src/main/java/com/commafeed/frontend/resource/UserREST.java

package com.commafeed.frontend.resource;

import io.dropwizard.auth.Auth;
import io.dropwizard.hibernate.UnitOfWork;

import java.util.Arrays;

import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status;

import lombok.AllArgsConstructor;

import org.apache.commons.lang.StringUtils;

import com.commafeed.CommaFeedApplication;
import com.commafeed.backend.dao.UserDAO;
import com.commafeed.backend.dao.UserRoleDAO;
import com.commafeed.backend.dao.UserSettingsDAO;
import com.commafeed.backend.model.User;
import com.commafeed.backend.model.UserRole;
import com.commafeed.backend.model.UserRole.Role;
import com.commafeed.backend.model.UserSettings;
import com.commafeed.backend.model.UserSettings.ReadingMode;
import com.commafeed.backend.model.UserSettings.ReadingOrder;
import com.commafeed.backend.model.UserSettings.ViewMode;
import com.commafeed.backend.service.PasswordEncryptionService;
import com.commafeed.backend.service.UserService;
import com.commafeed.frontend.model.Settings;
import com.commafeed.frontend.model.UserModel;
import com.commafeed.frontend.model.request.ProfileModificationRequest;
import com.commafeed.frontend.model.request.RegistrationRequest;
import com.google.common.base.Preconditions;
import com.wordnik.swagger.annotations.Api;
import com.wordnik.swagger.annotations.ApiOperation;
import com.wordnik.swagger.annotations.ApiParam;

@Path("/user")
@Api(value = "/user", description = "Operations about the user")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@AllArgsConstructor
public class UserREST {

	private final UserDAO userDAO;
	private final UserRoleDAO userRoleDAO;
	private final UserSettingsDAO userSettingsDAO;
	private final UserService userService;
	private final PasswordEncryptionService encryptionService;

	@Path("/settings")
	@GET
	@UnitOfWork
	@ApiOperation(value = "Retrieve user settings", notes = "Retrieve user settings", response = Settings.class)
	public Response getSettings(@Auth User user) {
		Settings s = new Settings();
		UserSettings settings = userSettingsDAO.findByUser(user);
		if (settings != null) {
			s.setReadingMode(settings.getReadingMode().name());
			s.setReadingOrder(settings.getReadingOrder().name());
			s.setViewMode(settings.getViewMode().name());
			s.setShowRead(settings.isShowRead());

			s.setEmail(settings.isEmail());
			s.setGmail(settings.isGmail());
			s.setFacebook(settings.isFacebook());
			s.setTwitter(settings.isTwitter());
			s.setGoogleplus(settings.isGoogleplus());
			s.setTumblr(settings.isTumblr());
			s.setPocket(settings.isPocket());
			s.setInstapaper(settings.isInstapaper());
			s.setBuffer(settings.isBuffer());
			s.setReadability(settings.isReadability());

			s.setScrollMarks(settings.isScrollMarks());
			s.setTheme(settings.getTheme());
			s.setCustomCss(settings.getCustomCss());
			s.setLanguage(settings.getLanguage());
			s.setScrollSpeed(settings.getScrollSpeed());
		} else {
			s.setReadingMode(ReadingMode.unread.name());
			s.setReadingOrder(ReadingOrder.desc.name());
			s.setViewMode(ViewMode.title.name());
			s.setShowRead(true);
			s.setTheme("default");

			s.setEmail(true);
			s.setGmail(true);
			s.setFacebook(true);
			s.setTwitter(true);
			s.setGoogleplus(true);
			s.setTumblr(true);
			s.setPocket(true);
			s.setInstapaper(true);
			s.setBuffer(true);
			s.setReadability(true);

			s.setScrollMarks(true);
			s.setLanguage("en");
			s.setScrollSpeed(400);
		}
		return Response.ok(s).build();
	}

	@Path("/settings")
	@POST
	@UnitOfWork
	@ApiOperation(value = "Save user settings", notes = "Save user settings")
	public Response saveSettings(@Auth User user, @ApiParam(required = true) Settings settings) {
		Preconditions.checkNotNull(settings);

