From 681466f824a3fce0f2f609222092f36532862853 Mon Sep 17 00:00:00 2001 From: Saurav Mishra Date: Thu, 29 Jan 2026 12:43:20 +0530 Subject: [PATCH 1/5] FLW-713 Remove All File Upload Options --- .../dynamicForm/DynamicFormController.java | 4 +- .../common/data/dynamic_from/FormField.java | 8 + .../common/data/translation/Translation.java | 2 + .../common/data/users/UserServiceRole.java | 369 ++++++++++++++++++ .../dto/dynamicForm/FieldResponseDTO.java | 2 + .../dynamicForm/FormMasterService.java | 4 +- .../dynamicForm/FormMasterServiceImpl.java | 192 +++++---- .../service/users/UserServiceRoleRepo.java | 17 + 8 files changed, 517 insertions(+), 81 deletions(-) create mode 100644 src/main/java/com/iemr/common/data/users/UserServiceRole.java create mode 100644 src/main/java/com/iemr/common/service/users/UserServiceRoleRepo.java diff --git a/src/main/java/com/iemr/common/controller/dynamicForm/DynamicFormController.java b/src/main/java/com/iemr/common/controller/dynamicForm/DynamicFormController.java index 30a1bc3f..62bf7e7c 100644 --- a/src/main/java/com/iemr/common/controller/dynamicForm/DynamicFormController.java +++ b/src/main/java/com/iemr/common/controller/dynamicForm/DynamicFormController.java @@ -84,9 +84,9 @@ public ResponseEntity> deleteField(@PathVariable Long fieldId) { } @GetMapping(value = "form/{formId}/fields") - public ResponseEntity> getStructuredForm(@PathVariable String formId, @RequestParam(name = "lang", defaultValue = "en") String lang) { + public ResponseEntity> getStructuredForm(@PathVariable String formId, @RequestParam(name = "lang", defaultValue = "en") String lang,@RequestHeader(value = "jwttoken") String token) { try { - Object result = formMasterService.getStructuredFormByFormId(formId,lang); + Object result = formMasterService.getStructuredFormByFormId(formId,lang,token); return ResponseEntity.status(HttpStatus.OK) .body(ApiResponse.success("Form structure fetched successfully", HttpStatus.OK.value(), result)); } catch (Exception e) { diff --git a/src/main/java/com/iemr/common/data/dynamic_from/FormField.java b/src/main/java/com/iemr/common/data/dynamic_from/FormField.java index 39785ae9..1b195db9 100644 --- a/src/main/java/com/iemr/common/data/dynamic_from/FormField.java +++ b/src/main/java/com/iemr/common/data/dynamic_from/FormField.java @@ -53,7 +53,15 @@ public class FormField { @Column(name = "sequence") private Integer sequence; + @Column(name = "is_editable") + private Boolean isEditable; + + @Column(name = "state_code") + private Integer stateCode; + @Column(name = "created_at") private LocalDateTime createdAt = LocalDateTime.now(); + + } diff --git a/src/main/java/com/iemr/common/data/translation/Translation.java b/src/main/java/com/iemr/common/data/translation/Translation.java index 81a906fa..0dad116d 100644 --- a/src/main/java/com/iemr/common/data/translation/Translation.java +++ b/src/main/java/com/iemr/common/data/translation/Translation.java @@ -18,6 +18,8 @@ public class Translation { private String english; @Column(name = "hindi_translation") private String hindiTranslation; + @Column(name = "assamese_translation") + private String assameseTranslation; @Column(name = "is_active") private Boolean isActive; } diff --git a/src/main/java/com/iemr/common/data/users/UserServiceRole.java b/src/main/java/com/iemr/common/data/users/UserServiceRole.java new file mode 100644 index 00000000..27c044cf --- /dev/null +++ b/src/main/java/com/iemr/common/data/users/UserServiceRole.java @@ -0,0 +1,369 @@ +package com.iemr.common.data.users; + +import jakarta.persistence.