├── .gitignore ├── .mvn └── wrapper │ ├── MavenWrapperDownloader.java │ ├── maven-wrapper.jar │ └── maven-wrapper.properties ├── README.md ├── mvnw ├── mvnw.cmd ├── pom.xml └── src ├── main ├── java │ └── com │ │ └── spring │ │ └── verification │ │ └── springbackendverification │ │ ├── SpringBackendVerificationApplication.java │ │ ├── controller │ │ └── RegistrationController.java │ │ ├── email │ │ ├── EmailSender.java │ │ └── EmailService.java │ │ ├── model │ │ ├── AppUser.java │ │ ├── AppUserRole.java │ │ └── RegistrationRequest.java │ │ ├── repository │ │ └── AppUserRepository.java │ │ ├── security │ │ ├── EmailValidator.java │ │ ├── PasswordEncoder.java │ │ ├── config │ │ │ └── WebSecurityConfig.java │ │ └── token │ │ │ ├── ConfirmationToken.java │ │ │ ├── ConfirmationTokenRepository.java │ │ │ └── ConfirmationTokenService.java │ │ └── service │ │ ├── AppUserService.java │ │ └── RegistrationService.java └── resources │ └── application.properties └── test └── java └── com └── spring └── verification └── springbackendverification └── SpringBackendVerificationApplicationTests.java /.gitignore: -------------------------------------------------------------------------------- 1 | HELP.md 2 | target/ 3 | !.mvn/wrapper/maven-wrapper.jar 4 | !**/src/main/**/target/ 5 | !**/src/test/**/target/ 6 | 7 | ### STS ### 8 | .apt_generated 9 | .classpath 10 | .factorypath 11 | .project 12 | .settings 13 | .springBeans 14 | .sts4-cache 15 | 16 | ### IntelliJ IDEA ### 17 | .idea 18 | *.iws 19 | *.iml 20 | *.ipr 21 | 22 | ### NetBeans ### 23 | /nbproject/private/ 24 | /nbbuild/ 25 | /dist/ 26 | /nbdist/ 27 | /.nb-gradle/ 28 | build/ 29 | !**/src/main/**/build/ 30 | !**/src/test/**/build/ 31 | 32 | ### VS Code ### 33 | .vscode/ 34 | -------------------------------------------------------------------------------- /.mvn/wrapper/MavenWrapperDownloader.java: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright 2007-present the original author or authors. 3 | * 4 | * Licensed under the Apache License, Version 2.0 (the "License"); 5 | * you may not use this file except in compliance with the License. 6 | * You may obtain a copy of the License at 7 | * 8 | * https://www.apache.org/licenses/LICENSE-2.0 9 | * 10 | * Unless required by applicable law or agreed to in writing, software 11 | * distributed under the License is distributed on an "AS IS" BASIS, 12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 | * See the License for the specific language governing permissions and 14 | * limitations under the License. 15 | */ 16 | import java.net.*; 17 | import java.io.*; 18 | import java.nio.channels.*; 19 | import java.util.Properties; 20 | 21 | public class MavenWrapperDownloader { 22 | 23 | private static final String WRAPPER_VERSION = "0.5.6"; 24 | /** 25 | * Default URL to download the maven-wrapper.jar from, if no 'downloadUrl' is provided. 26 | */ 27 | private static final String DEFAULT_DOWNLOAD_URL = "https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/" 28 | + WRAPPER_VERSION + "/maven-wrapper-" + WRAPPER_VERSION + ".jar"; 29 | 30 | /** 31 | * Path to the maven-wrapper.properties file, which might contain a downloadUrl property to 32 | * use instead of the default one. 33 | */ 34 | private static final String MAVEN_WRAPPER_PROPERTIES_PATH = 35 | ".mvn/wrapper/maven-wrapper.properties"; 36 | 37 | /** 38 | * Path where the maven-wrapper.jar will be saved to. 39 | */ 40 | private static final String MAVEN_WRAPPER_JAR_PATH = 41 | ".mvn/wrapper/maven-wrapper.jar"; 42 | 43 | /** 44 | * Name of the property which should be used to override the default download url for the wrapper. 45 | */ 46 | private static final String PROPERTY_NAME_WRAPPER_URL = "wrapperUrl"; 47 | 48 | public static void main(String args[]) { 49 | System.out.println("- Downloader started"); 50 | File baseDirectory = new File(args[0]); 51 | System.out.println("- Using base directory: " + baseDirectory.getAbsolutePath()); 52 | 53 | // If the maven-wrapper.properties exists, read it and check if it contains a custom 54 | // wrapperUrl parameter. 55 | File mavenWrapperPropertyFile = new File(baseDirectory, MAVEN_WRAPPER_PROPERTIES_PATH); 56 | String url = DEFAULT_DOWNLOAD_URL; 57 | if(mavenWrapperPropertyFile.exists()) { 58 | FileInputStream mavenWrapperPropertyFileInputStream = null; 59 | try { 60 | mavenWrapperPropertyFileInputStream = new FileInputStream(mavenWrapperPropertyFile); 61 | Properties mavenWrapperProperties = new Properties(); 62 | mavenWrapperProperties.load(mavenWrapperPropertyFileInputStream); 63 | url = mavenWrapperProperties.getProperty(PROPERTY_NAME_WRAPPER_URL, url); 64 | } catch (IOException e) { 65 | System.out.println("- ERROR loading '" + MAVEN_WRAPPER_PROPERTIES_PATH + "'"); 66 | } finally { 67 | try { 68 | if(mavenWrapperPropertyFileInputStream != null) { 69 | mavenWrapperPropertyFileInputStream.close(); 70 | } 71 | } catch (IOException e) { 72 | // Ignore ... 73 | } 74 | } 75 | } 76 | System.out.println("- Downloading from: " + url); 77 | 78 | File outputFile = new File(baseDirectory.getAbsolutePath(), MAVEN_WRAPPER_JAR_PATH); 79 | if(!outputFile.getParentFile().exists()) { 80 | if(!outputFile.getParentFile().mkdirs()) { 81 | System.out.println( 82 | "- ERROR creating output directory '" + outputFile.getParentFile().getAbsolutePath() + "'"); 83 | } 84 | } 85 | System.out.println("- Downloading to: " + outputFile.getAbsolutePath()); 86 | try { 87 | downloadFileFromURL(url, outputFile); 88 | System.out.println("Done"); 89 | System.exit(0); 90 | } catch (Throwable e) { 91 | System.out.println("- Error downloading"); 92 | e.printStackTrace(); 93 | System.exit(1); 94 | } 95 | } 96 | 97 | private static void downloadFileFromURL(String urlString, File destination) throws Exception { 98 | if (System.getenv("MVNW_USERNAME") != null && System.getenv("MVNW_PASSWORD") != null) { 99 | String username = System.getenv("MVNW_USERNAME"); 100 | char[] password = System.getenv("MVNW_PASSWORD").toCharArray(); 101 | Authenticator.setDefault(new Authenticator() { 102 | @Override 103 | protected PasswordAuthentication getPasswordAuthentication() { 104 | return new PasswordAuthentication(username, password); 105 | } 106 | }); 107 | } 108 | URL website = new URL(urlString); 109 | ReadableByteChannel rbc; 110 | rbc = Channels.newChannel(website.openStream()); 111 | FileOutputStream fos = new FileOutputStream(destination); 112 | fos.getChannel().transferFrom(rbc, 0, Long.MAX_VALUE); 113 | fos.close(); 114 | rbc.close(); 115 | } 116 | 117 | } 118 | -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/ritish78/Spring-Email-Verification/470626a3d5397a6bd9dfea098720475ccbb761a5/.mvn/wrapper/maven-wrapper.jar -------------------------------------------------------------------------------- /.mvn/wrapper/maven-wrapper.properties: -------------------------------------------------------------------------------- 1 | distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.6.3/apache-maven-3.6.3-bin.zip 2 | wrapperUrl=https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar 3 