additional changes to non-senate user activation, including email aut…

…h and registration

.gitignore

@@ -3,3 +3,4 @@ target/
 src/main/webapp/WEB-INF/lib/
 src/main/webapp/WEB-INF/config.xml
 src/main/webapp/img/avatars
+*.properties

pom.xml

@@ -24,7 +24,12 @@
 			<groupId>org.jasypt</groupId>
 			<artifactId>jasypt</artifactId>
 			<version>1.7</version>
-			<classifier>lite</classifier>
+			<scope>compile</scope>
+		</dependency>
+		<dependency>
+			<groupId>javax.mail</groupId>
+			<artifactId>mail</artifactId>
+			<version>1.4.1</version>
 			<scope>compile</scope>
 		</dependency>
 		<dependency>

src/main/java/gov/nysenate/opendirectory/models/ExternalPerson.java

@@ -1,11 +1,15 @@
 package gov.nysenate.opendirectory.models;
 
 import java.util.Arrays;
+import java.util.Date;
 import java.util.TreeSet;
 
+import org.jasypt.util.text.BasicTextEncryptor;
+
 import gov.nysenate.opendirectory.models.interfaces.IPerson;
 import gov.nysenate.opendirectory.utils.BCrypt;
 
+
 public class ExternalPerson implements IPerson {
 
 	private String firstName;
@@ -83,8 +87,13 @@ public void setAuthorizationHash(String authorizationHash) {
 		this.authorizationHash = authorizationHash;
 	}
 
-
-
+	public void setAuthorizationHash() {
+		BasicTextEncryptor textEncryptor = new BasicTextEncryptor();
+		String dateTime = Long.toString(new Date().getTime());
+		textEncryptor.setPassword(dateTime + email);
+		this.authorizationHash = textEncryptor.encrypt(
+				dateTime + email).replaceAll("=|&|\\?|\\+|/|\\p{Cntrl}","");
+	}
 	public boolean checkPassword(String password) {
 		return BCrypt.checkpw(password, hash);
 	}

src/main/java/gov/nysenate/opendirectory/servlets/NonSenateAccessServlet.java

@@ -2,11 +2,10 @@
 
 import gov.nysenate.opendirectory.ldap.Ldap;
 import gov.nysenate.opendirectory.models.ExternalPerson;
-import gov.nysenate.opendirectory.servlets.UserServlet.UserServletException;
+import gov.nysenate.opendirectory.utils.Mailer;
 import gov.nysenate.opendirectory.utils.Request;
 
 import java.io.IOException;
-import java.io.PrintWriter;
 
 import javax.naming.NamingException;
 import javax.servlet.ServletException;
@@ -48,9 +47,14 @@ else if(command.equals("logout")) {
 			else if(command.equals("register")) {
 				self.render("external/register.jsp");
 			}
+			else if(command.equals("auth")) {
+				doExternalAuth(self);
+			}
 	    	else throw new ExternalServletException("Invalid command `"+command+"` supplied.");
 		} catch (ExternalServletException e) {
 			doException(self,e);
+		} catch (SolrServerException e) {
+			e.printStackTrace();
 		}
 	}
 