*; +import java.util.Objects; + +@Entity +@Table(name = "v_userservicerolemapping", schema = "db_iemr") +public class UserServiceRole { + private Integer userId; + private int usrMappingId; + private String name; + private String userName; + private Short serviceId; + private String serviceName; + private Boolean isNational; + private Integer stateId; + private String stateName; + private Integer workingDistrictId; + private String workingDistrictName; + private Integer workingLocationId; + private Short serviceProviderId; + private String locationName; + private String workingLocationAddress; + private Integer roleId; + private String roleName; + private Integer providerServiceMapId; + private String agentId; + private Short psmStatusId; + private String psmStatus; + private Boolean userServciceRoleDeleted; + private Boolean userDeleted; + private Boolean serviceProviderDeleted; + private Boolean roleDeleted; + private Boolean providerServiceMappingDeleted; + private Boolean isInbound; + private Boolean isOutbound; + private Integer blockid; + private String blockname; + private String villageid; + private String villagename; + + @Basic + @Column(name = "UserID") + public Integer getUserId() { + return userId; + } + + public void setUserId(Integer userId) { + this.userId = userId; + } + + @Basic + @Column(name = "USRMappingID") + @Id + @GeneratedValue(strategy = GenerationType.IDENTITY) + public int getUsrMappingId() { + return usrMappingId; + } + + public void setUsrMappingId(int usrMappingId) { + this.usrMappingId = usrMappingId; + } + + @Basic + @Column(name = "Name") + public String getName() { + return name; + } + + public void setName(String name) { + this.name = name; + } + + @Basic + @Column(name = "UserName") + public String getUserName() { + return userName; + } + + public void setUserName(String userName) { + this.userName = userName; + } + + @Basic + @Column(name = "ServiceID") + public Short getServiceId() { + return serviceId; + } + + public void setServiceId(Short serviceId) { + this.serviceId = serviceId; + } + + @Basic + @Column(name = "ServiceName") + public String getServiceName() { + return serviceName; + } + + public void setServiceName(String serviceName) { + this.serviceName = serviceName; + } + + @Basic + @Column(name = "IsNational") + public Boolean getNational() { + return isNational; + } + + public void setNational(Boolean national) { + isNational = national; + } + + @Basic + @Column(name = "StateID") + public Integer getStateId() { + return stateId; + } + + public void setStateId(Integer stateId) { + this.stateId = stateId; + } + + @Basic + @Column(name = "StateName") + public String getStateName() { + return stateName; + } + + public void setStateName(String stateName) { + this.stateName = stateName; + } + + @Basic + @Column(name = "WorkingDistrictID") + public Integer getWorkingDistrictId() { + return workingDistrictId; + } + + public void setWorkingDistrictId(Integer workingDistrictId) { + this.workingDistrictId = workingDistrictId; + } + + @Basic + @Column(name = "WorkingDistrictName") + public String getWorkingDistrictName() { + return workingDistrictName; + } + + public void setWorkingDistrictName(String workingDistrictName) { + this.workingDistrictName = workingDistrictName; + } + + @Basic + @Column(name = "WorkingLocationID") + public Integer getWorkingLocationId() { + return workingLocationId; + } + + public void setWorkingLocationId(Integer workingLocationId) { + this.workingLocationId = workingLocationId; + } + + @Basic + @Column(name = "ServiceProviderID") + public Short getServiceProviderId() { + return serviceProviderId; + } + + public void setServiceProviderId(Short serviceProviderId) { + this.serviceProviderId = serviceProviderId; + } + + @Basic + @Column(name = "LocationName") + public String getLocationName() { + return locationName; + } + + public void setLocationName(String locationName) { + this.locationName = locationName; + } + + @Basic + @Column(name = "WorkingLocationAddress") + public String getWorkingLocationAddress() { + return workingLocationAddress; + } + + public void setWorkingLocationAddress(String workingLocationAddress) { + this.workingLocationAddress = workingLocationAddress; + } + + @Basic + @Column(name = "RoleID") + public Integer getRoleId() { + return roleId; + } + + public void setRoleId(Integer roleId) { + this.roleId = roleId; + } + + @Basic + @Column(name = "RoleName") + public String getRoleName() { + return roleName; + } + + public void setRoleName(String roleName) { + this.roleName = roleName; + } + + @Basic + @Column(name = "ProviderServiceMapID") + public Integer getProviderServiceMapId() { + return providerServiceMapId; + } + + public void setProviderServiceMapId(Integer providerServiceMapId) { + this.providerServiceMapId = providerServiceMapId; + } + + @Basic + @Column(name = "AgentID") + public String getAgentId() { + return agentId; + } + + public void setAgentId(String agentId) { + this.agentId = agentId; + } + + @Basic + @Column(name = "PSMStatusID") + public Short getPsmStatusId() { + return psmStatusId; + } + + public void setPsmStatusId(Short psmStatusId) { + this.psmStatusId = psmStatusId; + } + + @Basic + @Column(name = "PSMStatus") + public String getPsmStatus() { + return psmStatus; + } + + public void setPsmStatus(String psmStatus) { + this.psmStatus = psmStatus; + } + + @Basic + @Column(name = "UserServciceRoleDeleted") + public Boolean getUserServciceRoleDeleted() { + return userServciceRoleDeleted; + } + + public void setUserServciceRoleDeleted(Boolean userServciceRoleDeleted) { + this.userServciceRoleDeleted = userServciceRoleDeleted; + } + + @Basic + @Column(name = "UserDeleted") + public Boolean getUserDeleted() { + return userDeleted; + } + + public void setUserDeleted(Boolean userDeleted) { + this.userDeleted = userDeleted; + } + + @Basic + @Column(name = "ServiceProviderDeleted") + public Boolean getServiceProviderDeleted() { + return serviceProviderDeleted; + } + + public void setServiceProviderDeleted(Boolean serviceProviderDeleted) { + this.serviceProviderDeleted = serviceProviderDeleted; + } + + @Basic + @Column(name = "RoleDeleted") + public Boolean getRoleDeleted() { + return roleDeleted; + } + + public void setRoleDeleted(Boolean roleDeleted) { + this.roleDeleted = roleDeleted; + } + + @Basic + @Column(name = "ProviderServiceMappingDeleted") + public Boolean getProviderServiceMappingDeleted() { + return providerServiceMappingDeleted; + } + + public void setProviderServiceMappingDeleted(Boolean providerServiceMappingDeleted) { + this.providerServiceMappingDeleted = providerServiceMappingDeleted; + } + + @Basic + @Column(name = "isInbound") + public Boolean getInbound() { + return isInbound; + } + + public void setInbound(Boolean inbound) { + isInbound = inbound; + } + + @Basic + @Column(name = "isOutbound") + public Boolean getOutbound() { + return isOutbound; + } + + public void setOutbound(Boolean outbound) { + isOutbound = outbound; + } + + @Basic + @Column(name = "blockid") + public Integer getBlockid() { + return blockid; + } + + public void setBlockid(Integer blockid) { + this.blockid = blockid; + } + + @Basic + @Column(name = "blockname") + public String getBlockname() { + return blockname; + } + + public void setBlockname(String blockname) { + this.blockname = blockname; + } + + @Basic + @Column(name = "villageid") + public String getVillageid() { + return villageid; + } + + public void setVillageid(String villageid) { + this.villageid = villageid; + } + + @Basic + @Column(name = "villagename") + public String getVillagename() { + return villagename; + } + + public void setVillagename(String villagename) { + this.villagename = villagename; + } + + @Override + public int hashCode() { + return Objects.hash(userId, usrMappingId, name, userName, serviceId, serviceName, isNational, stateId, stateName, workingDistrictId, workingDistrictName, workingLocationId, serviceProviderId, locationName, workingLocationAddress, roleId, roleName, providerServiceMapId, agentId, psmStatusId, psmStatus, userServciceRoleDeleted, userDeleted, serviceProviderDeleted, roleDeleted, providerServiceMappingDeleted, isInbound, isOutbound, blockid, blockname, villageid, villagename); + } + +} diff --git a/src/main/java/com/iemr/common/dto/dynamicForm/FieldResponseDTO.java b/src/main/java/com/iemr/common/dto/dynamicForm/FieldResponseDTO.java