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Spring-Email-Verification 2 | A Spring Boot project to send and verify email using tokens 3 | 4 | # Prerequisite: 5 | 1. Node.js installed 6 | 7 | # How to install: 8 | 9 | There are two ways by which you can try this out: 10 | Easy way is to use Docker: 11 | ``` 12 | docker pull ritish56/spring-email-verification 13 | ``` 14 | Then, to run the docker image: 15 | ``` 16 | docker run -p 8090:8090 ritish56/spring-email-verification 17 | ``` 18 | You also need to start Maildev. To do so, in separate terminal, give command: 19 | ``` 20 | docker pull maildev/maildev 21 | ``` 22 | Then, run the maildev with the required port: 23 | ``` 24 | docker run -p 1025:1025 -p 1080:1080 maildev/maildev 25 | ``` 26 | 27 | And the second way is to clone the repo if you don't have docker. In terminal: 28 | 29 | ```` 30 | git clone https://github.com/ritish78/Spring-Email-Verification.git 31 | ```` 32 | 33 | Then, after this repository is installed. Open the project in IDE using Maven. Then in terminal of IDE, 34 | 35 | ```` 36 | mvn clean install 37 | ```` 38 | 39 | Before starting the Spring Boot application, you need to install [Maildev](https://github.com/maildev/maildev). 40 | To install Maildev, you can follow their Readme for latest updates or you can follow: 41 | 42 | First verify if Node is installed or not. In terminal run: 43 | ```` 44 | Node -v 45 | ```` 46 | If it shows any version like: 47 | ```` 48 | v15.14.1 49 | ```` 50 | then, Node is installed properly. If not install [Node](https://nodejs.org/en/). 51 | If Node is installed then in terminal: 52 | ```` 53 | npm install -g maildev 54 | ```` 55 | Then, after the installation of maildev, type in terminal: 56 | ```` 57 | maildev 58 | ```` 59 | Maildev should start on Port 1080. [Link](http://localhost:1080/#/) 60 | 61 | Then, run the Spring Boot application by: 62 | ```` 63 | mvn spring-boot:run 64 | ```` 65 | 66 | Tomcat should start on port 8090. 67 | 68 | # Usage: 69 | 70 | * Creating a user using Postman. Send a POST request to: http://localhost:8090/api/v1/registration with JSON body of User. 71 | ```` 72 | { 73 | "firstName": "Ritish", 74 | "lastName": "Testing", 75 | "email": "ritish78@email.com", 76 | "password": "password" 77 | } 78 | ```` 79 | 80 | ![In Postman creating a user](https://user-images.githubusercontent.com/36816476/105572756-40a1c100-5dad-11eb-9d81-fb7e8c0217ac.PNG) 81 | 82 | * Checking the user in database. Here, we are using H2 database. 83 | ![User in database before accepting the token](https://user-images.githubusercontent.com/36816476/105572898-ff5de100-5dad-11eb-96c9-506539ae71c9.PNG) 84 | We can see that the user is not enabled by default, as the email verification is not done. 85 | 86 | * Checking the created token in databse. 87 | ![Confirmation Token](https://user-images.githubusercontent.com/36816476/105572927-2e745280-5dae-11eb-9ae6-526bd4dfb765.PNG) 88 | 89 | * In [Mail Service](http://localhost:1080/#/), we get an email for confirmation: 90 | ![Confirmation Email](https://user-images.githubusercontent.com/36816476/105572974-67142c00-5dae-11eb-8c7e-f7cbc9a9610e.PNG) 91 | 92 | * Then after the user clicks the 'Activate Now' link: 93 | ![After clicking the Activate Now in mail](https://user-images.githubusercontent.com/36816476/105572986-83b06400-5dae-11eb-8ac3-34e3d57a7421.PNG) 94 | 95 | * After the activation of the email is successful, we can see in AppUser table, 'Enabled' column is true for the verified user. 96 | ![After the user clicks Activate Now, the email is enabled](https://user-images.githubusercontent.com/36816476/105573018-b78b8980-5dae-11eb-9050-1e85d0c8c32b.PNG) 97 | -------------------------------------------------------------------------------- /mvnw: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # ---------------------------------------------------------------------------- 3 | # Licensed to the Apache Software Foundation (ASF) under one 4 | # or more contributor license agreements. See the NOTICE file 5 | # distributed with this work for additional information 6 | # regarding copyright ownership. The ASF licenses this file 7 | # to you under the Apache License, Version 2.0 (the 8 | # "License"); you may not use this file except in compliance 9 | # with the License. You may obtain a copy of the License at 10 | # 11 | # https://www.apache.org/licenses/LICENSE-2.0 12 | # 13 | # Unless required by applicable law or agreed to in writing, 14 | # software distributed under the License is distributed on an 15 | # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 | # KIND, either express or implied. See the License for the 17 | # specific language governing permissions and limitations 18 | # under the License. 19 | # ---------------------------------------------------------------------------- 20 | 21 | # ---------------------------------------------------------------------------- 22 | # Maven Start Up Batch script 23 | # 24 | # Required ENV vars: 25 | # ------------------ 26 | # JAVA_HOME - location of a JDK home dir 27 | # 28 | # Optional ENV vars 29 | # ----------------- 30 | # M2_HOME - location of maven2's installed home dir 31 | # MAVEN_OPTS - parameters passed to the Java VM when running Maven 32 | # e.g. to debug Maven itself, use 33 | # set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 34 | # MAVEN_SKIP_RC - flag to disable loading of mavenrc files 35 | # ---------------------------------------------------------------------------- 36 | 37 | if [ -z "$MAVEN_SKIP_RC" ] ; then 38 | 39 | if [ -f /etc/mavenrc ] ; then 40 | . /etc/mavenrc 41 | fi 42 | 43 | if [ -f "$HOME/.mavenrc" ] ; then 44 | . "$HOME/.mavenrc" 45 | fi 46 | 47 | fi 48 | 49 | # OS specific support. $var _must_ be set to either true or false. 50 | cygwin=false; 51 | darwin=false; 52 | mingw=false 53 | case "`uname`" in 54 | CYGWIN*) cygwin=true ;; 55 | MINGW*) mingw=true;; 56 | Darwin*) darwin=true 57 | # Use /usr/libexec/java_home if available, otherwise fall back to /Library/Java/Home 58 | # See https://developer.apple.com/library/mac/qa/qa1170/_index.html 59 | if [ -z "$JAVA_HOME" ]; then 60 | if [ -x "/usr/libexec/java_home" ]; then 61 | export JAVA_HOME="`/usr/libexec/java_home`" 62 | else 63 | export JAVA_HOME="/Library/Java/Home" 64 | fi 65 | fi 66 | ;; 67 | esac 68 | 69 | if [ -z "$JAVA_HOME" ] ; then 70 | if [ -r /etc/gentoo-release ] ; then 71 | JAVA_HOME=`java-config --jre-home` 72 | fi 73 | fi 74 | 75 | if [ -z "$M2_HOME" ] ; then 76 | ## resolve links - $0 may be a link to maven's home 77 | PRG="$0" 78 | 79 | # need this for relative symlinks 80 | while [ -h "$PRG" ] ; do 81 | ls=`ls -ld "$PRG"` 82 | link=`expr "$ls" : '.*-> \(.*\)$'` 83 | if expr "$link" : '/.*' > /dev/null; then 84 | PRG="$link" 85 | else 86 | PRG="`dirname "$PRG"`/$link" 87 | fi 88 | done 89 | 90 | saveddir=`pwd` 91 | 92 | M2_HOME=`dirname "$PRG"`/.. 