AuthService.kt

package delta.codecharacter.server.auth

import delta.codecharacter.dtos.AuthStatusResponseDto
import delta.codecharacter.dtos.ForgotPasswordRequestDto
import delta.codecharacter.dtos.PasswordLoginRequestDto
import delta.codecharacter.dtos.PasswordLoginResponseDto
import delta.codecharacter.dtos.ResetPasswordRequestDto
import delta.codecharacter.server.auth.jwt.JwtService
import delta.codecharacter.server.auth.reset_password.ResetPasswordService
import delta.codecharacter.server.exception.CustomException
import delta.codecharacter.server.user.LoginType
import delta.codecharacter.server.user.UserEntity
import delta.codecharacter.server.user.UserService
import org.springframework.beans.factory.annotation.Autowired
import org.springframework.http.HttpStatus
import org.springframework.security.core.userdetails.UsernameNotFoundException
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
import org.springframework.stereotype.Service

@Service
class AuthService(
    @Autowired private val userService: UserService,
    @Autowired private val jwtService: JwtService,
    @Autowired private val resetPasswordService: ResetPasswordService,
    @Autowired private val passwordEncoder: BCryptPasswordEncoder,
) {
    fun passwordLogin(passwordLoginRequestDto: PasswordLoginRequestDto): PasswordLoginResponseDto {
        val email = passwordLoginRequestDto.email
        val password = passwordLoginRequestDto.password
        val user: UserEntity
        try {
            user = userService.loadUserByUsername(email)
        } catch (e: UsernameNotFoundException) {
            throw CustomException(HttpStatus.UNAUTHORIZED, "Invalid credentials")
        }
        if (user.loginType != LoginType.PASSWORD) {
            throw CustomException(HttpStatus.UNAUTHORIZED, "Invalid credentials")
        }
        if (passwordEncoder.matches(password, user.password)) {
            return PasswordLoginResponseDto(jwtService.generateToken(user))
        } else throw CustomException(HttpStatus.UNAUTHORIZED, "Invalid credentials")
    }

    fun forgotPassword(forgotPasswordRequestDto: ForgotPasswordRequestDto) {
        val email = forgotPasswordRequestDto.email
        if (!forgotPasswordRequestDto.recaptchaCode.isNullOrEmpty() &&
            !userService.verifyReCaptcha(forgotPasswordRequestDto.recaptchaCode!!)
        ) {
            throw CustomException(HttpStatus.BAD_REQUEST, "Invalid Recaptcha")
        }
        val user =
            userService.getUserByEmail(email).orElseThrow {
                throw CustomException(HttpStatus.BAD_REQUEST, "Invalid credentials")
            }
        if (user.loginType != LoginType.PASSWORD) {
            throw CustomException(HttpStatus.BAD_REQUEST, "User not registered with password")
        }
        resetPasswordService.sendResetPasswordEmail(user)
    }

    fun resetPassword(resetPasswordRequestDto: ResetPasswordRequestDto) {
        val (token, password, passwordConfirmation) = resetPasswordRequestDto
        if (password != passwordConfirmation) {
            throw CustomException(HttpStatus.BAD_REQUEST, "Password and Confirm Password does not match")
        }
        val userId = resetPasswordService.processResetPasswordTokenAndGetUserId(token)
        userService.updateUserPassword(userId, password)
    }

    fun oAuth2Login(email: String, loginType: LoginType): String {
        val user = userService.getUserByEmail(email)
        val userEntity: UserEntity
        if (user.isEmpty) {
            userEntity = userService.createUserWithOAuth(email, loginType)
        } else {
            userEntity = user.get()
            if (userEntity.loginType != loginType) {
                throw CustomException(HttpStatus.BAD_REQUEST, "Incorrect login provider")
            }
        }
        return jwtService.generateToken(userEntity)
    }

    fun getAuthStatus(user: UserEntity): AuthStatusResponseDto {
        val status: AuthStatusResponseDto.Status =
            if (!user.isProfileComplete) {
                AuthStatusResponseDto.Status.PROFILE_INCOMPLETE
            } else if (!user.isEnabled) {
                AuthStatusResponseDto.Status.ACTIVATION_PENDING
            } else {
                AuthStatusResponseDto.Status.AUTHENTICATED
            }
        return AuthStatusResponseDto(status)
    }
}