery;
+import com.github.throyer.common.springboot.domain.repositories.RecoveryRepository;
+import com.github.throyer.common.springboot.domain.repositories.UserRepository;
+import com.github.throyer.common.springboot.domain.services.email.MailService;
+import com.github.throyer.common.springboot.domain.services.user.dto.Codes;
+import com.github.throyer.common.springboot.domain.services.user.dto.RecoveryRequest;
+import com.github.throyer.common.springboot.utils.Toasts;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.springframework.ui.Model;
+import org.springframework.validation.BindingResult;
+
+@Service
+public class RecoveryService {
+
+    @Autowired
+    private UserRepository users;
+
+    @Autowired
+    private RecoveryRepository recoveries;
+
+    @Autowired
+    private MailService service;
+    
+        public String recovery(RecoveryRequest recovery, BindingResult result, Model model) {
+        
+        if (result.hasErrors()) {
+            Toasts.add(model, result);
+            model.addAttribute("recovery", recovery);
+            return "/app/recovery/index";
+        }
+        
+        var email = recovery.getEmail();
+        
+        recovery(email);
+        
+        model.addAttribute("codes", new Codes(email));
+        
+        return "/app/recovery/confirm";
+    }
+    
+    public void recovery(String email) {
+        var user = users.findOptionalByEmail(email);
+
+        if (user.isEmpty()) {
+            return;
+        }
+
+        var minutesToExpire = 20;
+
+        var recovery = new Recovery(user.get(), minutesToExpire);
+
+        recoveries.save(recovery);
+
+        try {
+            var recoveryEmail = new RecoveryEmail(email, "password recovery code", recovery.getCode());
+            service.send(recoveryEmail);
+        } catch (Exception exception) { }
+    }
+}
@@ -0,0 +1,73 @@
+package com.github.throyer.common.springboot.domain.services.recovery;
+
+import com.github.throyer.common.springboot.domain.models.shared.Type;
+import com.github.throyer.common.springboot.domain.repositories.RecoveryRepository;
+import com.github.throyer.common.springboot.domain.repositories.UserRepository;
+import com.github.throyer.common.springboot.domain.services.user.dto.Update;
+import com.github.throyer.common.springboot.utils.Toasts;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Service;
+import org.springframework.ui.Model;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.server.ResponseStatusException;
+import org.springframework.web.servlet.mvc.support.RedirectAttributes;
+
+@Service
+public class RecoveryUpdateService {
+
+    @Autowired
+    private UserRepository users;
+
+    @Autowired
+    private RecoveryRepository recoveries;
+
+    public String update(
+        Update update,
+        BindingResult result,
+        Model model,
+        RedirectAttributes redirect
+    ) {
+        
+        update.validate(result);
+        
+        if (result.hasErrors()) {
+            Toasts.add(model, result);
+            model.addAttribute("update", update);
+            return "/app/recovery/update";
+        }
+
+        try {
+            update(update.getEmail(), update.code(), update.getPassword());
+            return "redirect:/app/login";
+        } catch (ResponseStatusException exception) {
+            if (exception.getStatus().equals(HttpStatus.FORBIDDEN)) {
+                Toasts.add(model, "Código expirado ou invalido.", Type.DANGER);
+                model.addAttribute("update", update);
+                return "/app/recovery/update";
+            }
+            
+            Toasts.add(redirect, "Sua senha foi atualizada com sucesso.", Type.SUCCESS);
+            return "redirect:/app/login";
+        }
+    }
+
+    public void update(String email, String code, String password) {
+        var user = users.findOptionalByEmail(email)
+                .orElseThrow(() -> new ResponseStatusException(HttpStatus.FORBIDDEN));
+
+        var recovery = recoveries
+                .findFirstOptionalByUser_IdAndConfirmedIsTrueAndUsedIsFalseOrderByExpiresInDesc(user.getId())
+                .orElseThrow(() -> new ResponseStatusException(HttpStatus.FORBIDDEN));
+
+        if (!recovery.nonExpired() || !recovery.getCode().equals(code)) {
+            throw new ResponseStatusException(HttpStatus.FORBIDDEN);
+        }
+
+        user.updatePassword(password);
+        users.save(user);
+
+        recovery.setUsed(true);
+        recoveries.save(recovery);
+    }
+}