93 | 94 | # make it fully qualified 95 | M2_HOME=`cd "$M2_HOME" && pwd` 96 | 97 | cd "$saveddir" 98 | # echo Using m2 at $M2_HOME 99 | fi 100 | 101 | # For Cygwin, ensure paths are in UNIX format before anything is touched 102 | if $cygwin ; then 103 | [ -n "$M2_HOME" ] && 104 | M2_HOME=`cygpath --unix "$M2_HOME"` 105 | [ -n "$JAVA_HOME" ] && 106 | JAVA_HOME=`cygpath --unix "$JAVA_HOME"` 107 | [ -n "$CLASSPATH" ] && 108 | CLASSPATH=`cygpath --path --unix "$CLASSPATH"` 109 | fi 110 | 111 | # For Mingw, ensure paths are in UNIX format before anything is touched 112 | if $mingw ; then 113 | [ -n "$M2_HOME" ] && 114 | M2_HOME="`(cd "$M2_HOME"; pwd)`" 115 | [ -n "$JAVA_HOME" ] && 116 | JAVA_HOME="`(cd "$JAVA_HOME"; pwd)`" 117 | fi 118 | 119 | if [ -z "$JAVA_HOME" ]; then 120 | javaExecutable="`which javac`" 121 | if [ -n "$javaExecutable" ] && ! [ "`expr \"$javaExecutable\" : '\([^ ]*\)'`" = "no" ]; then 122 | # readlink(1) is not available as standard on Solaris 10. 123 | readLink=`which readlink` 124 | if [ ! `expr "$readLink" : '\([^ ]*\)'` = "no" ]; then 125 | if $darwin ; then 126 | javaHome="`dirname \"$javaExecutable\"`" 127 | javaExecutable="`cd \"$javaHome\" && pwd -P`/javac" 128 | else 129 | javaExecutable="`readlink -f \"$javaExecutable\"`" 130 | fi 131 | javaHome="`dirname \"$javaExecutable\"`" 132 | javaHome=`expr "$javaHome" : '\(.*\)/bin'` 133 | JAVA_HOME="$javaHome" 134 | export JAVA_HOME 135 | fi 136 | fi 137 | fi 138 | 139 | if [ -z "$JAVACMD" ] ; then 140 | if [ -n "$JAVA_HOME" ] ; then 141 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then 142 | # IBM's JDK on AIX uses strange locations for the executables 143 | JAVACMD="$JAVA_HOME/jre/sh/java" 144 | else 145 | JAVACMD="$JAVA_HOME/bin/java" 146 | fi 147 | else 148 | JAVACMD="`which java`" 149 | fi 150 | fi 151 | 152 | if [ ! -x "$JAVACMD" ] ; then 153 | echo "Error: JAVA_HOME is not defined correctly." >&2 154 | echo " We cannot execute $JAVACMD" >&2 155 | exit 1 156 | fi 157 | 158 | if [ -z "$JAVA_HOME" ] ; then 159 | echo "Warning: JAVA_HOME environment variable is not set." 160 | fi 161 | 162 | CLASSWORLDS_LAUNCHER=org.codehaus.plexus.classworlds.launcher.Launcher 163 | 164 | # traverses directory structure from process work directory to filesystem root 165 | # first directory with .mvn subdirectory is considered project base directory 166 | find_maven_basedir() { 167 | 168 | if [ -z "$1" ] 169 | then 170 | echo "Path not specified to find_maven_basedir" 171 | return 1 172 | fi 173 | 174 | basedir="$1" 175 | wdir="$1" 176 | while [ "$wdir" != '/' ] ; do 177 | if [ -d "$wdir"/.mvn ] ; then 178 | basedir=$wdir 179 | break 180 | fi 181 | # workaround for JBEAP-8937 (on Solaris 10/Sparc) 182 | if [ -d "${wdir}" ]; then 183 | wdir=`cd "$wdir/.."; pwd` 184 | fi 185 | # end of workaround 186 | done 187 | echo "${basedir}" 188 | } 189 | 190 | # concatenates all lines of a file 191 | concat_lines() { 192 | if [ -f "$1" ]; then 193 | echo "$(tr -s '\n' ' ' < "$1")" 194 | fi 195 | } 196 | 197 | BASE_DIR=`find_maven_basedir "$(pwd)"` 198 | if [ -z "$BASE_DIR" ]; then 199 | exit 1; 200 | fi 201 | 202 | ########################################################################################## 203 | # Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 204 | # This allows using the maven wrapper in projects that prohibit checking in binary data. 205 | ########################################################################################## 206 | if [ -r "$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" ]; then 207 | if [ "$MVNW_VERBOSE" = true ]; then 208 | echo "Found .mvn/wrapper/maven-wrapper.jar" 209 | fi 210 | else 211 | if [ "$MVNW_VERBOSE" = true ]; then 212 | echo "Couldn't find .mvn/wrapper/maven-wrapper.jar, downloading it ..." 213 | fi 214 | if [ -n "$MVNW_REPOURL" ]; then 215 | jarUrl="$MVNW_REPOURL/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 216 | else 217 | jarUrl="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 218 | fi 219 | while IFS="=" read key value; do 220 | case "$key" in (wrapperUrl) jarUrl="$value"; break ;; 221 | esac 222 | done < "$BASE_DIR/.mvn/wrapper/maven-wrapper.properties" 223 | if [ "$MVNW_VERBOSE" = true ]; then 224 | echo "Downloading from: $jarUrl" 225 | fi 226 | wrapperJarPath="$BASE_DIR/.mvn/wrapper/maven-wrapper.jar" 227 | if $cygwin; then 228 | wrapperJarPath=`cygpath --path --windows "$wrapperJarPath"` 229 | fi 230 | 231 | if command -v wget > /dev/null; then 232 | if [ "$MVNW_VERBOSE" = true ]; then 233 | echo "Found wget ... using wget" 234 | fi 235 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 236 | wget "$jarUrl" -O "$wrapperJarPath" 237 | else 238 | wget --http-user=$MVNW_USERNAME --http-password=$MVNW_PASSWORD "$jarUrl" -O "$wrapperJarPath" 239 | fi 240 | elif command -v curl > /dev/null; then 241 | if [ "$MVNW_VERBOSE" = true ]; then 242 | echo "Found curl ... using curl" 243 | fi 244 | if [ -z "$MVNW_USERNAME" ] || [ -z "$MVNW_PASSWORD" ]; then 245 | curl -o "$wrapperJarPath" "$jarUrl" -f 246 | else 247 | curl --user $MVNW_USERNAME:$MVNW_PASSWORD -o "$wrapperJarPath" "$jarUrl" -f 248 | fi 249 | 250 | else 251 | if [ "$MVNW_VERBOSE" = true ]; then 252 | echo "Falling back to using Java to download" 253 | fi 254 | javaClass="$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.java" 255 | # For Cygwin, switch paths to Windows format before running javac 256 | if $cygwin; then 257 | javaClass=`cygpath --path --windows "$javaClass"` 258 | fi 259 | if [ -e "$javaClass" ]; then 260 | if [ ! -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 261 | if [ "$MVNW_VERBOSE" = true ]; then 262 | echo " - Compiling MavenWrapperDownloader.java ..." 263 | fi 264 | # Compiling the Java class 265 | ("$JAVA_HOME/bin/javac" "$javaClass") 266 | fi 267 | if [ -e "$BASE_DIR/.mvn/wrapper/MavenWrapperDownloader.class" ]; then 268 | # Running the downloader 269 | if [ "$MVNW_VERBOSE" = true ]; then 270 | echo " - Running MavenWrapperDownloader.java ..." 271 | fi 272 | ("$JAVA_HOME/bin/java" -cp .mvn/wrapper MavenWrapperDownloader "$MAVEN_PROJECTBASEDIR") 273 | fi 274 | fi 275 | fi 276 | fi 277 | ########################################################################################## 278 | # End of extension 279 | ########################################################################################## 280 | 281 | export MAVEN_PROJECTBASEDIR=${MAVEN_BASEDIR:-"$BASE_DIR"} 282 | if [ "$MVNW_VERBOSE" = true ]; then 283 | echo $MAVEN_PROJECTBASEDIR 284 | fi 285 | MAVEN_OPTS="$(concat_lines "$MAVEN_PROJECTBASEDIR/.mvn/jvm.config") $MAVEN_OPTS" 286 | 287 | # For Cygwin, switch paths to Windows format before running java 288 | if $cygwin; then 289 | [ -n "$M2_HOME" ] && 290 | M2_HOME=`cygpath --path --windows "$M2_HOME"` 291 | [ -n "$JAVA_HOME" ] && 292 | JAVA_HOME=`cygpath --path --windows "$JAVA_HOME"` 293 | [ -n "$CLASSPATH" ] && 294 | CLASSPATH=`cygpath --path --windows "$CLASSPATH"` 295 | [ -n "$MAVEN_PROJECTBASEDIR" ] && 296 | MAVEN_PROJECTBASEDIR=`cygpath --path --windows "$MAVEN_PROJECTBASEDIR"` 297 | fi 298 | 299 | # Provide a "standardized" way to retrieve the CLI args that will 300 | # work with both Windows and non-Windows executions. 