index 3415d91a..e41f8e80 100644 --- a/src/main/java/com/iemr/common/dto/dynamicForm/FieldResponseDTO.java +++ b/src/main/java/com/iemr/common/dto/dynamicForm/FieldResponseDTO.java @@ -18,6 +18,8 @@ public class FieldResponseDTO { private String defaultValue; private String placeholder; private Integer sequence; + private Boolean isEditable; + private Integer stateCode; private List options; private Map validation; private Map conditional; diff --git a/src/main/java/com/iemr/common/service/dynamicForm/FormMasterService.java b/src/main/java/com/iemr/common/service/dynamicForm/FormMasterService.java index 6d22e59a..78b5520f 100644 --- a/src/main/java/com/iemr/common/service/dynamicForm/FormMasterService.java +++ b/src/main/java/com/iemr/common/service/dynamicForm/FormMasterService.java @@ -16,7 +16,9 @@ public interface FormMasterService { List createField(List dto); FormField updateField(FieldDTO dto); - FormResponseDTO getStructuredFormByFormId(String formId,String lang); + FormResponseDTO getStructuredFormByFormId(String formId,String lang,String token); + + void deleteField(Long fieldId); } diff --git a/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java b/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java index df019de7..ef78b863 100644 --- a/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java +++ b/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java @@ -7,23 +7,29 @@ import com.iemr.common.data.dynamic_from.FormField; import com.iemr.common.data.dynamic_from.FormModule; import com.iemr.common.data.translation.Translation; +import com.iemr.common.data.users.UserServiceRole; +import com.iemr.common.data.users.UserServiceRoleMapping; import com.iemr.common.dto.dynamicForm.*; import com.iemr.common.repository.dynamic_form.FieldRepository; import com.iemr.common.repository.dynamic_form.FormRepository; import com.iemr.common.repository.dynamic_form.ModuleRepository; import com.iemr.common.repository.translation.TranslationRepo; +import com.iemr.common.repository.users.UserRoleMappingRepository; +import com.iemr.common.service.users.UserServiceRoleRepo; +import com.iemr.common.utils.JwtUtil; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import com.fasterxml.jackson.core.type.TypeReference; -import java.util.ArrayList; -import java.util.Comparator; -import java.util.List; -import java.util.Map; +import javax.persistence.criteria.CriteriaBuilder; +import java.util.*; import java.util.stream.Collectors; @Service public class FormMasterServiceImpl implements FormMasterService { + final Logger logger = LoggerFactory.getLogger(this.getClass().getName()); @Autowired private ModuleRepository moduleRepo; @@ -33,6 +39,12 @@ public class FormMasterServiceImpl implements FormMasterService { @Autowired private TranslationRepo translationRepo; + @Autowired + private UserServiceRoleRepo userServiceRoleRepo; + + @Autowired + private JwtUtil jwtUtil; + @Override public FormModule createModule(ModuleDTO dto) { FormModule module = new FormModule(); @@ -103,96 +115,120 @@ public FormField updateField(FieldDTO dto) { } @Override - public FormResponseDTO getStructuredFormByFormId(String formId,String lang) { - FormDefinition form = formRepo.findByFormId(formId) - .orElseThrow(() -> new IllegalArgumentException("Invalid form ID")); + public FormResponseDTO getStructuredFormByFormId(String formId,String lang,String token) { + int stateId =0 ; + try { + if(!token.isEmpty()){ + List userServiceRole= userServiceRoleRepo.findByUserName(jwtUtil.getUsernameFromToken(token)); + if(userServiceRole!