@@ -69,7 +73,7 @@ else if(command.equals("register")) {
 	    		doExternalRegister(self);
 	    	}
 	    	else if(command.equals("auth")) {
-	    		doExternalAuth(self);
+	    		self.httpResponse.getWriter().println("hey");//doExternalAuth(self);
 	    	}
 	    	else throw new ExternalServletException("Invalid command `"+command+"` supplied.");
 		} catch (ExternalServletException e) {
@@ -111,39 +115,39 @@ private void doExternalRegister(Request self) throws IOException, ServletExcepti
 				error += "<br/>Entered matching passwords";
 			}
 		}
-		if(email1 == null || email1.equals("") || !email1.matches(".+?@(.*+\\.state\\.ny\\.us|ny\\.gov)")) {
-			error += "<br/>Entered a valid email address (ending in state.ny.us or ny.gov)";
-		}
-		else {
-			if(email2 == null || !email1.equals(email2)) {
-
-			}
-			else {
-				ExternalPerson person = self.solrSession.loadExternalPersonByEmail(email1);
-				if(person != null) {
-					if(person.getAuthorized()) {
-						error = "<br/>That email address already exists on OpenDirectory.  If you need help " +
-								"retrieving your password please " +
-								"<a href=\"http://www.nysenate.gov/contact\">contact us</a>.";
-					}
-					else {
-						error = "<br/>That email address already exists on OpenDirectory, so we've dispatched " +
-								"another activation email.  If you do not receive the email or have any questions " +
-								"please <a href=\"http://www.nysenate.gov/contact\">contact us</a>.";
-						//TODO: resend activation email
-					}
-				}
-			}
-		}
+//		if(email1 == null || email1.equals("") || !email1.matches(".+?@(.*+\\.state\\.ny\\.us|ny\\.gov)")) {
+//			error += "<br/>Entered a valid email address (ending in state.ny.us or ny.gov)";
+//		}
+//		else {
+//			if(email2 == null || !email1.equals(email2)) {
+//				
+//			}
+//			else {
+//				ExternalPerson person = self.solrSession.loadExternalPersonByEmail(email1);
+//				if(person != null) {
+//					if(person.getAuthorized()) {
+//						error = "<br/>That email address already exists on OpenDirectory.  If you need help " +
+//								"retrieving your password please " +
+//								"<a href=\"http://www.nysenate.gov/contact\">contact us</a>.";
+//					}
+//					else {
+//						error = "<br/>That email address already exists on OpenDirectory, so we've dispatched " +
+//								"another activation email.  If you do not receive the email or have any questions " +
+//								"please <a href=\"http://www.nysenate.gov/contact\">contact us</a>.";
+//						Mailer.sendExternalAuthorizationMail(person);
+//					}
+//				}
+//			}
+//		}
 
 
 		if(error.equals("")) {
 			ExternalPerson person = new ExternalPerson(firstName, lastName, email1, phone);
-			person.setAuthorized(true);
+			person.setAuthorized(false);
 			person.encryptPassword(password1);
-			//TODO: set authorized false
-			//TODO: make auth
-			//TODO: send activation email
+			person.setAuthorizationHash();
+
+			Mailer.sendExternalAuthorizationMail(person);
 
 			self.solrSession.saveExternalPerson(person);
 
@@ -166,29 +170,117 @@ private void doExternalRegister(Request self) throws IOException, ServletExcepti
 
 	}
 
-	private void doExternalAuth(Request self) {
+	private void doExternalAuth(Request self) throws SolrServerException, IOException, ServletException {
+		String email = ((String)self.httpRequest.getParameter("email"));
+		String key = (String)self.httpRequest.getParameter("key");
+
+		if(email == null || key == null) {
+			populateMessage(self, MessageCode.CREDS_NOT_PROVIDED);
+		}
 