301 | MAVEN_CMD_LINE_ARGS="$MAVEN_CONFIG $@" 302 | export MAVEN_CMD_LINE_ARGS 303 | 304 | WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 305 | 306 | exec "$JAVACMD" \ 307 | $MAVEN_OPTS \ 308 | -classpath "$MAVEN_PROJECTBASEDIR/.mvn/wrapper/maven-wrapper.jar" \ 309 | "-Dmaven.home=${M2_HOME}" "-Dmaven.multiModuleProjectDirectory=${MAVEN_PROJECTBASEDIR}" \ 310 | ${WRAPPER_LAUNCHER} $MAVEN_CONFIG "$@" 311 | -------------------------------------------------------------------------------- /mvnw.cmd: -------------------------------------------------------------------------------- 1 | @REM ---------------------------------------------------------------------------- 2 | @REM Licensed to the Apache Software Foundation (ASF) under one 3 | @REM or more contributor license agreements. See the NOTICE file 4 | @REM distributed with this work for additional information 5 | @REM regarding copyright ownership. The ASF licenses this file 6 | @REM to you under the Apache License, Version 2.0 (the 7 | @REM "License"); you may not use this file except in compliance 8 | @REM with the License. You may obtain a copy of the License at 9 | @REM 10 | @REM https://www.apache.org/licenses/LICENSE-2.0 11 | @REM 12 | @REM Unless required by applicable law or agreed to in writing, 13 | @REM software distributed under the License is distributed on an 14 | @REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 15 | @REM KIND, either express or implied. See the License for the 16 | @REM specific language governing permissions and limitations 17 | @REM under the License. 18 | @REM ---------------------------------------------------------------------------- 19 | 20 | @REM ---------------------------------------------------------------------------- 21 | @REM Maven Start Up Batch script 22 | @REM 23 | @REM Required ENV vars: 24 | @REM JAVA_HOME - location of a JDK home dir 25 | @REM 26 | @REM Optional ENV vars 27 | @REM M2_HOME - location of maven2's installed home dir 28 | @REM MAVEN_BATCH_ECHO - set to 'on' to enable the echoing of the batch commands 29 | @REM MAVEN_BATCH_PAUSE - set to 'on' to wait for a keystroke before ending 30 | @REM MAVEN_OPTS - parameters passed to the Java VM when running Maven 31 | @REM e.g. to debug Maven itself, use 32 | @REM set MAVEN_OPTS=-Xdebug -Xrunjdwp:transport=dt_socket,server=y,suspend=y,address=8000 33 | @REM MAVEN_SKIP_RC - flag to disable loading of mavenrc files 34 | @REM ---------------------------------------------------------------------------- 35 | 36 | @REM Begin all REM lines with '@' in case MAVEN_BATCH_ECHO is 'on' 37 | @echo off 38 | @REM set title of command window 39 | title %0 40 | @REM enable echoing by setting MAVEN_BATCH_ECHO to 'on' 41 | @if "%MAVEN_BATCH_ECHO%" == "on" echo %MAVEN_BATCH_ECHO% 42 | 43 | @REM set %HOME% to equivalent of $HOME 44 | if "%HOME%" == "" (set "HOME=%HOMEDRIVE%%HOMEPATH%") 45 | 46 | @REM Execute a user defined script before this one 47 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPre 48 | @REM check for pre script, once with legacy .bat ending and once with .cmd ending 49 | if exist "%HOME%\mavenrc_pre.bat" call "%HOME%\mavenrc_pre.bat" 50 | if exist "%HOME%\mavenrc_pre.cmd" call "%HOME%\mavenrc_pre.cmd" 51 | :skipRcPre 52 | 53 | @setlocal 54 | 55 | set ERROR_CODE=0 56 | 57 | @REM To isolate internal variables from possible post scripts, we use another setlocal 58 | @setlocal 59 | 60 | @REM ==== START VALIDATION ==== 61 | if not "%JAVA_HOME%" == "" goto OkJHome 62 | 63 | echo. 64 | echo Error: JAVA_HOME not found in your environment. >&2 65 | echo Please set the JAVA_HOME variable in your environment to match the >&2 66 | echo location of your Java installation. >&2 67 | echo. 68 | goto error 69 | 70 | :OkJHome 71 | if exist "%JAVA_HOME%\bin\java.exe" goto init 72 | 73 | echo. 74 | echo Error: JAVA_HOME is set to an invalid directory. >&2 75 | echo JAVA_HOME = "%JAVA_HOME%" >&2 76 | echo Please set the JAVA_HOME variable in your environment to match the >&2 77 | echo location of your Java installation. >&2 78 | echo. 79 | goto error 80 | 81 | @REM ==== END VALIDATION ==== 82 | 83 | :init 84 | 85 | @REM Find the project base dir, i.e. the directory that contains the folder ".mvn". 86 | @REM Fallback to current working directory if not found. 87 | 88 | set MAVEN_PROJECTBASEDIR=%MAVEN_BASEDIR% 89 | IF NOT "%MAVEN_PROJECTBASEDIR%"=="" goto endDetectBaseDir 90 | 91 | set EXEC_DIR=%CD% 92 | set WDIR=%EXEC_DIR% 93 | :findBaseDir 94 | IF EXIST "%WDIR%"\.mvn goto baseDirFound 95 | cd .. 96 | IF "%WDIR%"=="%CD%" goto baseDirNotFound 97 | set WDIR=%CD% 98 | goto findBaseDir 99 | 100 | :baseDirFound 101 | set MAVEN_PROJECTBASEDIR=%WDIR% 102 | cd "%EXEC_DIR%" 103 | goto endDetectBaseDir 104 | 105 | :baseDirNotFound 106 | set MAVEN_PROJECTBASEDIR=%EXEC_DIR% 107 | cd "%EXEC_DIR%" 108 | 109 | :endDetectBaseDir 110 | 111 | IF NOT EXIST "%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config" goto endReadAdditionalConfig 112 | 113 | @setlocal EnableExtensions EnableDelayedExpansion 114 | for /F "usebackq delims=" %%a in ("%MAVEN_PROJECTBASEDIR%\.mvn\jvm.config") do set JVM_CONFIG_MAVEN_PROPS=!JVM_CONFIG_MAVEN_PROPS! %%a 115 | @endlocal & set JVM_CONFIG_MAVEN_PROPS=%JVM_CONFIG_MAVEN_PROPS% 116 | 117 | :endReadAdditionalConfig 118 | 119 | SET MAVEN_JAVA_EXE="%JAVA_HOME%\bin\java.exe" 120 | set WRAPPER_JAR="%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.jar" 121 | set WRAPPER_LAUNCHER=org.apache.maven.wrapper.MavenWrapperMain 122 | 123 | set DOWNLOAD_URL="https://repo.maven.apache.org/maven2/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 124 | 125 | FOR /F "tokens=1,2 delims==" %%A IN ("%MAVEN_PROJECTBASEDIR%\.mvn\wrapper\maven-wrapper.properties") DO ( 126 | IF "%%A"=="wrapperUrl" SET DOWNLOAD_URL=%%B 127 | ) 128 | 129 | @REM Extension to allow automatically downloading the maven-wrapper.jar from Maven-central 130 | @REM This allows using the maven wrapper in projects that prohibit checking in binary data. 131 | if exist %WRAPPER_JAR% ( 132 | if "%MVNW_VERBOSE%" == "true" ( 133 | echo Found %WRAPPER_JAR% 134 | ) 135 | ) else ( 136 | if not "%MVNW_REPOURL%" == "" ( 137 | SET DOWNLOAD_URL="%MVNW_REPOURL%/io/takari/maven-wrapper/0.5.6/maven-wrapper-0.5.6.jar" 138 | ) 139 | if "%MVNW_VERBOSE%" == "true" ( 140 | echo Couldn't find %WRAPPER_JAR%, downloading it ... 141 | echo Downloading from: %DOWNLOAD_URL% 142 | ) 143 | 144 | powershell -Command "&{"^ 145 | "$webclient = new-object System.Net.WebClient;"^ 146 | "if (-not ([string]::IsNullOrEmpty('%MVNW_USERNAME%') -and [string]::IsNullOrEmpty('%MVNW_PASSWORD%'))) {"^ 147 | "$webclient.Credentials = new-object System.Net.NetworkCredential('%MVNW_USERNAME%', '%MVNW_PASSWORD%');"^ 148 | "}"^ 149 | "[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12; $webclient.DownloadFile('%DOWNLOAD_URL%', '%WRAPPER_JAR%')"^ 150 | "}" 151 | if "%MVNW_VERBOSE%" == "true" ( 152 | echo Finished downloading %WRAPPER_JAR% 153 | ) 154 | ) 155 | @REM End of extension 156 | 157 | @REM Provide a "standardized" way to retrieve the CLI args that will 158 | @REM work with both Windows and non-Windows executions. 