#35 update Anope IRC password on passwort change

FAForever · Oct 18, 2017 · 6622bfd · 6622bfd
1 parent 041f6e1
commit 6622bfd
Show file tree

Hide file tree

Showing 3 changed files with 50 additions and 5 deletions.
diff --git a/src/main/java/com/faforever/api/user/AnopeUserRepository.java b/src/main/java/com/faforever/api/user/AnopeUserRepository.java
@@ -0,0 +1,29 @@
+package com.faforever.api.user;
+
+import com.google.common.collect.ImmutableMap;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
+import org.springframework.stereotype.Repository;
+
+/**
+ * Repository to access Anope's @{NickCore} table (the one that contains usernames and passwords).
+ */
+@Repository
+@Slf4j
+public class AnopeUserRepository {
+
+  private final NamedParameterJdbcTemplate jdbcTemplate;
+
+  public AnopeUserRepository(NamedParameterJdbcTemplate jdbcTemplate) {
+    this.jdbcTemplate = jdbcTemplate;
+  }
+
+  // Don't make this package private, see https://jira.spring.io/browse/SPR-15911
+  public void updatePassword(String username, String password) {
+    jdbcTemplate.update("UPDATE `faf-anope`.anope_db_NickCore SET pass = :password WHERE display = :username",
+      ImmutableMap.of(
+        "password", password,
+        "username", username
+      ));
+  }
+}
diff --git a/src/main/java/com/faforever/api/user/UserService.java b/src/main/java/com/faforever/api/user/UserService.java
@@ -12,6 +12,7 @@
 import com.faforever.api.security.FafUserDetails;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.google.common.collect.ImmutableMap;
+import com.google.common.hash.Hashing;
 import lombok.SneakyThrows;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.security.core.Authentication;
@@ -20,6 +21,7 @@
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
+import java.nio.charset.StandardCharsets;
 import java.time.Instant;
 import java.util.HashMap;
 import java.util.Objects;
@@ -45,16 +47,18 @@ public class UserService {
   private final MacSigner macSigner;
   private final FafApiProperties properties;
   private final FafPasswordEncoder passwordEncoder;
+  private final AnopeUserRepository anopeUserRepository;
 
   public UserService(EmailService emailService, PlayerRepository playerRepository, UserRepository userRepository,
-                     NameRecordRepository nameRecordRepository, ObjectMapper objectMapper, FafApiProperties properties) {
+                     NameRecordRepository nameRecordRepository, ObjectMapper objectMapper, FafApiProperties properties, AnopeUserRepository anopeUserRepository) {
     this.emailService = emailService;
     this.playerRepository = playerRepository;
     this.userRepository = userRepository;
     this.nameRecordRepository = nameRecordRepository;
     this.objectMapper = objectMapper;
     this.macSigner = new MacSigner(properties.getJwt().getSecret());
     this.properties = properties;
+    this.anopeUserRepository = anopeUserRepository;
     this.passwordEncoder = new FafPasswordEncoder();
   }
 
@@ -146,8 +150,7 @@ void changePassword(String currentPassword, String newPassword, User user) {
       throw new ApiException(new Error(ErrorCode.PASSWORD_CHANGE_FAILED_WRONG_PASSWORD));
     }
 
-    user.setPassword(passwordEncoder.encode(newPassword));
-    userRepository.save(user);
+    setPassword(user, newPassword);
   }
 
   void changeLogin(String newLogin, User user) {
@@ -221,8 +224,15 @@ void claimPasswordResetToken(String token, String newPassword) {
       throw new ApiException(new Error(ErrorCode.TOKEN_INVALID));
     }
 
-    user.setPassword(passwordEncoder.encode(newPassword));
+    setPassword(user, newPassword);
+  }
+
+  private void setPassword(User user, String password) {
+    log.debug("Updating FAF password for user: {}", user);
+    user.setPassword(passwordEncoder.encode(password));
     userRepository.save(user);
+    log.debug("Updating anope password for user: {}", user);
+    anopeUserRepository.updatePassword(user.getLogin(), Hashing.md5().hashString(password, StandardCharsets.UTF_8).toString());
   }
 
   public User getUser(Authentication authentication) {

diff --git a/src/test/java/com/faforever/api/user/UserServiceTest.java b/src/test/java/com/faforever/api/user/UserServiceTest.java
@@ -12,6 +12,7 @@
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
 import com.google.common.collect.ImmutableMap;
+import com.google.common.hash.Hashing;
 import lombok.SneakyThrows;
 import org.junit.Before;
 import org.junit.Rule;
@@ -24,6 +25,7 @@
 import org.springframework.security.jwt.JwtHelper;
 import org.springframework.security.jwt.crypto.sign.MacSigner;
 
+import java.nio.charset.StandardCharsets;
 import java.time.Instant;
 import java.util.HashMap;
 import java.util.Optional;
@@ -63,6 +65,8 @@ public class UserServiceTest {
   private PlayerRepository playerRepository;
   @Mock
   private NameRecordRepository nameRecordRepository;
+  @Mock
+  private AnopeUserRepository anopeUserRepository;
 
   private FafApiProperties properties;
   private static FafPasswordEncoder fafPasswordEncoder = new FafPasswordEncoder();
@@ -82,7 +86,7 @@ public void setUp() throws Exception {
 
     properties = new FafApiProperties();
     properties.getJwt().setSecret(TEST_SECRET);
-    instance = new UserService(emailService, playerRepository, userRepository, nameRecordRepository, objectMapper, properties);
+    instance = new UserService(emailService, playerRepository, userRepository, nameRecordRepository, objectMapper, properties, anopeUserRepository);
   }
 
   @Test
@@ -209,6 +213,7 @@ public void changePassword() {
     ArgumentCaptor<User> captor = ArgumentCaptor.forClass(User.class);
     verify(userRepository).save(captor.capture());
     assertEquals(captor.getValue().getPassword(), fafPasswordEncoder.encode(TEST_NEW_PASSWORD));
+    verify(anopeUserRepository).updatePassword(TEST_USERNAME, Hashing.md5().hashString(TEST_NEW_PASSWORD, StandardCharsets.UTF_8).toString());
   }
 
   @Test
@@ -360,6 +365,7 @@ public void claimPasswordResetToken() {
     ArgumentCaptor<User> captor = ArgumentCaptor.forClass(User.class);
     verify(userRepository).save(captor.capture());
     assertEquals(captor.getValue().getPassword(), fafPasswordEncoder.encode(TEST_NEW_PASSWORD));
+    verify(anopeUserRepository).updatePassword(TEST_USERNAME, Hashing.md5().hashString(TEST_NEW_PASSWORD, StandardCharsets.UTF_8).toString());
   }
 
   @Test