		UserSettings s = userSettingsDAO.findByUser(user);
		if (s == null) {
			s = new UserSettings();
			s.setUser(user);
		}
		s.setReadingMode(ReadingMode.valueOf(settings.getReadingMode()));
		s.setReadingOrder(ReadingOrder.valueOf(settings.getReadingOrder()));
		s.setShowRead(settings.isShowRead());
		s.setViewMode(ViewMode.valueOf(settings.getViewMode()));
		s.setScrollMarks(settings.isScrollMarks());
		s.setTheme(settings.getTheme());
		s.setCustomCss(settings.getCustomCss());
		s.setLanguage(settings.getLanguage());
		s.setScrollSpeed(settings.getScrollSpeed());

		s.setEmail(settings.isEmail());
		s.setGmail(settings.isGmail());
		s.setFacebook(settings.isFacebook());
		s.setTwitter(settings.isTwitter());
		s.setGoogleplus(settings.isGoogleplus());
		s.setTumblr(settings.isTumblr());
		s.setPocket(settings.isPocket());
		s.setInstapaper(settings.isInstapaper());
		s.setBuffer(settings.isBuffer());
		s.setReadability(settings.isReadability());

		userSettingsDAO.saveOrUpdate(s);
		return Response.ok().build();

	}

	@Path("/profile")
	@GET
	@UnitOfWork
	@ApiOperation(value = "Retrieve user's profile", response = UserModel.class)
	public Response get(@Auth User user) {
		UserModel userModel = new UserModel();
		userModel.setId(user.getId());
		userModel.setName(user.getName());
		userModel.setEmail(user.getEmail());
		userModel.setEnabled(!user.isDisabled());
		userModel.setApiKey(user.getApiKey());
		for (UserRole role : userRoleDAO.findAll(user)) {
			if (role.getRole() == Role.ADMIN) {
				userModel.setAdmin(true);
			}
		}
		return Response.ok(userModel).build();
	}

	@Path("/profile")
	@POST
	@UnitOfWork
	@ApiOperation(value = "Save user's profile")
	public Response save(@Auth User user, @ApiParam(required = true) ProfileModificationRequest request) {
		Preconditions.checkArgument(StringUtils.isBlank(request.getPassword()) || request.getPassword().length() >= 6);
		if (StringUtils.isNotBlank(request.getEmail())) {
			User u = userDAO.findByEmail(request.getEmail());
			Preconditions.checkArgument(u == null || user.getId().equals(u.getId()));
		}

		if (CommaFeedApplication.USERNAME_DEMO.equals(user.getName())) {
			return Response.status(Status.FORBIDDEN).build();
		}

		user.setEmail(StringUtils.trimToNull(request.getEmail()));
		if (StringUtils.isNotBlank(request.getPassword())) {
			byte[] password = encryptionService.getEncryptedPassword(request.getPassword(), user.getSalt());
			user.setPassword(password);
			user.setApiKey(userService.generateApiKey(user));
		}
		if (request.isNewApiKey()) {
			user.setApiKey(userService.generateApiKey(user));
		}
		userDAO.merge(user);
		return Response.ok().build();
	}

	@Path("/register")
	@POST
	@UnitOfWork
	@ApiOperation(value = "Register a new account")
	public Response register(@ApiParam(required = true) RegistrationRequest req) {
		try {
			userService.register(req.getName(), req.getPassword(), req.getEmail(), Arrays.asList(Role.USER));
			return Response.ok().build();
		} catch (Exception e) {
			return Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();
		}

	}

	@Path("/profile/deleteAccount")
	@POST
	@UnitOfWork
	@ApiOperation(value = "Delete the user account")
	public Response delete(@Auth User user) {
		if (CommaFeedApplication.USERNAME_ADMIN.equals(user.getName()) || CommaFeedApplication.USERNAME_DEMO.equals(user.getName())) {
			return Response.status(Status.FORBIDDEN).build();
		}
		userService.unregister(user);
		return Response.ok().build();
	}
}
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`package com.commafeed.frontend.resource;`