159 | set MAVEN_CMD_LINE_ARGS=%* 160 | 161 | %MAVEN_JAVA_EXE% %JVM_CONFIG_MAVEN_PROPS% %MAVEN_OPTS% %MAVEN_DEBUG_OPTS% -classpath %WRAPPER_JAR% "-Dmaven.multiModuleProjectDirectory=%MAVEN_PROJECTBASEDIR%" %WRAPPER_LAUNCHER% %MAVEN_CONFIG% %* 162 | if ERRORLEVEL 1 goto error 163 | goto end 164 | 165 | :error 166 | set ERROR_CODE=1 167 | 168 | :end 169 | @endlocal & set ERROR_CODE=%ERROR_CODE% 170 | 171 | if not "%MAVEN_SKIP_RC%" == "" goto skipRcPost 172 | @REM check for post script, once with legacy .bat ending and once with .cmd ending 173 | if exist "%HOME%\mavenrc_post.bat" call "%HOME%\mavenrc_post.bat" 174 | if exist "%HOME%\mavenrc_post.cmd" call "%HOME%\mavenrc_post.cmd" 175 | :skipRcPost 176 | 177 | @REM pause the script if MAVEN_BATCH_PAUSE is set to 'on' 178 | if "%MAVEN_BATCH_PAUSE%" == "on" pause 179 | 180 | if "%MAVEN_TERMINATE_CMD%" == "on" exit %ERROR_CODE% 181 | 182 | exit /B %ERROR_CODE% 183 | -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- 1 | 2 | 4 | 4.0.0 5 | 6 | org.springframework.boot 7 | spring-boot-starter-parent 8 | 2.4.2 9 | 10 | 11 | com.spring.verification 12 | spring-backend-verification 13 | 0.0.1-SNAPSHOT 14 | spring-backend-verification 15 | Authentication, authorization and verification in Spring Boto 16 | 17 | 11 18 | 19 | 20 | 21 | org.springframework.boot 22 | spring-boot-starter-data-jpa 23 | 24 | 25 | org.springframework.boot 26 | spring-boot-starter-mail 27 | 28 | 29 | org.springframework.boot 30 | spring-boot-starter-security 31 | 32 | 33 | org.springframework.boot 34 | spring-boot-starter-web 35 | 36 | 37 | 38 | org.springframework.boot 39 | spring-boot-devtools 40 | runtime 41 | true 42 | 43 | 44 | org.postgresql 45 | postgresql 46 | runtime 47 | 48 | 49 | org.springframework.boot 50 | spring-boot-starter-test 51 | test 52 | 53 | 54 | org.springframework.security 55 | spring-security-test 56 | test 57 | 58 | 59 | 60 | com.h2database 61 | h2 62 | 1.4.200 63 | runtime 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | org.springframework.boot 73 | spring-boot-maven-plugin 74 | 75 | 76 | 77 | 78 | 79 | 80 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/SpringBackendVerificationApplication.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification; 2 | 3 | import org.springframework.boot.SpringApplication; 4 | import org.springframework.boot.autoconfigure.SpringBootApplication; 5 | import org.springframework.context.annotation.ComponentScan; 6 | 7 | @SpringBootApplication 8 | @ComponentScan("com.spring.verification.springbackendverification") 9 | public class SpringBackendVerificationApplication { 10 | 11 | public static void main(String[] args) { 12 | SpringApplication.run(SpringBackendVerificationApplication.class, args); 13 | } 14 | 15 | } 16 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/controller/RegistrationController.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.controller; 2 | 3 | import com.spring.verification.springbackendverification.model.RegistrationRequest; 4 | import com.spring.verification.springbackendverification.service.RegistrationService; 5 | import org.springframework.beans.factory.annotation.Autowired; 6 | import org.springframework.web.bind.annotation.*; 7 | 8 | @RestController 9 | @RequestMapping(path = "/api/v1/registration") 10 | public class RegistrationController { 11 | 12 | private final RegistrationService registrationService; 13 | 14 | @Autowired 15 | public RegistrationController(RegistrationService registrationService) { 16 | this.registrationService = registrationService; 17 | } 18 | 19 | @PostMapping 20 | public String register(@RequestBody RegistrationRequest request) { 21 | return registrationService.register(request); 22 | //return "registered"; 23 | } 24 | 25 | @GetMapping(path = "confirm") 26 | public String confirm(@RequestParam("token") String token) { 27 | return registrationService.confirmToken(token); 28 | } 29 | } 30 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/email/EmailSender.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.email; 2 | 3 | public interface EmailSender { 4 | 5 | void sendEmail(String to, String email); 6 | } 7 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/email/EmailService.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.email; 2 | 3 | import org.slf4j.Logger; 4 | import org.slf4j.LoggerFactory; 5 | import org.springframework.mail.javamail.JavaMailSender; 6 | import org.springframework.mail.javamail.MimeMessageHelper; 7 | import org.springframework.scheduling.annotation.Async; 8 | import org.springframework.stereotype.Service; 9 | 10 | import javax.mail.MessagingException; 11 | import javax.mail.internet.MimeMessage; 12 | 13 | @Service 14 | public class EmailService implements EmailSender { 15 | 16 | private final JavaMailSender mailSender; 17 | private final static Logger logger = LoggerFactory.getLogger(EmailService.class); 18 | 19 | public EmailService(JavaMailSender mailSender) { 20 | this.mailSender = mailSender; 21 | } 22 | 23 | 24 | @Override 25 | @Async 26 | public void sendEmail(String to, String email) { 27 | try { 28 | MimeMessage mimeMessage = mailSender.createMimeMessage(); 29 | MimeMessageHelper helper = new MimeMessageHelper(mimeMessage, "utf-8"); 30 | helper.setText(email, true); 31 | helper.setTo(to); 32 | helper.setSubject("Confirm your email"); 33 | helper.setFrom("test@email.com"); 34 | mailSender.send(mimeMessage); 35 | } catch (MessagingException e) { 36 | logger.error("Failed to send email for: " + email + "\n" + e); 37 | throw new IllegalArgumentException("Failed to send email for: " + email); 38 | } 39 | } 40 | } 41 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/model/AppUser.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.model; 2 | 3 | import org.springframework.security.core.GrantedAuthority; 4 | import org.springframework.security.core.authority.SimpleGrantedAuthority; 5 | import org.springframework.security.core.userdetails.UserDetails; 6 | 7 | import javax.persistence.*; 8 | import java.util.Collection; 9 | import java.util.Collections; 10 | 11 | @Entity 12 | public class AppUser implements UserDetails { 13 | 14 | @Id 15 | @GeneratedValue(strategy = GenerationType.IDENTITY) 16 | private Long id; 17 | private String firstName; 18 | private String lastName; 19 | private String email; 20 | private String password; 21 | 22 | @Enumerated(EnumType.STRING) 23 | private AppUserRole appUserRole; 24 | private Boolean locked; 25 | private Boolean enabled; 26 | 27 | public AppUser() { 28 | } 29 | 30 | public AppUser(String firstName, String lastName, String email, String password, AppUserRole appUserRole) { 31 | this.firstName = firstName; 32 | this.lastName = lastName; 33 | this.email = email; 34 | this.password = password; 35 | this.appUserRole = appUserRole; 36 | this.locked = false; 37 | this.enabled = false; 38 | } 39 | 40 | @Override 41 | public Collection getAuthorities() { 42 | SimpleGrantedAuthority authority = new SimpleGrantedAuthority(appUserRole.name()); 43 | return Collections.singletonList(authority); 44 | } 45 | 46 | public Long getId() { 47 | return id; 48 | } 49 | 50 | public void setId(Long id) { 51 | this.id = id; 52 | } 53 | 54 | public String getFirstName() { 55 | return firstName; 56 | } 57 | 58 | public void setFirstName(String firstName) { 59 | this.firstName = firstName; 60 | } 61 | 62 | public String getLastName() { 63 | return lastName; 64 | } 65 | 66 | public void setLastName(String lastName) { 67 | this.lastName = lastName; 68 | } 69 | 70 | public String getEmail() { 71 | return email; 72 | } 73 | 74 | public void setEmail(String email) { 75 | this.email = email; 76 | } 77 | 78 | public void setPassword(String password) { 79 | this.password = password; 80 | } 81 | 82 | public AppUserRole getAppUserRole() { 83 | return appUserRole; 84 | } 85 | 86 | public void setAppUserRole(AppUserRole appUserRole) { 87 | this.appUserRole = appUserRole; 88 | } 89 | 90 | public Boolean getLocked() { 91 | return locked; 92 | } 93 | 94 | public void setLocked(Boolean locked) { 95 | this.locked = locked; 96 | } 97 | 98 | public Boolean getEnabled() { 99 | return enabled; 100 | } 101 | 102 | public void setEnabled(Boolean enabled) { 103 | this.enabled = enabled; 104 | } 105 | 106 | @Override 107 | public String getPassword() { 108 | return password; 109 | } 110 | 111 | @Override 112 | public String getUsername() { 113 | return email; 114 | } 115 | 116 | @Override 117 | public boolean isAccountNonExpired() { 118 | return true; 119 | } 120 | 121 | @Override 122 | public boolean isAccountNonLocked() { 123 | return !locked; 124 | } 125 | 126 | @Override 127 | public boolean isCredentialsNonExpired() { 128 | return true; 129 | } 130 | 131 | @Override 132 | public boolean isEnabled() { 133 | return enabled; 134 | } 135 | } 136 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/model/AppUserRole.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.model; 2 | 3 | public enum AppUserRole { 4 | USER, 5 | ADMIN 6 | } 7 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/model/RegistrationRequest.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.model; 2 | 3 | public class RegistrationRequest { 4 | 5 | private final String firstName; 6 | private final String lastName; 7 | private final String email; 8 | private final String password; 9 | 10 | public RegistrationRequest(String firstName, String lastName, String email, String password) { 11 | this.firstName = firstName; 12 | this.lastName = lastName; 13 | this.email = email; 14 | this.password = password; 15 | } 16 | 17 | public String getFirstName() { 18 | return firstName; 19 | } 20 | 21 | public String getLastName() { 22 | return lastName; 23 | } 24 | 25 | public String getEmail() { 26 | return email; 27 | } 28 | 29 | public String getPassword() { 30 | return password; 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/repository/AppUserRepository.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.repository; 2 | 3 | import com.spring.verification.springbackendverification.model.AppUser; 4 | import org.springframework.data.jpa.repository.JpaRepository; 5 | import org.springframework.data.jpa.repository.Modifying; 6 | import org.springframework.data.jpa.repository.Query; 7 | import org.springframework.stereotype.Repository; 8 | import org.springframework.transaction.annotation.Transactional; 9 | 10 | import java.util.Optional; 11 | 12 | 13 | @Repository 14 | @Transactional(readOnly = true) 15 | public interface AppUserRepository extends JpaRepository { 16 | 17 | Optional findByEmail(String email); 18 | 19 | @Transactional 20 | @Modifying 21 | @Query("UPDATE AppUser a SET a.enabled=true WHERE a.email=?1") 22 | int enableAppUser(String email); 23 | } 24 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/security/EmailValidator.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.security; 2 | 3 | import org.springframework.stereotype.Service; 4 | 5 | import java.util.function.Predicate; 6 | 7 | @Service 8 | public class EmailValidator implements Predicate { 9 | 10 | private final String EMAIL_PATTERN = "\\w+([-+.']\\w+)*@\\w+([-.]\\w+)*\\.\\w+([-.]\\w+)*"; 11 | 12 | @Override 13 | public boolean test(String email) { 14 | return email.matches(EMAIL_PATTERN); 15 | } 16 | } 17 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/security/PasswordEncoder.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.security; 2 | 3 | import org.springframework.context.annotation.Bean; 4 | import org.springframework.context.annotation.Configuration; 5 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; 6 | 7 | @Configuration 8 | public class PasswordEncoder { 9 | 10 | @Bean 11 | public BCryptPasswordEncoder bCryptPasswordEncoder() { 12 | return new BCryptPasswordEncoder(); 13 | } 14 | } 15 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/security/config/WebSecurityConfig.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.security.config; 2 | 3 | import com.spring.verification.springbackendverification.security.PasswordEncoder; 4 | import com.spring.verification.springbackendverification.service.AppUserService; 5 | import org.springframework.context.annotation.Bean; 6 | import org.springframework.context.annotation.Configuration; 7 | import org.springframework.security.authentication.dao.DaoAuthenticationProvider; 8 | import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; 9 | import org.springframework.security.config.annotation.web.builders.HttpSecurity; 10 | import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; 11 | import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; 12 | 13 | @Configuration 14 | @EnableWebSecurity 15 | public class WebSecurityConfig extends WebSecurityConfigurerAdapter { 16 | 17 | private final AppUserService appUserService; 18 | private final PasswordEncoder passwordEncoder; 19 | 20 | public WebSecurityConfig(AppUserService appUserService, PasswordEncoder passwordEncoder) { 21 | this.appUserService = appUserService; 22 | this.passwordEncoder = passwordEncoder; 23 | } 24 | 25 | @Override 26 | protected void configure(HttpSecurity httpSecurity) throws Exception { 27 | httpSecurity 28 | .csrf().disable() 29 | .authorizeRequests() 30 | .antMatchers("/api/v*/registration/**", "/h2/**", "/h2/*", "/h2-console/**", "/h2-console/*") 31 | .permitAll() 32 | .anyRequest() 33 | .authenticated() 34 | .and() 35 | .formLogin(); 36 | 37 | //For h2 console 38 | httpSecurity.csrf().disable(); 39 | httpSecurity.headers().frameOptions().disable(); 40 | } 41 | 42 | 43 | @Override 44 | protected void configure(AuthenticationManagerBuilder auth) throws Exception { 45 | auth.authenticationProvider(daoAuthenticationProvider()); 46 | } 47 | 48 | 49 | @Bean 50 | public DaoAuthenticationProvider daoAuthenticationProvider() { 51 | DaoAuthenticationProvider provider = new DaoAuthenticationProvider(); 52 | provider.setPasswordEncoder(passwordEncoder.bCryptPasswordEncoder()); 53 | provider.setUserDetailsService(appUserService); 54 | 55 | return provider; 56 | } 57 | } 58 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/security/token/ConfirmationToken.