=null){ + stateId = userServiceRole.get(0).getStateId(); + logger.info("State:Id"+stateId); + } + } - List fields = fieldRepo.findByForm_FormIdOrderBySequenceAsc(formId); - ObjectMapper objectMapper = new ObjectMapper(); - List fieldDtos = fields.stream() - .map(field -> { - String labelKey = field.getFieldId(); // field label already contains label_key - Translation t = translationRepo.findByLabelKeyAndIsActive(labelKey, true) - .orElse(null); + FormDefinition form = formRepo.findByFormId(formId) + .orElseThrow(() -> new IllegalArgumentException("Invalid form ID")); - String translatedLabel = field.getLabel(); // fallback + List fields = fieldRepo.findByForm_FormIdOrderBySequenceAsc(formId); + ObjectMapper objectMapper = new ObjectMapper(); + + int finalStateId = stateId; + List fieldDtos = fields.stream().filter(formField -> (formField.getStateCode()==0 || formField.getStateCode().equals(finalStateId))) + .map(field -> { + String labelKey = field.getFieldId(); // field label already contains label_key + + Translation t = translationRepo.findByLabelKeyAndIsActive(labelKey, true) + .orElse(null); + + String translatedLabel = field.getLabel(); // fallback + + if (t != null) { + if ("hi".equalsIgnoreCase(lang)) { + translatedLabel = t.getHindiTranslation(); + } else if("as".equalsIgnoreCase(lang)){ + translatedLabel = t.getAssameseTranslation(); + }else if("en".equalsIgnoreCase(lang)){ + translatedLabel = t.getEnglish(); - if (t != null) { - if ("hi".equalsIgnoreCase(lang)) { - translatedLabel = t.getHindiTranslation(); - } else { - translatedLabel = t.getEnglish(); - } - } - - FieldResponseDTO dto = new FieldResponseDTO(); - dto.setId(field.getId()); - dto.setVisible(field.getIsVisible()); - dto.setFormId(field.getForm().getFormId()); - dto.setSectionTitle(field.getSectionTitle()); - dto.setFieldId(field.getFieldId()); - dto.setLabel(translatedLabel); - dto.setType(field.getType()); - dto.setIsRequired(field.getIsRequired()); - dto.setDefaultValue(field.getDefaultValue()); - dto.setPlaceholder(field.getPlaceholder()); - dto.setSequence(field.getSequence()); - - try { - // Handle options - if (field.getOptions() != null && !field.getOptions().isBlank()) { - JsonNode node = objectMapper.readTree(field.getOptions()); - List options = null; - if (node.isArray()) { - options = objectMapper.convertValue(node, new TypeReference<>() {}); - } else if (node.has("options")) { - options = objectMapper.convertValue(node.get("options"), new TypeReference<>() {}); } - dto.setOptions(options == null || options.isEmpty() ? null : options); - } else { - dto.setOptions(null); } - // Handle validation - if (field.getValidation() != null && !field.getValidation().isBlank()) { - Map validation = objectMapper.readValue(field.getValidation(), new TypeReference<>() {}); - dto.setValidation(validation.isEmpty() ? null : validation); - } else { - dto.setValidation(null); - } + FieldResponseDTO dto = new FieldResponseDTO(); + dto.setId(field.getId()); + dto.setIsEditable(field.getIsEditable()); + dto.setStateCode(field.getStateCode()); + dto.setVisible(field.getIsVisible()); + dto.setFormId(field.getForm().getFormId()); + dto.setSectionTitle(field.getSectionTitle()); + dto.setFieldId(field.getFieldId()); + dto.setLabel(translatedLabel); + dto.setType(field.getType()); + dto.setIsRequired(field.getIsRequired()); + dto.setDefaultValue(field.getDefaultValue()); + dto.setPlaceholder(field.getPlaceholder()); + dto.setSequence(field.getSequence()); + + try { + // Handle options + if (field.getOptions() != null && !field.getOptions().isBlank()) { + JsonNode node = objectMapper.readTree(field.getOptions()); + List options = null; + if (node.isArray()) { + options = objectMapper.convertValue(node, new TypeReference<>() {}); + } else if (node.has("options")) { + options = objectMapper.convertValue(node.get("options"), new TypeReference<>() {}); + } + dto.setOptions(options == null || options.isEmpty() ? null : options); + } else { + dto.setOptions(null); + } + + // Handle validation + if (field.getValidation() != null && !field.getValidation().isBlank()) { + Map validation = objectMapper.readValue(field.getValidation(), new TypeReference<>() {}); + dto.setValidation(validation.isEmpty() ? null : validation); + } else { + dto.setValidation(null); + } - // Handle conditional - if (field.getConditional() != null && !field.getConditional().isBlank()) { - Map conditional = objectMapper.readValue(field.getConditional(), new TypeReference<>() {}); - dto.setConditional(conditional.isEmpty() ? null : conditional); - } else { - dto.setConditional(null); + // Handle conditional + if (field.getConditional() != null && !field.getConditional().isBlank()) { + Map conditional = objectMapper.readValue(field.getConditional(), new TypeReference<>() {}); + dto.setConditional(conditional.isEmpty() ? null : conditional); + } else { + dto.setConditional(null); + } + } catch (Exception e) { + + System.err.println("JSON Parsing Error in field: " + field.getFieldId()); + throw new RuntimeException("Failed to parse JSON for field: " + field.getFieldId(), e); } - } catch (Exception e) { - System.err.println("JSON Parsing Error in field: " + field.getFieldId()); - throw new RuntimeException("Failed to parse JSON for field: " + field.getFieldId(), e); - } + return dto; + }) + .sorted(Comparator.comparing(FieldResponseDTO::getId)) + .collect(Collectors.toList()); - return dto; - }) - .sorted(Comparator.comparing(FieldResponseDTO::getId)) - .collect(Collectors.toList()); + GroupedFieldResponseDTO singleSection = new GroupedFieldResponseDTO(); + singleSection.setSectionTitle(singleSection.getSectionTitle()); // your custom section title + singleSection.setFields(fieldDtos); - GroupedFieldResponseDTO singleSection = new GroupedFieldResponseDTO(); - singleSection.setSectionTitle(singleSection.getSectionTitle()); // your custom section title - singleSection.setFields(fieldDtos); + FormResponseDTO response = new FormResponseDTO(); + response.setVersion(form.getVersion()); + response.setFormId(form.getFormId()); + response.setFormName(form.getFormName()); + response.setSections(List.of(singleSection)); + return response; + + }catch (Exception e){ + logger.error("Exception:"+e.getMessage()); + } - FormResponseDTO response = new FormResponseDTO(); - response.setVersion(form.getVersion()); - response.setFormId(form.getFormId()); - response.setFormName(form.getFormName()); - response.setSections(List.of(singleSection)); + return null; - return response; } diff --git a/src/main/java/com/iemr/common/service/users/UserServiceRoleRepo.java b/src/main/java/com/iemr/common/service/users/UserServiceRoleRepo.java new file mode 100644 index 00000000..c56eec21 --- /dev/null +++ b/src/main/java/com/iemr/common/service/users/UserServiceRoleRepo.java @@ -0,0 +1,17 @@ +package com.iemr.common.service.users; + +import com.iemr.common.data.users.UserServiceRole; +import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; +import org.springframework.stereotype.Repository; + +import java.util.List; + +@Repository +public interface UserServiceRoleRepo extends JpaRepository { + List findByUserName(String userName); + + + +} From f67dbc516d4da8a5cd7c569371528b7dc117777f Mon Sep 17 00:00:00 2001 From: Saurav Mishra Date: Thu, 29 Jan 2026 14:37:52 +0530 Subject: [PATCH 2/5] Fix UserServiceRoleRepo dependency issue and codeRabit comment --- .../users/UserServiceRoleRepo.java | 9 +-- .../dynamicForm/FormMasterService.java | 4 -- .../dynamicForm/FormMasterServiceImpl.java | 55 +++++++++---------- 3 files changed, 29 insertions(+), 39 deletions(-) rename src/main/java/com/iemr/common/{service => repository}/users/UserServiceRoleRepo.java (65%) diff --git a/src/main/java/com/iemr/common/service/users/UserServiceRoleRepo.java b/src/main/java/com/iemr/common/repository/users/UserServiceRoleRepo.java similarity index 65% rename from src/main/java/com/iemr/common/service/users/UserServiceRoleRepo.java rename to src/main/java/com/iemr/common/repository/users/UserServiceRoleRepo.java index c56eec21..cfb85d0a 100644 --- a/src/main/java/com/iemr/common/service/users/UserServiceRoleRepo.java +++ b/src/main/java/com/iemr/common/repository/users/UserServiceRoleRepo.java @@ -1,17 +1,12 @@ -package com.iemr.common.service.users; +package com.iemr.common.repository.users; import