			`import io.dropwizard.auth.Auth;`
			`import io.dropwizard.hibernate.UnitOfWork;`
handle session expiration 2013-03-23 19:46:09 +01:00
registration api (#303) 2013-06-18 12:31:09 +02:00			`import java.util.Arrays;`

removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`import javax.ws.rs.Consumes;`
handle session expiration 2013-03-23 19:46:09 +01:00			`import javax.ws.rs.GET;`
			`import javax.ws.rs.POST;`
			`import javax.ws.rs.Path;`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`import javax.ws.rs.Produces;`
			`import javax.ws.rs.core.MediaType;`
save settings on read mode change 2013-03-23 23:14:14 +01:00			`import javax.ws.rs.core.Response;`
			`import javax.ws.rs.core.Response.Status;`
handle session expiration 2013-03-23 19:46:09 +01:00
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`import lombok.AllArgsConstructor;`

fix for admin api 2013-04-18 12:50:44 +02:00			`import org.apache.commons.lang.StringUtils;`

removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`import com.commafeed.CommaFeedApplication;`
move injection points where they belong 2013-07-02 16:10:59 +02:00			`import com.commafeed.backend.dao.UserDAO;`
			`import com.commafeed.backend.dao.UserRoleDAO;`
			`import com.commafeed.backend.dao.UserSettingsDAO;`
fix for admin api 2013-04-18 12:50:44 +02:00			`import com.commafeed.backend.model.User;`
			`import com.commafeed.backend.model.UserRole;`
			`import com.commafeed.backend.model.UserRole.Role;`
create a demo user on startup and prevent any profile modification 2013-04-21 13:50:10 +02:00			`import com.commafeed.backend.model.UserSettings;`
handle session expiration 2013-03-23 19:46:09 +01:00			`import com.commafeed.backend.model.UserSettings.ReadingMode;`
allow ordering (fix #30) 2013-04-10 10:28:48 +02:00			`import com.commafeed.backend.model.UserSettings.ReadingOrder;`
initial expanded view support (#62) 2013-05-04 21:12:51 +02:00			`import com.commafeed.backend.model.UserSettings.ViewMode;`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`import com.commafeed.backend.service.PasswordEncryptionService;`
			`import com.commafeed.backend.service.UserService;`
handle session expiration 2013-03-23 19:46:09 +01:00			`import com.commafeed.frontend.model.Settings;`
fix for admin api 2013-04-18 12:50:44 +02:00			`import com.commafeed.frontend.model.UserModel;`
			`import com.commafeed.frontend.model.request.ProfileModificationRequest;`
registration api (#303) 2013-06-18 12:31:09 +02:00			`import com.commafeed.frontend.model.request.RegistrationRequest;`
ability to subscribe to a feed 2013-03-24 13:11:05 +01:00			`import com.google.common.base.Preconditions;`
more api doc 2013-04-17 07:50:25 +02:00			`import com.wordnik.swagger.annotations.Api;`
			`import com.wordnik.swagger.annotations.ApiOperation;`
			`import com.wordnik.swagger.annotations.ApiParam;`
handle session expiration 2013-03-23 19:46:09 +01:00
fix for admin api 2013-04-18 12:50:44 +02:00			`@Path("/user")`
			`@Api(value = "/user", description = "Operations about the user")`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`@Produces(MediaType.APPLICATION_JSON)`
			`@Consumes(MediaType.APPLICATION_JSON)`
			`@AllArgsConstructor`
			`public class UserREST {`
move injection points where they belong 2013-07-02 16:10:59 +02:00
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`private final UserDAO userDAO;`
			`private final UserRoleDAO userRoleDAO;`
			`private final UserSettingsDAO userSettingsDAO;`
			`private final UserService userService;`
			`private final PasswordEncryptionService encryptionService;`
use user setting if not under heavy load (#78) 2013-07-10 09:25:59 +02:00
fix for admin api 2013-04-18 12:50:44 +02:00			`@Path("/settings")`