+		ExternalPerson person = self.solrSession.loadExternalPersonByEmail(email);
+
+		if(person == null) {
+			//couldn't find person
+			populateMessage(self, MessageCode.PERSON_NOT_FOUND);
+		}
+		else {
+			if(person.getAuthorized()) {
+				//no need
+				populateMessage(self, MessageCode.ALREADY_AUTHORIZED);
+			}
+			else {
+				if(person.getAuthorizationHash().equals(key)) {
+					person.setAuthorizationHash("");
+					person.setAuthorized(true);
+					self.solrSession.saveExternalPerson(person);
+					populateMessage(self, MessageCode.AUTH_SUCCESS);
+				}
+				else {
+					//bad hash
+					person.setAuthorizationHash();
+					Mailer.sendExternalAuthorizationMail(person);
+					populateMessage(self, MessageCode.AUTH_FAILURE);
+				}
+			}
+		}
+		self.render("external/message.jsp");
+	}
+
+	public enum MessageCode {
+		CREDS_NOT_PROVIDED, PERSON_NOT_FOUND, ALREADY_AUTHORIZED, AUTH_SUCCESS, AUTH_FAILURE, NOT_ACTIVATED
+	}
+
+	public void populateMessage(Request self, MessageCode code) {
+		String header = null;
+		String error = null;
+		String message = null;
+		switch(code) {
+			case CREDS_NOT_PROVIDED:
+				header = "Error";
+				error = "<br/>Invalid credentials specified, if you think this is an error" +
+					"please <a href=\"http://www.nysenate.gov/contact\">contact us</a>.";
+				break;
+			case PERSON_NOT_FOUND:
+				header = "Error";
+				error = "<br/>We could not find this person.  Are you sure you've " +
+						"<a href=\"" + urls.url("external","register") + "\">registered</a>?" + 
+						"  If you think this is an error please " +
+						"<a href=\"http://www.nysenate.gov/contact\">contact us</a>.";
+				break;
+			case ALREADY_AUTHORIZED:
+				header = "Error";
+				error = "<br/>This person is already authorized, if you think this is an error" +
+					"please <a href=\"http://www.nysenate.gov/contact\">contact us</a>." +
+					"  Or click <a href=\"" + urls.url("external","login") + "\">here</a> to login.";
+				break;
+			case AUTH_SUCCESS:
+				header = "Success";
+				message = "<br/>Your account has been activated.  You can click " +
+					"<a href=\"" + urls.url("external","login") + "\">here</a> to login.";
+				break;
+			case AUTH_FAILURE:
+				header = "Error";
+				error = "<br/>There was an error authorizing your account, so we've dispatched " +
+					"another activation email.  If you do not receive the email or have any questions " +
+					"please <a href=\"http://www.nysenate.gov/contact\">contact us</a>.";
+				break;
+			case NOT_ACTIVATED:
+				header = "Error";
+				error = "<br/>Your account must be activated before you can log in.  You should have " + 
+					"received an email when you first reigstered which containts an activation link, " + 
+					"if not we've dispatched another activation email.  If you do not receive the email " +
+					"or have any questions please <a href=\"http://www.nysenate.gov/contact\">contact us</a>.";
+				break;
+		}
+		self.httpRequest.setAttribute("header", header);
+		self.httpRequest.setAttribute("error", error);
+		self.httpRequest.setAttribute("message", message);
 	}
 
 	private void doExternalLogin(Request self) throws IOException, ServletException {
-
-		String cred = ((String)self.httpRequest.getParameter("name")).toLowerCase();
+		String cred = ((String)self.httpRequest.getParameter("name"));
 		String pass = (String)self.httpRequest.getParameter("password");
 		ExternalPerson person = self.solrSession.loadExternalPersonByEmail(cred);
 
 		//check login correct
 		if(person != null && pass != null && person.checkPassword(pass)) {
-			self.httpSession.setAttribute("externalPerson", person.getFirstName());
-			self.httpSession.setAttribute("externalUid", person.getEmail());
-			self.redirect(urls.url("index"));
+			if(person.getAuthorized()) {
+				self.httpSession.setAttribute("externalPerson", person.getFirstName());
+				self.httpSession.setAttribute("externalUid", person.getEmail());
+				self.redirect(urls.url("index"));
+			}
+			else {
+				populateMessage(self, MessageCode.NOT_ACTIVATED);
+				Mailer.sendExternalAuthorizationMail(person);
+				self.render("external/message.jsp");
+			}
+
 		}
 		else {
 			self.httpRequest.setAttribute("errorMessage", "Username and/or password were incorrect.  Are you sure you've <a href=\"" + urls.url("external","register") + "\">registered?</a>");
 			self.render("external/login.jsp");
 		}
-
-
-
 	}
 
 	public void doException(Request self, ExternalServletException e) throws ServletException, IOException {

src/main/java/gov/nysenate/opendirectory/solr/SolrSession.java

@@ -36,7 +36,7 @@ public static void main(String[] args) throws SolrServerException, IOException {
 