com.iemr.common.data.users.UserServiceRole; import org.springframework.data.jpa.repository.JpaRepository; -import org.springframework.data.jpa.repository.Query; -import org.springframework.data.repository.query.Param; import org.springframework.stereotype.Repository; import java.util.List; @Repository -public interface UserServiceRoleRepo extends JpaRepository { +public interface UserServiceRoleRepo extends JpaRepository { List findByUserName(String userName); - - - } diff --git a/src/main/java/com/iemr/common/service/dynamicForm/FormMasterService.java b/src/main/java/com/iemr/common/service/dynamicForm/FormMasterService.java index 78b5520f..e00663b7 100644 --- a/src/main/java/com/iemr/common/service/dynamicForm/FormMasterService.java +++ b/src/main/java/com/iemr/common/service/dynamicForm/FormMasterService.java @@ -15,10 +15,6 @@ public interface FormMasterService { FormDefinition createForm(FormDTO dto); List createField(List dto); FormField updateField(FieldDTO dto); - FormResponseDTO getStructuredFormByFormId(String formId,String lang,String token); - - - void deleteField(Long fieldId); } diff --git a/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java b/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java index ef78b863..cbea4773 100644 --- a/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java +++ b/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java @@ -1,6 +1,5 @@ package com.iemr.common.service.dynamicForm; -import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.JsonNode; import com.fasterxml.jackson.databind.ObjectMapper; import com.iemr.common.data.dynamic_from.FormDefinition; @@ -8,14 +7,12 @@ import com.iemr.common.data.dynamic_from.FormModule; import com.iemr.common.data.translation.Translation; import com.iemr.common.data.users.UserServiceRole; -import com.iemr.common.data.users.UserServiceRoleMapping; import com.iemr.common.dto.dynamicForm.*; import com.iemr.common.repository.dynamic_form.FieldRepository; import com.iemr.common.repository.dynamic_form.FormRepository; import com.iemr.common.repository.dynamic_form.ModuleRepository; import com.iemr.common.repository.translation.TranslationRepo; -import com.iemr.common.repository.users.UserRoleMappingRepository; -import com.iemr.common.service.users.UserServiceRoleRepo; +import com.iemr.common.repository.users.UserServiceRoleRepo; import com.iemr.common.utils.JwtUtil; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -23,7 +20,6 @@ import org.springframework.stereotype.Service; import com.fasterxml.jackson.core.type.TypeReference; -import javax.persistence.criteria.CriteriaBuilder; import java.util.*; import java.util.stream.Collectors; @@ -33,8 +29,10 @@ public class FormMasterServiceImpl implements FormMasterService { @Autowired private ModuleRepository moduleRepo; - @Autowired private FormRepository formRepo; - @Autowired private FieldRepository fieldRepo; + @Autowired + private FormRepository formRepo; + @Autowired + private FieldRepository fieldRepo; @Autowired private TranslationRepo translationRepo; @@ -97,7 +95,7 @@ public List createField(List dtoList) { public FormField updateField(FieldDTO dto) { FormField field = fieldRepo.findById(dto.getId()) .orElseThrow(() -> new IllegalArgumentException("Field not found: " + dto.getId())); - field.setId(dto.getId()); + field.setId(dto.getId()); field.setSectionTitle(dto.getSectionTitle()); field.setLabel(dto.getLabel()); field.setType(dto.getType()); @@ -115,19 +113,18 @@ public FormField updateField(FieldDTO dto) { } @Override - public FormResponseDTO getStructuredFormByFormId(String formId,String lang,String token) { - int stateId =0 ; + public FormResponseDTO getStructuredFormByFormId(String formId, String lang, String token) { + int stateId = 0; try { - if(!token.isEmpty()){ - List userServiceRole= userServiceRoleRepo.findByUserName(jwtUtil.getUsernameFromToken(token)); - if(userServiceRole!