handle session expiration 2013-03-23 19:46:09 +01:00			`@GET`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`@UnitOfWork`
			`@ApiOperation(value = "Retrieve user settings", notes = "Retrieve user settings", response = Settings.class)`
			`public Response getSettings(@Auth User user) {`
handle session expiration 2013-03-23 19:46:09 +01:00			`Settings s = new Settings();`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`UserSettings settings = userSettingsDAO.findByUser(user);`
save settings on read mode change 2013-03-23 23:14:14 +01:00			`if (settings != null) {`
optimization not needed anymore 2013-07-29 21:31:08 +02:00			`s.setReadingMode(settings.getReadingMode().name());`
allow ordering (fix #30) 2013-04-10 10:28:48 +02:00			`s.setReadingOrder(settings.getReadingOrder().name());`
initial expanded view support (#62) 2013-05-04 21:12:51 +02:00			`s.setViewMode(settings.getViewMode().name());`
user setting for showing or hiding 'empty' categories and feeds 2013-04-12 09:57:18 +02:00			`s.setShowRead(settings.isShowRead());`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00
individual settings for share buttons, and added tumblr (#582) 2014-04-16 12:29:53 +02:00			`s.setEmail(settings.isEmail());`
			`s.setGmail(settings.isGmail());`
			`s.setFacebook(settings.isFacebook());`
			`s.setTwitter(settings.isTwitter());`
			`s.setGoogleplus(settings.isGoogleplus());`
			`s.setTumblr(settings.isTumblr());`
			`s.setPocket(settings.isPocket());`
			`s.setInstapaper(settings.isInstapaper());`
			`s.setBuffer(settings.isBuffer());`
			`s.setReadability(settings.isReadability());`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00
wip: mark items as the user scrolls past them (#62) 2013-05-05 19:35:07 +02:00			`s.setScrollMarks(settings.isScrollMarks());`
initial theme implementation 2013-05-28 22:40:54 +02:00			`s.setTheme(settings.getTheme());`
settings page and custom css for users 2013-04-04 11:36:24 +02:00			`s.setCustomCss(settings.getCustomCss());`
store and use preferred language from user (#55) 2013-05-11 22:49:33 +02:00			`s.setLanguage(settings.getLanguage());`
customizable scrolling speed 2013-10-03 10:40:58 +02:00			`s.setScrollSpeed(settings.getScrollSpeed());`
save settings on read mode change 2013-03-23 23:14:14 +01:00			`} else {`
			`s.setReadingMode(ReadingMode.unread.name());`
allow ordering (fix #30) 2013-04-10 10:28:48 +02:00			`s.setReadingOrder(ReadingOrder.desc.name());`
initial expanded view support (#62) 2013-05-04 21:12:51 +02:00			`s.setViewMode(ViewMode.title.name());`
user setting for showing or hiding 'empty' categories and feeds 2013-04-12 09:57:18 +02:00			`s.setShowRead(true);`
initial theme implementation 2013-05-28 22:40:54 +02:00			`s.setTheme("default");`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00
individual settings for share buttons, and added tumblr (#582) 2014-04-16 12:29:53 +02:00			`s.setEmail(true);`
			`s.setGmail(true);`
			`s.setFacebook(true);`
			`s.setTwitter(true);`
			`s.setGoogleplus(true);`
			`s.setTumblr(true);`
			`s.setPocket(true);`
			`s.setInstapaper(true);`
			`s.setBuffer(true);`
			`s.setReadability(true);`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00
wip: mark items as the user scrolls past them (#62) 2013-05-05 19:35:07 +02:00			`s.setScrollMarks(true);`
store and use preferred language from user (#55) 2013-05-11 22:49:33 +02:00			`s.setLanguage("en");`
customizable scrolling speed 2013-10-03 10:40:58 +02:00			`s.setScrollSpeed(400);`
save settings on read mode change 2013-03-23 23:14:14 +01:00			`}`
return Response objects for all methods, including security interceptor. Removes stacktraces for unauthorized calls 2013-05-17 19:39:52 +02:00			`return Response.ok(s).build();`
handle session expiration 2013-03-23 19:46:09 +01:00			`}`