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.security.token; 2 | 3 | import com.spring.verification.springbackendverification.model.AppUser; 4 | 5 | import javax.persistence.*; 6 | import java.time.LocalDateTime; 7 | 8 | @Entity 9 | public class ConfirmationToken { 10 | 11 | @Id 12 | @GeneratedValue (strategy = GenerationType.IDENTITY) 13 | private Long id; 14 | 15 | @Column(nullable = false) 16 | private String token; 17 | 18 | @Column(nullable = false) 19 | private LocalDateTime createdAt; 20 | 21 | @Column(nullable = false) 22 | private LocalDateTime expiresAt; 23 | 24 | private LocalDateTime confirmedAt; 25 | 26 | @ManyToOne 27 | @JoinColumn(nullable = false, 28 | name = "app_user_id") 29 | private AppUser appUser; 30 | 31 | public ConfirmationToken() { 32 | } 33 | 34 | public ConfirmationToken(String token, LocalDateTime createdAt, LocalDateTime expiresAt, AppUser appUser) { 35 | this.token = token; 36 | this.createdAt = createdAt; 37 | this.expiresAt = expiresAt; 38 | this.appUser = appUser; 39 | } 40 | 41 | public Long getId() { 42 | return id; 43 | } 44 | 45 | public void setId(Long id) { 46 | this.id = id; 47 | } 48 | 49 | public String getToken() { 50 | return token; 51 | } 52 | 53 | public void setToken(String token) { 54 | this.token = token; 55 | } 56 | 57 | public LocalDateTime getCreatedAt() { 58 | return createdAt; 59 | } 60 | 61 | public void setCreatedAt(LocalDateTime createdAt) { 62 | this.createdAt = createdAt; 63 | } 64 | 65 | public LocalDateTime getExpiresAt() { 66 | return expiresAt; 67 | } 68 | 69 | public void setExpiresAt(LocalDateTime expiresAt) { 70 | this.expiresAt = expiresAt; 71 | } 72 | 73 | public LocalDateTime getConfirmedAt() { 74 | return confirmedAt; 75 | } 76 | 77 | public void setConfirmedAt(LocalDateTime confirmedAt) { 78 | this.confirmedAt = confirmedAt; 79 | } 80 | 81 | public AppUser getAppUser() { 82 | return appUser; 83 | } 84 | 85 | public void setAppUser(AppUser appUser) { 86 | this.appUser = appUser; 87 | } 88 | } 89 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/security/token/ConfirmationTokenRepository.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.security.token; 2 | 3 | import org.springframework.data.jpa.repository.JpaRepository; 4 | import org.springframework.data.jpa.repository.Modifying; 5 | import org.springframework.data.jpa.repository.Query; 6 | import org.springframework.stereotype.Repository; 7 | import org.springframework.transaction.annotation.Transactional; 8 | 9 | import java.time.LocalDateTime; 10 | import java.util.Optional; 11 | 12 | @Repository 13 | public interface ConfirmationTokenRepository extends JpaRepository { 14 | 15 | Optional findByToken(String token); 16 | 17 | @Transactional 18 | @Modifying 19 | @Query("UPDATE ConfirmationToken c SET c.confirmedAt = ?2 WHERE c.token = ?1") 20 | int updateConfirmedAt(String token, LocalDateTime localDateTime); 21 | } 22 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/security/token/ConfirmationTokenService.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.security.token; 2 | 3 | import org.springframework.stereotype.Service; 4 | 5 | import java.time.LocalDateTime; 6 | import java.util.Optional; 7 | 8 | @Service 9 | public class ConfirmationTokenService { 10 | 11 | private final ConfirmationTokenRepository confirmationTokenRepository; 12 | 13 | public ConfirmationTokenService(ConfirmationTokenRepository confirmationTokenRepository) { 14 | this.confirmationTokenRepository = confirmationTokenRepository; 15 | } 16 | 17 | public void saveConfirmationToken(ConfirmationToken token) { 18 | confirmationTokenRepository.save(token); 19 | } 20 | 21 | public Optional getToken(String token) { 22 | return confirmationTokenRepository.findByToken(token); 23 | } 24 | 25 | public int setConfirmedAt(String token) { 26 | return confirmationTokenRepository.updateConfirmedAt(token, LocalDateTime.now()); 27 | } 28 | } 29 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/service/AppUserService.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.service; 2 | 3 | import com.spring.verification.springbackendverification.model.AppUser; 4 | import com.spring.verification.springbackendverification.repository.AppUserRepository; 5 | import com.spring.verification.springbackendverification.security.PasswordEncoder; 6 | import com.spring.verification.springbackendverification.security.token.ConfirmationToken; 7 | import com.spring.verification.springbackendverification.security.token.ConfirmationTokenService; 8 | import org.springframework.beans.factory.annotation.Autowired; 9 | import org.springframework.security.core.userdetails.UserDetails; 10 | import org.springframework.security.core.userdetails.UserDetailsService; 11 | import org.springframework.security.core.userdetails.UsernameNotFoundException; 12 | import org.springframework.stereotype.Service; 13 | 14 | import java.time.LocalDateTime; 15 | import java.util.UUID; 16 | 17 | @Service 18 | public class AppUserService implements UserDetailsService { 19 | 20 | private final AppUserRepository appUserRepository; 21 | private final PasswordEncoder passwordEncoder; 22 | private final ConfirmationTokenService confirmationTokenService; 23 | 24 | @Autowired 25 | public AppUserService(AppUserRepository appUserRepository, PasswordEncoder passwordEncoder, ConfirmationTokenService confirmationTokenService) { 26 | this.appUserRepository = appUserRepository; 27 | this.passwordEncoder = passwordEncoder; 28 | this.confirmationTokenService = confirmationTokenService; 29 | } 30 | 31 | @Override 32 | public UserDetails loadUserByUsername(String email) throws UsernameNotFoundException { 33 | return appUserRepository.findByEmail(email) 34 | .orElseThrow(() -> new UsernameNotFoundException(String.format("User with email %s not found", email))); 35 | } 36 | 37 | 38 | public String signUpUser(AppUser appUser) { 39 | boolean userExists = appUserRepository.findByEmail(appUser.getEmail()).isPresent(); 40 | 41 | if (userExists) { 42 | 43 | AppUser appUserPrevious = appUserRepository.findByEmail(appUser.getEmail()).get(); 44 | Boolean isEnabled = appUserPrevious.getEnabled(); 45 | 46 | if (!isEnabled) { 47 | String token = UUID.randomUUID().toString(); 48 | 49 | //A method to save user and token in this class 50 | saveConfirmationToken(appUserPrevious, token); 51 | 52 | return token; 53 | 54 | } 55 | throw new IllegalStateException(String.format("User with email %s already exists!", appUser.getEmail())); 56 | } 57 | 58 | String encodedPassword = passwordEncoder.bCryptPasswordEncoder().encode(appUser.getPassword()); 59 | appUser.setPassword(encodedPassword); 60 | 61 | //Saving the user after encoding the password 62 | appUserRepository.save(appUser); 63 | 64 | //Creating a token from UUID 65 | String token = UUID.randomUUID().toString(); 66 | 67 | //Getting the confirmation token and then saving it 68 | saveConfirmationToken(appUser, token); 69 | 70 | 71 | //Returning token 72 | return token; 73 | } 74 | 75 | 76 | private void saveConfirmationToken(AppUser appUser, String token) { 77 | ConfirmationToken confirmationToken = new ConfirmationToken(token, LocalDateTime.now(), 78 | LocalDateTime.now().plusMinutes(15), appUser); 79 | confirmationTokenService.saveConfirmationToken(confirmationToken); 80 | } 81 | 82 | public int enableAppUser(String email) { 83 | return appUserRepository.enableAppUser(email); 84 | 85 | } 86 | } 87 | -------------------------------------------------------------------------------- /src/main/java/com/spring/verification/springbackendverification/service/RegistrationService.