Class UserAuthController
java.lang.Object
it.univr.passportease.controller.user.UserAuthController
Controller for user authentication and registration. It handles the following GraphQL mutations:
- See Also:
-
Field Summary
FieldsModifier and TypeFieldDescriptionprivate final BucketLimiterBucket limiter.private RequestAnalyzerRequest analyzer.private final UserAuthServiceUser authentication service.private final UserWorkerMutationServiceUser worker mutation service. -
Constructor Summary
Constructors -
Method Summary
Modifier and TypeMethodDescriptionchangeEmail(String newEmail, String oldEmail) This mutation changes the email of the user.voidchangePassword(String oldPassword, String newPassword) This mutation changes the password of the user.This mutation logs in the user and returns the access token and the refresh token.voidlogout()This mutation invalidates the access token and the refresh token of the user, it is shared between users and workers.refreshAccessToken(String refreshToken) This mutation refreshes the access token and the refresh token of the user.registerUser(RegisterInput registerInput) This mutation registers the user and returns the access token and the refresh token.
-
Field Details
-
userAuthService
User authentication service. -
userWorkerMutationService
User worker mutation service. -
bucketLimiter
Bucket limiter. -
requestAnalyzer
Request analyzer.
-
-
Constructor Details
-
UserAuthController
public UserAuthController()
-
-
Method Details
-
loginUser
@MutationMapping public LoginOutput loginUser(@Argument("fiscalCode") String fiscalCode, @Argument("password") String password) throws UserNotFoundException, WrongPasswordException, RateLimitException This mutation logs in the user and returns the access token and the refresh token. By logging in, the user is also registered in the redis cache.- Parameters:
fiscalCode- user's fiscal codepassword- user's password- Returns:
LoginOutputcontaining the access token and the refresh token- Throws:
UserNotFoundException- if the user is not foundWrongPasswordException- if the password is wrongRateLimitException- if the user has exceeded the number of login attempts
-
logout
@MutationMapping public void logout() throws TokenNotInRedisException, RateLimitException, UserNotFoundException, AuthenticationCredentialsNotFoundExceptionThis mutation invalidates the access token and the refresh token of the user, it is shared between users and workers.- Throws:
TokenNotInRedisException- if the token is not in redisRateLimitException- if the user has exceeded the number of logout attemptsUserNotFoundException- if the user is not foundAuthenticationCredentialsNotFoundException- if the token is not in the request
-
registerUser
@MutationMapping public LoginOutput registerUser(@Argument("registerInput") RegisterInput registerInput) throws RateLimitException, UserNotFoundException, UserAlreadyExistsException This mutation registers the user and returns the access token and the refresh token. By registering, the user is also registered in the redis cache, and the user is logged in.- Parameters:
registerInput- user's data, seeRegisterInput- Returns:
LoginOutputcontaining the access token and the refresh token- Throws:
RateLimitException- if the user has exceeded the number of register attemptsUserNotFoundException- if the user is not foundUserAlreadyExistsException- if the user already exists
-
refreshAccessToken
@MutationMapping public JWTSet refreshAccessToken(@Argument("refreshToken") String refreshToken) throws AuthenticationCredentialsNotFoundException, UserNotFoundException, RateLimitException, InvalidRefreshTokenException, UserOrWorkerIDNotFoundException This mutation refreshes the access token and the refresh token of the user.- Parameters:
refreshToken- the refresh token- Returns:
JWTSetcontaining the new access token and the new refresh token- Throws:
AuthenticationCredentialsNotFoundException- if the token is not in the requestUserNotFoundException- if the user is not foundRateLimitException- if the user has exceeded the number of refresh attemptsInvalidRefreshTokenException- if the refresh token is invalidUserOrWorkerIDNotFoundException- if the user or the worker is not found
-
changePassword
@MutationMapping public void changePassword(@Argument("oldPassword") String oldPassword, @Argument("newPassword") String newPassword) throws UserNotFoundException, AuthenticationCredentialsNotFoundException, WrongPasswordException, RateLimitException This mutation changes the password of the user.- Parameters:
oldPassword- the old passwordnewPassword- the new password- Throws:
UserNotFoundException- if the user is not foundAuthenticationCredentialsNotFoundException- if the token is not in the requestWrongPasswordException- if the old password is wrongRateLimitException- if the user has exceeded the number of change password attempts
-
changeEmail
@MutationMapping public String changeEmail(@Argument("newEmail") String newEmail, @Argument("oldEmail") String oldEmail) throws UserNotFoundException, InvalidEmailException, RateLimitException, AuthenticationCredentialsNotFoundException This mutation changes the email of the user.- Parameters:
newEmail- the new emailoldEmail- the old email- Returns:
- the new email
- Throws:
UserNotFoundException- if the user is not foundInvalidEmailException- if the new email is invalidRateLimitException- if the user has exceeded the number of change email attemptsAuthenticationCredentialsNotFoundException- if the token is not in the request
-