fix for admin api 2013-04-18 12:50:44 +02:00			`@Path("/settings")`
handle session expiration 2013-03-23 19:46:09 +01:00			`@POST`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`@UnitOfWork`
more api doc 2013-04-17 07:50:25 +02:00			`@ApiOperation(value = "Save user settings", notes = "Save user settings")`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`public Response saveSettings(@Auth User user, @ApiParam(required = true) Settings settings) {`
ability to subscribe to a feed 2013-03-24 13:11:05 +01:00			`Preconditions.checkNotNull(settings);`
allow ordering (fix #30) 2013-04-10 10:28:48 +02:00
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`UserSettings s = userSettingsDAO.findByUser(user);`
handle session expiration 2013-03-23 19:46:09 +01:00			`if (s == null) {`
			`s = new UserSettings();`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`s.setUser(user);`
handle session expiration 2013-03-23 19:46:09 +01:00			`}`
			`s.setReadingMode(ReadingMode.valueOf(settings.getReadingMode()));`
allow ordering (fix #30) 2013-04-10 10:28:48 +02:00			`s.setReadingOrder(ReadingOrder.valueOf(settings.getReadingOrder()));`
user setting for showing or hiding 'empty' categories and feeds 2013-04-12 09:57:18 +02:00			`s.setShowRead(settings.isShowRead());`
initial expanded view support (#62) 2013-05-04 21:12:51 +02:00			`s.setViewMode(ViewMode.valueOf(settings.getViewMode()));`
wip: mark items as the user scrolls past them (#62) 2013-05-05 19:35:07 +02:00			`s.setScrollMarks(settings.isScrollMarks());`
initial theme implementation 2013-05-28 22:40:54 +02:00			`s.setTheme(settings.getTheme());`
settings page and custom css for users 2013-04-04 11:36:24 +02:00			`s.setCustomCss(settings.getCustomCss());`
store and use preferred language from user (#55) 2013-05-11 22:49:33 +02:00			`s.setLanguage(settings.getLanguage());`
customizable scrolling speed 2013-10-03 10:40:58 +02:00			`s.setScrollSpeed(settings.getScrollSpeed());`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00
individual settings for share buttons, and added tumblr (#582) 2014-04-16 12:29:53 +02:00			`s.setEmail(settings.isEmail());`
			`s.setGmail(settings.isGmail());`
			`s.setFacebook(settings.isFacebook());`
			`s.setTwitter(settings.isTwitter());`
			`s.setGoogleplus(settings.isGoogleplus());`
			`s.setTumblr(settings.isTumblr());`
			`s.setPocket(settings.isPocket());`
			`s.setInstapaper(settings.isInstapaper());`
			`s.setBuffer(settings.isBuffer());`
			`s.setReadability(settings.isReadability());`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00
major classes refactoring 2013-04-11 20:49:08 +02:00			`userSettingsDAO.saveOrUpdate(s);`
fix reply message 2013-08-11 17:22:17 +02:00			`return Response.ok().build();`
handle session expiration 2013-03-23 19:46:09 +01:00
			`}`
create a demo user on startup and prevent any profile modification 2013-04-21 13:50:10 +02:00
fix for admin api 2013-04-18 12:50:44 +02:00			`@Path("/profile")`
			`@GET`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`@UnitOfWork`
			`@ApiOperation(value = "Retrieve user's profile", response = UserModel.class)`
			`public Response get(@Auth User user) {`
fix for admin api 2013-04-18 12:50:44 +02:00			`UserModel userModel = new UserModel();`
			`userModel.setId(user.getId());`
			`userModel.setName(user.getName());`
			`userModel.setEmail(user.getEmail());`
			`userModel.setEnabled(!user.isDisabled());`
added authentication via api key for some limited api methods (fix #64) 2013-05-01 21:56:59 +02:00			`userModel.setApiKey(user.getApiKey());`
fix for admin api 2013-04-18 12:50:44 +02:00			`for (UserRole role : userRoleDAO.findAll(user)) {`
			`if (role.getRole() == Role.ADMIN) {`
			`userModel.setAdmin(true);`
			`}`
			`}`
return Response objects for all methods, including security interceptor. Removes stacktraces for unauthorized calls 2013-05-17 19:39:52 +02:00			`return Response.ok(userModel).build();`
fix for admin api 2013-04-18 12:50:44 +02:00			`}`

