Merge pull request #11955 from dashevchenko/activationLinkTokenFix

Refactored user activation token check
2 years ago · 192f903e6c
3 changed files with 14 additions and 10 deletions
--- a/application/src/main/java/org/thingsboard/server/service/entitiy/user/DefaultUserService.java
+++ b/application/src/main/java/org/thingsboard/server/service/entitiy/user/DefaultUserService.java
@ -35,8 +35,6 @@ import org.thingsboard.server.queue.util.TbCoreComponent;
 import org.thingsboard.server.service.entitiy.AbstractTbEntityService;
 import org.thingsboard.server.service.security.system.SystemSecurityService;

-import java.util.concurrent.TimeUnit;
-
@Service
@TbCoreComponent
@AllArgsConstructor
@ -90,16 +88,10 @@ public class DefaultUserService extends AbstractTbEntityService implements TbUse
    public UserActivationLink getActivationLink(TenantId tenantId, CustomerId customerId, UserId userId, HttpServletRequest request) throws ThingsboardException {
        UserCredentials userCredentials = userService.findUserCredentialsByUserId(tenantId, userId);
        if (!userCredentials.isEnabled() && userCredentials.getActivateToken() != null) {
-            long ttl = userCredentials.getActivationTokenTtl();
-            if (ttl < TimeUnit.MINUTES.toMillis(15)) { // renew link if less than 15 minutes before expiration
-                userCredentials = userService.generateUserActivationToken(userCredentials);
-                userCredentials = userService.saveUserCredentials(tenantId, userCredentials);
-                ttl = userCredentials.getActivationTokenTtl();
-                log.debug("[{}][{}] Regenerated expired user activation token", tenantId, userId);
-            }
+            userCredentials = userService.checkUserActivationToken(tenantId, userCredentials);
            String baseUrl = systemSecurityService.getBaseUrl(tenantId, customerId, request);
            String link = baseUrl + "/api/noauth/activate?activateToken=" + userCredentials.getActivateToken();
-            return new UserActivationLink(link, ttl);
+            return new UserActivationLink(link, userCredentials.getActivationTokenTtl());
        } else {
            throw new ThingsboardException("User is already activated!", ThingsboardErrorCode.BAD_REQUEST_PARAMS);
        }
--- a/common/dao-api/src/main/java/org/thingsboard/server/dao/user/UserService.java
+++ b/common/dao-api/src/main/java/org/thingsboard/server/dao/user/UserService.java
@ -63,6 +63,8 @@ public interface UserService extends EntityDaoService {

    UserCredentials generateUserActivationToken(UserCredentials userCredentials);

+    UserCredentials checkUserActivationToken(TenantId tenantId, UserCredentials userCredentials);
+
    UserCredentials replaceUserCredentials(TenantId tenantId, UserCredentials userCredentials);

    void deleteUser(TenantId tenantId, User user);
--- a/dao/src/main/java/org/thingsboard/server/dao/user/UserServiceImpl.java
+++ b/dao/src/main/java/org/thingsboard/server/dao/user/UserServiceImpl.java
@ -300,6 +300,16 @@ public class UserServiceImpl extends AbstractCachedEntityService<UserCacheKey, U
        return userCredentials;
    }

+    @Override
+    public UserCredentials checkUserActivationToken(TenantId tenantId, UserCredentials userCredentials) {
+        if (userCredentials.getActivationTokenTtl() < TimeUnit.MINUTES.toMillis(15)) { // renew link if less than 15 minutes before expiration
+            userCredentials = generateUserActivationToken(userCredentials);
+            userCredentials = saveUserCredentials(tenantId, userCredentials);
+            log.debug("[{}][{}] Regenerated expired user activation token", tenantId, userCredentials.getUserId());
+        }
+        return userCredentials;
+    }
+
    @Override
    public UserCredentials replaceUserCredentials(TenantId tenantId, UserCredentials userCredentials) {
        log.trace("Executing replaceUserCredentials [{}]", userCredentials);