AuthService.java
package com.archiweb.service;
import com.archiweb.dto.RegisterRequest;
import com.archiweb.model.RefreshToken;
import com.archiweb.model.Role;
import com.archiweb.model.User;
import com.archiweb.repository.RefreshTokenRepository;
import com.archiweb.repository.RoleRepository;
import com.archiweb.repository.UserRepository;
import com.archiweb.security.JwtService;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import java.time.LocalDateTime;
import java.util.Set;
import java.util.UUID;
@Service
public class AuthService {
private final UserRepository userRepository;
private final RefreshTokenRepository refreshTokenRepository;
private final JwtService jwtService;
private final PasswordEncoder passwordEncoder;
private final EmailService emailService;
private final RoleRepository roleRepository;
public AuthService(UserRepository userRepository,
RefreshTokenRepository refreshTokenRepository,
JwtService jwtService,
PasswordEncoder passwordEncoder, EmailService emailService, RoleRepository roleRepository) {
this.userRepository = userRepository;
this.refreshTokenRepository = refreshTokenRepository;
this.jwtService = jwtService;
this.passwordEncoder = passwordEncoder;
this.emailService = emailService;
this.roleRepository = roleRepository;
}
// === LOGIN ===
public String login(String email, String password) {
User user = userRepository.findByEmail(email)
.orElseThrow(() -> new RuntimeException("Utilisateur non trouvé"));
if (!passwordEncoder.matches(password, user.getPassword())) {
throw new RuntimeException("Mot de passe incorrect");
}
return jwtService.generateToken(user);
}
// === REGISTER ===
public String register(RegisterRequest req) {
if (userRepository.findByEmail(req.getEmail()).isPresent()) {
throw new RuntimeException("Email déjà utilisé");
}
User user = new User();
user.setUsername(req.getUsername());
user.setEmail(req.getEmail());
user.setPassword(passwordEncoder.encode(req.getPassword()));
// 🔥 Attribuer le rôle par défaut
Role defaultRole = roleRepository.findByName("ROLE_USER")
.orElseThrow(() -> new RuntimeException("Role USER introuvable"));
user.setRole(defaultRole);
userRepository.save(user);
return "Inscription réussie";
}
// === REFRESH TOKEN ===
public RefreshToken createRefreshToken(User user) {
RefreshToken token = new RefreshToken();
token.setToken(UUID.randomUUID().toString());
token.setUser(user);
token.setExpiryDate(LocalDateTime.now().plusDays(7)); // 7 jours
return refreshTokenRepository.save(token);
}
public String refreshToken(String token) {
RefreshToken refreshToken = refreshTokenRepository.findByToken(token)
.orElseThrow(() -> new RuntimeException("Refresh token invalide"));
if (refreshToken.getExpiryDate().isBefore(LocalDateTime.now())) {
throw new RuntimeException("Refresh token expiré");
}
return jwtService.generateToken(refreshToken.getUser());
}
// === RESET PASSWORD ===
public String generateResetToken(String email) {
User user = userRepository.findByEmail(email)
.orElseThrow(() -> new RuntimeException("Utilisateur non trouvé"));
String token = UUID.randomUUID().toString();
user.setResetToken(token);
user.setResetTokenExpiry(LocalDateTime.now().plusMinutes(30));
userRepository.save(user);
// 🔥 Envoi email réel
emailService.sendResetPasswordEmail(user.getEmail(), token);
return token; // tu peux enlever ce return si tu ne veux plus le voir dans la réponse
}
public String resetPassword(String token, String newPassword) {
User user = userRepository.findByResetToken(token)
.orElseThrow(() -> new RuntimeException("Token invalide"));
if (user.getResetTokenExpiry() == null || user.getResetTokenExpiry().isBefore(LocalDateTime.now())) {
throw new RuntimeException("Token expiré");
}
user.setPassword(passwordEncoder.encode(newPassword));
user.setResetToken(null); // on supprime le token
user.setResetTokenExpiry(null);
userRepository.save(user);
return "Mot de passe réinitialisé avec succès";
}
}