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification.service; 2 | 3 | import com.spring.verification.springbackendverification.model.AppUser; 4 | import com.spring.verification.springbackendverification.model.AppUserRole; 5 | import com.spring.verification.springbackendverification.model.RegistrationRequest; 6 | import com.spring.verification.springbackendverification.email.EmailSender; 7 | import com.spring.verification.springbackendverification.security.EmailValidator; 8 | import com.spring.verification.springbackendverification.security.token.ConfirmationToken; 9 | import com.spring.verification.springbackendverification.security.token.ConfirmationTokenService; 10 | import org.springframework.stereotype.Service; 11 | import org.springframework.transaction.annotation.Transactional; 12 | 13 | import java.time.LocalDateTime; 14 | import java.util.Optional; 15 | 16 | @Service 17 | public class RegistrationService { 18 | 19 | private final AppUserService appUserService; 20 | private final EmailValidator emailValidator; 21 | private final ConfirmationTokenService confirmTokenService; 22 | private final EmailSender emailSender; 23 | 24 | 25 | public RegistrationService(AppUserService appUserService, EmailValidator emailValidator, ConfirmationTokenService confirmTokenService, EmailSender emailSender) { 26 | this.appUserService = appUserService; 27 | this.emailValidator = emailValidator; 28 | this.confirmTokenService = confirmTokenService; 29 | this.emailSender = emailSender; 30 | } 31 | 32 | public String register(RegistrationRequest request) { 33 | boolean isValidEmail = emailValidator.test(request.getEmail()); 34 | if (isValidEmail) { 35 | String tokenForNewUser = appUserService.signUpUser(new AppUser(request.getFirstName(), 36 | request.getLastName(), 37 | request.getEmail(), 38 | request.getPassword(), 39 | AppUserRole.USER)); 40 | 41 | //Since, we are running the spring boot application in localhost, we are hardcoding the 42 | //url of the server. We are creating a POST request with token param 43 | String link = "http://localhost:8090/api/v1/registration/confirm?token=" + tokenForNewUser; 44 | emailSender.sendEmail(request.getEmail(), buildEmail(request.getFirstName(), link)); 45 | return tokenForNewUser; 46 | } else { 47 | throw new IllegalStateException(String.format("Email %s, not valid", request.getEmail())); 48 | } 49 | } 50 | 51 | 52 | @Transactional 53 | public String confirmToken(String token) { 54 | Optional confirmToken = confirmTokenService.getToken(token); 55 | 56 | if (confirmToken.isEmpty()) { 57 | throw new IllegalStateException("Token not found!"); 58 | } 59 | 60 | if (confirmToken.get().getConfirmedAt() != null) { 61 | throw new IllegalStateException("Email is already confirmed"); 62 | } 63 | 64 | LocalDateTime expiresAt = confirmToken.get().getExpiresAt(); 65 | 66 | if (expiresAt.isBefore(LocalDateTime.now())) { 67 | throw new IllegalStateException("Token is already expired!"); 68 | } 69 | 70 | confirmTokenService.setConfirmedAt(token); 71 | appUserService.enableAppUser(confirmToken.get().getAppUser().getEmail()); 72 | 73 | //Returning confirmation message if the token matches 74 | return "Your email is confirmed. Thank you for using our service!"; 75 | } 76 | 77 | private String buildEmail(String name, String link) { 78 | return "
\n" + 79 | "\n" + 80 | "\n" + 81 | "\n" + 82 | " \n" + 83 | " \n" + 84 | " \n" + 105 | " \n" + 106 | "
\n" + 85 | " \n" + 86 | " \n" + 87 | " \n" + 88 | " \n" + 101 | " \n" + 102 | "
\n" + 89 | " \n" + 90 | " \n" + 91 | " \n" + 94 | " \n" + 97 | " \n" + 98 | "
\n" + 92 | " \n" + 93 | " \n" + 95 | " Confirm your email\n" + 96 | "
\n" + 99 | " \n" + 100 | "
\n" + 103 | " \n" + 104 | "
\n" + 107 | " \n" + 108 | " \n" + 109 | " \n" + 110 | " \n" + 119 | " \n" + 120 | " \n" + 121 | "
\n" + 111 | " \n" + 112 | " \n" + 113 | " \n" + 114 | " \n" + 115 | " \n" + 116 | "
\n" + 117 | " \n" + 118 | "
\n" + 122 | "\n" + 123 | "\n" + 124 | "\n" + 125 | " \n" + 126 | " \n" + 127 | " \n" + 128 | " \n" + 129 | " \n" + 130 | " \n" + 131 | " \n" + 136 | " \n" + 137 | " \n" + 138 | " \n" + 139 | " \n" + 140 | " \n" + 141 | "


\n" + 132 | " \n" + 133 | "

Hi " + name + ",

Thank you for registering. Please click on the below link to activate your account:

Activate Now

\n Link will expire in 15 minutes.

See you soon

" + 134 | " \n" + 135 | "


\n" + 142 | "\n" + 143 | "
"; 144 | } 145 | } 146 | -------------------------------------------------------------------------------- /src/main/resources/application.properties: -------------------------------------------------------------------------------- 1 | spring.application.name=spring-auth-ver 2 | server.port=8090 3 | 4 | #For PostreSql database 5 | #spring.datasource.url=jdbc:postgresql://localhost:5432/registration 6 | #spring.jpa.hibernate.ddl-auto=create-drop 7 | #spring.jpa.database-platform=org.hibernate.dialect.PostgreSQLDialect 8 | #spring.jpa.show-sql=true 9 | 10 | #For h2 11 | spring.h2.console.enabled=true 12 | spring.h2.console.path=/h2 13 | spring.h2.console.settings.trace=false 14 | spring.h2.console.settings.web-allow-others=false 15 | 16 | spring.datasource.url=jdbc:h2:mem:springAuth 17 | spring.datasource.driverClassName=org.h2.Driver 18 | spring.jpa.database-platform=org.hibernate.dialect.H2Dialect 19 | spring.jpa.hibernate.ddl-auto=update 20 | 21 | #For mailing service 22 | spring.mail.host=localhost 23 | spring.mail.port=1025 24 | spring.mail.username=root 25 | spring.mail.password=admin 26 | 27 | spring.mail.properties.mail.smtp.ssl.trust=* 28 | spring.mail.properties.mail.smtp.auth=true 29 | spring.mail.properties.mail.smtp.starttls.enable=true 30 | spring.mail.properties.mail.smtp.connectiontimeout=5000 31 | spring.mail.properties.mail.smtp.timeout=3000 32 | spring.mail.properties.mail.smtp.writetimeout=5000 33 | 34 | 35 | 36 | 37 | spring.security.user.name=admin 38 | spring.security.user.password=root -------------------------------------------------------------------------------- /src/test/java/com/spring/verification/springbackendverification/SpringBackendVerificationApplicationTests.java: -------------------------------------------------------------------------------- 1 | package com.spring.verification.springbackendverification; 2 | 3 | import org.junit.jupiter.api.Test; 4 | import org.springframework.boot.test.context.SpringBootTest; 5 | 6 | @SpringBootTest 7 | class SpringBackendVerificationApplicationTests { 8 | 9 | @Test 10 | void contextLoads() { 11 | } 12 | 13 | } 14 | --------------------------------------------------------------------------------