			`@Path("/profile")`
			`@POST`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`@UnitOfWork`
fix for admin api 2013-04-18 12:50:44 +02:00			`@ApiOperation(value = "Save user's profile")`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`public Response save(@Auth User user, @ApiParam(required = true) ProfileModificationRequest request) {`
apply formatter 2013-07-25 09:17:33 +02:00			`Preconditions.checkArgument(StringUtils.isBlank(request.getPassword()) \|\| request.getPassword().length() >= 6);`
make sure emails are unique 2013-05-21 09:17:12 +02:00			`if (StringUtils.isNotBlank(request.getEmail())) {`
			`User u = userDAO.findByEmail(request.getEmail());`
apply formatter 2013-07-25 09:17:33 +02:00			`Preconditions.checkArgument(u == null \|\| user.getId().equals(u.getId()));`
make sure emails are unique 2013-05-21 09:17:12 +02:00			`}`

removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`if (CommaFeedApplication.USERNAME_DEMO.equals(user.getName())) {`
use forbidden instead of unauthorized 2013-06-24 16:37:11 +02:00			`return Response.status(Status.FORBIDDEN).build();`
create a demo user on startup and prevent any profile modification 2013-04-21 13:50:10 +02:00			`}`
added authentication via api key for some limited api methods (fix #64) 2013-05-01 21:56:59 +02:00
don't save email if it's empty 2013-05-23 14:35:16 +02:00			`user.setEmail(StringUtils.trimToNull(request.getEmail()));`
fix for admin api 2013-04-18 12:50:44 +02:00			`if (StringUtils.isNotBlank(request.getPassword())) {`
apply formatter 2013-07-25 09:17:33 +02:00			`byte[] password = encryptionService.getEncryptedPassword(request.getPassword(), user.getSalt());`
fix for admin api 2013-04-18 12:50:44 +02:00			`user.setPassword(password);`
recover password (wip) 2013-05-20 21:53:13 +02:00			`user.setApiKey(userService.generateApiKey(user));`
added authentication via api key for some limited api methods (fix #64) 2013-05-01 21:56:59 +02:00			`}`
			`if (request.isNewApiKey()) {`
recover password (wip) 2013-05-20 21:53:13 +02:00			`user.setApiKey(userService.generateApiKey(user));`
fix for admin api 2013-04-18 12:50:44 +02:00			`}`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`userDAO.merge(user);`
fix for admin api 2013-04-18 12:50:44 +02:00			`return Response.ok().build();`
			`}`
added authentication via api key for some limited api methods (fix #64) 2013-05-01 21:56:59 +02:00
registration api (#303) 2013-06-18 12:31:09 +02:00			`@Path("/register")`
			`@POST`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`@UnitOfWork`
registration api (#303) 2013-06-18 12:31:09 +02:00			`@ApiOperation(value = "Register a new account")`
			`public Response register(@ApiParam(required = true) RegistrationRequest req) {`
			`try {`
apply formatter 2013-07-25 09:17:33 +02:00			`userService.register(req.getName(), req.getPassword(), req.getEmail(), Arrays.asList(Role.USER));`
registration api (#303) 2013-06-18 12:31:09 +02:00			`return Response.ok().build();`
			`} catch (Exception e) {`
apply formatter 2013-07-25 09:17:33 +02:00			`return Response.status(Status.INTERNAL_SERVER_ERROR).entity(e.getMessage()).build();`
registration api (#303) 2013-06-18 12:31:09 +02:00			`}`

			`}`

allow users to permanently delete their account 2013-05-08 11:15:50 +02:00			`@Path("/profile/deleteAccount")`
			`@POST`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`@UnitOfWork`
allow users to permanently delete their account 2013-05-08 11:15:50 +02:00			`@ApiOperation(value = "Delete the user account")`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`public Response delete(@Auth User user) {`
			`if (CommaFeedApplication.USERNAME_ADMIN.equals(user.getName()) \|\| CommaFeedApplication.USERNAME_DEMO.equals(user.getName())) {`
use forbidden instead of unauthorized 2013-06-24 16:37:11 +02:00			`return Response.status(Status.FORBIDDEN).build();`
allow users to permanently delete their account 2013-05-08 11:15:50 +02:00			`}`
removed wicket and tomee, use dropwizard instead. remove wro4j, use gulp instead 2014-08-08 16:49:02 +02:00			`userService.unregister(user);`
allow users to permanently delete their account 2013-05-08 11:15:50 +02:00			`return Response.ok().build();`
			`}`
handle session expiration 2013-03-23 19:46:09 +01:00			`}`