 		Solr solr = new Solr().connect();
 		SolrSession session = solr.newSession(Person.getAdmin());
-
+		session.deleteByUid("williams@ny.gov");
 	}
 
 	public SolrSession(IPerson user, Solr solr) {

src/main/java/gov/nysenate/opendirectory/utils/Mailer.java

@@ -0,0 +1,86 @@
+package gov.nysenate.opendirectory.utils;
+
+import gov.nysenate.opendirectory.models.ExternalPerson;
+
+import java.util.Date;
+import java.util.Properties;
+import java.util.StringTokenizer;
+
+import javax.mail.Message;
+import javax.mail.PasswordAuthentication;
+import javax.mail.Session;
+import javax.mail.Transport;
+import javax.mail.internet.InternetAddress;
+import javax.mail.internet.MimeMessage;
+
+public class Mailer {
+	private static final String SMTP_HOST_NAME = Resource.get("hostname");
+
+	private static final String SMTP_PORT = Resource.get("port");
+
+	private static final String SMTP_ACCOUNT_USER = Resource.get("user");
+	private static final String SMTP_ACCOUNT_PASS = Resource.get("pass");
+
+	public static void sendMail(String to, String subject, String message, String from, String fromDisplay) throws Exception {
+		Properties props = new Properties();
+		props.put("mail.smtp.host", SMTP_HOST_NAME);
+		props.put("mail.smtp.auth", "true");
+		props.put("mail.debug", "true");
+		props.put("mail.smtp.port", SMTP_PORT);
+		props.put("mail.smtp.starttls.enable","false");
+		props.put("mail.smtp.socketFactory.port", SMTP_PORT);
+		props.put("mail.smtp.socketFactory.fallback", "false");
+		props.put("mail.smtp.ssl.enable","false");
+
+		Session session = Session.getDefaultInstance(props,	new javax.mail.Authenticator() {
+										protected PasswordAuthentication getPasswordAuthentication() {
+											return new PasswordAuthentication(SMTP_ACCOUNT_USER, SMTP_ACCOUNT_PASS);}});
+		session.setDebug(false);
+		Message msg = new MimeMessage(session);
+		InternetAddress addressFrom = new InternetAddress(from);
+		addressFrom.setPersonal(fromDisplay);
+		msg.setFrom(addressFrom);
+
+
+		StringTokenizer st = new StringTokenizer (to,",");
+
+		InternetAddress[] rcps = new InternetAddress[st.countTokens()];
+		int idx = 0;
+
+		while (st.hasMoreTokens())
+		{
+			InternetAddress addressTo = new InternetAddress(st.nextToken());
+			rcps[idx++] = addressTo;
+
+		}
+
+		msg.setRecipients(Message.RecipientType.TO,rcps);
+
+		msg.setSubject(subject);
+		msg.setContent(message, "text/html");
+		Transport.send(msg);
+	}
+
+	public static void sendExternalAuthorizationMail(ExternalPerson person) {
+		String authUrl = "http://directory.nysenate.gov/external/auth?email=" + person.getEmail() +
+		"&key=" + person.getAuthorizationHash();
+
+		String to = person.getEmail();
+		String subject = "Authorize your NYSS OpenDirectory account";
+		String message = "Hello " + person.getFirstName() + ", <br/><br/>" + 
+			"It appears that you signed up to view the NYSS OpenDirectory, " +
+			"in order to finalize this subscription you must click <a href\"" + authUrl + "\">here<a/> or open the following url: <br/><br/>" +
+			authUrl + "<br/><br/>" + 
+			"If you have any questions please <a href=\"http://www.nysenate.gov/contact\">contact us</a>.<br/><br/>";
+
+		String from = "OpenDirectory@nysenate.gov";
+		String fromDisplay = "NYSS OpenDirectory";
+
+		try {
+			sendMail(to, subject, message, from, fromDisplay);
+		} catch (Exception e) {
+			e.printStackTrace();
+		}
+	}
+
+}

src/main/java/gov/nysenate/opendirectory/utils/Request.java

@@ -61,6 +61,8 @@ public Request(BaseServlet servlet, HttpServletRequest request,HttpServletRespon
 		if(httpSession.getAttribute("frontPagePeople") == null) {
 			httpSession.setAttribute("frontPagePeople", new FrontPagePeople(this));
 		}
+
+		Resource.init(this.servlet);
 	}
 
 	public void render(String name) throws IOException, ServletException {