registration api (#303)

src/main/java/com/commafeed/backend/StartupBean.java

@@ -128,9 +128,15 @@ public class StartupBean {
 		settings.setAnnouncement("Set the Public URL in the admin section !");
 		applicationSettingsService.save(settings);
 
-		userService.register(USERNAME_ADMIN, "admin",
+		try {
-				Arrays.asList(Role.ADMIN, Role.USER));
+			userService.register(USERNAME_ADMIN, "admin",
-		userService.register(USERNAME_DEMO, "demo", Arrays.asList(Role.USER));
+					"admin@commafeed.com",
+					Arrays.asList(Role.ADMIN, Role.USER), true);
+			userService.register(USERNAME_DEMO, "demo", "demo@commafeed.com",
+					Arrays.asList(Role.USER), true);
+		} catch (Exception e) {
+			log.error(e.getMessage(), e);
+		}
 	}
 
 	public long getStartupTime() {

src/main/java/com/commafeed/backend/services/UserService.java

@@ -8,6 +8,7 @@ import javax.ejb.Stateless;
 import javax.inject.Inject;
 
 import org.apache.commons.codec.digest.DigestUtils;
+import org.apache.commons.lang.StringUtils;
 
 import com.commafeed.backend.dao.FeedCategoryDAO;
 import com.commafeed.backend.dao.FeedEntryStatusDAO;
@@ -36,6 +37,9 @@ public class UserService {
 	@Inject
 	PasswordEncryptionService encryptionService;
 
+	@Inject
+	ApplicationSettingsService applicationSettingsService;
+
 	public User login(String name, String password) {
 		if (name == null || password == null) {
 			return null;
@@ -55,18 +59,35 @@ public class UserService {
 		return null;
 	}
 
-	public User register(String name, String password, Collection<Role> roles) {
+	public User register(String name, String password, String email,
-		return register(name, password, null, roles);
+			Collection<Role> roles) {
+		return register(name, password, email, roles, false);
 	}
 
 	public User register(String name, String password, String email,
-			Collection<Role> roles) {
+			Collection<Role> roles, boolean forceRegistration) {
+
+		Preconditions.checkState(forceRegistration
+				|| applicationSettingsService.get().isAllowRegistrations(),
+				"Registrations are closed on this CommaFeed instance");
 		Preconditions.checkNotNull(name);
+		Preconditions.checkNotNull(email);
 		Preconditions.checkNotNull(password);
 
-		if (userDAO.findByName(name) != null) {
+		Preconditions.checkArgument(StringUtils.length(name) >= 3,
-			return null;
+				"Name too short (3 characters minimum)");
-		}
+		Preconditions.checkArgument(StringUtils.length(name) <= 32,
+				"Name too long (32 characters maximum)");
+		Preconditions.checkArgument(
+				forceRegistration || StringUtils.length(password) >= 6,
+				"Password too short (6 characters maximum)");
+		Preconditions.checkArgument(StringUtils.contains(email, "@"),
+				"Invalid email address");
+		Preconditions.checkArgument(userDAO.findByName(name) == null,
+				"Name already taken");
+		Preconditions.checkArgument(userDAO.findByEmail(email) == null,
+				"Email already taken");
+
 		User user = new User();
 		byte[] salt = encryptionService.generateSalt();
 		user.setName(name);

src/main/java/com/commafeed/frontend/model/request/RegistrationRequest.java

@@ -6,14 +6,22 @@ import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlRootElement;
 
+import com.wordnik.swagger.annotations.ApiProperty;
+
 @SuppressWarnings("serial")
 @XmlRootElement
 @XmlAccessorType(XmlAccessType.FIELD)
 public class RegistrationRequest implements Serializable {
 
+	@ApiProperty(value = "username, between 3 and 32 characters", required = true)
 	private String name;
+
+	@ApiProperty(value = "password, minimum 6 characters", required = true)
 	private String password;
+
+	@ApiProperty(value = "email address for password recovery", required = true)
 	private String email;
+
 	private boolean googleImport = true;
 
 	public String getName() {

src/main/java/com/commafeed/frontend/pages/components/RegisterPanel.java

@@ -54,7 +54,8 @@ public class RegisterPanel extends Panel {
 				if (applicationSettingsService.get().isAllowRegistrations()) {
 					RegistrationRequest req = getModelObject();
 					userService.register(req.getName(), req.getPassword(),
-							Arrays.asList(Role.USER));
+							req.getEmail(), Arrays.asList(Role.USER));
+
 					IAuthenticationStrategy strategy = getApplication()
 							.getSecuritySettings().getAuthenticationStrategy();
 					strategy.save(req.getName(), req.getPassword());
@@ -92,7 +93,8 @@ public class RegisterPanel extends Panel {
 						}));
 		form.add(new PasswordTextField("password", MF.m(model, p.getPassword()))
 				.setResetPassword(false).add(StringValidator.minimumLength(6)));
-		form.add(new RequiredTextField<String>("email", MF.m(model, p.getEmail())) {
+		form.add(new RequiredTextField<String>("email", MF.m(model,
+				p.getEmail())) {
 			@Override
 			protected String getInputType() {
 				return "email";

src/main/java/com/commafeed/frontend/rest/resources/AdminREST.java

@@ -52,7 +52,7 @@ public class AdminREST extends AbstractResourceREST {
 			}
 
 			User user = userService.register(userModel.getName(),
-					userModel.getPassword(), roles);
+					userModel.getPassword(), userModel.getEmail(), roles);
 			if (user == null) {
 				return Response.status(Status.CONFLICT)
 						.entity("User already exists.").build();

src/main/java/com/commafeed/frontend/rest/resources/UserREST.java

@@ -1,5 +1,7 @@
 package com.commafeed.frontend.rest.resources;
 
+import java.util.Arrays;
+
 import javax.ws.rs.GET;
 import javax.ws.rs.POST;
 import javax.ws.rs.Path;
@@ -19,6 +21,7 @@ import com.commafeed.backend.model.UserSettings.ViewMode;
 import com.commafeed.frontend.model.Settings;
 import com.commafeed.frontend.model.UserModel;
 import com.commafeed.frontend.model.request.ProfileModificationRequest;
+import com.commafeed.frontend.model.request.RegistrationRequest;
 import com.google.common.base.Preconditions;
 import com.wordnik.swagger.annotations.Api;
 import com.wordnik.swagger.annotations.ApiOperation;
@@ -138,6 +141,21 @@ public class UserREST extends AbstractResourceREST {
 		return Response.ok().build();
 	}
 
+	@Path("/register")
+	@POST
+	@ApiOperation(value = "Register a new account")
+	public Response register(@ApiParam(required = true) RegistrationRequest req) {
+		try {
+			userService.register(req.getName(), req.getPassword(),
+					req.getEmail(), Arrays.asList(Role.USER));
+			return Response.ok().build();
+		} catch (Exception e) {
+			return Response.status(Status.INTERNAL_SERVER_ERROR)
+					.entity(e.getMessage()).build();
+		}
+
+	}
+
 	@Path("/profile/deleteAccount")
 	@POST
 	@ApiOperation(value = "Delete the user account")