=null){ + if (!token.isEmpty()) { + List userServiceRole = userServiceRoleRepo.findByUserName(jwtUtil.getUsernameFromToken(token)); + if (userServiceRole != null) { stateId = userServiceRole.get(0).getStateId(); - logger.info("State:Id"+stateId); + logger.info("State:Id" + stateId); } } - FormDefinition form = formRepo.findByFormId(formId) .orElseThrow(() -> new IllegalArgumentException("Invalid form ID")); @@ -135,7 +132,7 @@ public FormResponseDTO getStructuredFormByFormId(String formId,String lang,Strin ObjectMapper objectMapper = new ObjectMapper(); int finalStateId = stateId; - List fieldDtos = fields.stream().filter(formField -> (formField.getStateCode()==0 || formField.getStateCode().equals(finalStateId))) + List fieldDtos = fields.stream().filter(formField -> (formField.getStateCode().equals(0) || formField.getStateCode().equals(finalStateId))) .map(field -> { String labelKey = field.getFieldId(); // field label already contains label_key @@ -147,9 +144,9 @@ public FormResponseDTO getStructuredFormByFormId(String formId,String lang,Strin if (t != null) { if ("hi".equalsIgnoreCase(lang)) { translatedLabel = t.getHindiTranslation(); - } else if("as".equalsIgnoreCase(lang)){ + } else if ("as".equalsIgnoreCase(lang)) { translatedLabel = t.getAssameseTranslation(); - }else if("en".equalsIgnoreCase(lang)){ + } else if ("en".equalsIgnoreCase(lang)) { translatedLabel = t.getEnglish(); } @@ -176,9 +173,11 @@ public FormResponseDTO getStructuredFormByFormId(String formId,String lang,Strin JsonNode node = objectMapper.readTree(field.getOptions()); List options = null; if (node.isArray()) { - options = objectMapper.convertValue(node, new TypeReference<>() {}); + options = objectMapper.convertValue(node, new TypeReference<>() { + }); } else if (node.has("options")) { - options = objectMapper.convertValue(node.get("options"), new TypeReference<>() {}); + options = objectMapper.convertValue(node.get("options"), new TypeReference<>() { + }); } dto.setOptions(options == null || options.isEmpty() ? null : options); } else { @@ -187,7 +186,8 @@ public FormResponseDTO getStructuredFormByFormId(String formId,String lang,Strin // Handle validation if (field.getValidation() != null && !field.getValidation().isBlank()) { - Map validation = objectMapper.readValue(field.getValidation(), new TypeReference<>() {}); + Map validation = objectMapper.readValue(field.getValidation(), new TypeReference<>() { + }); dto.setValidation(validation.isEmpty() ? null : validation); } else { dto.setValidation(null); @@ -195,7 +195,8 @@ public FormResponseDTO getStructuredFormByFormId(String formId,String lang,Strin // Handle conditional if (field.getConditional() != null && !field.getConditional().isBlank()) { - Map conditional = objectMapper.readValue(field.getConditional(), new TypeReference<>() {}); + Map conditional = objectMapper.readValue(field.getConditional(), new TypeReference<>() { + }); dto.setConditional(conditional.isEmpty() ? null : conditional); } else { dto.setConditional(null); @@ -213,9 +214,8 @@ public FormResponseDTO getStructuredFormByFormId(String formId,String lang,Strin GroupedFieldResponseDTO singleSection = new GroupedFieldResponseDTO(); - singleSection.setSectionTitle(singleSection.getSectionTitle()); // your custom section title singleSection.setFields(fieldDtos); - + singleSection.setSectionTitle(singleSection.getSectionTitle()); // your custom section title FormResponseDTO response = new FormResponseDTO(); response.setVersion(form.getVersion()); response.setFormId(form.getFormId()); @@ -223,12 +223,11 @@ public FormResponseDTO getStructuredFormByFormId(String formId,String lang,Strin response.setSections(List.of(singleSection)); return response; - }catch (Exception e){ - logger.error("Exception:"+e.getMessage()); + } catch (Exception e) { + logger.error("Exception while building form response", e); + throw new RuntimeException("Failed to build form structure"); } - return null; - } From 6aa6b37cc3a790f3f9c09bdb74051bb0a2a1a2df Mon Sep 17 00:00:00 2001 From: Saurav Mishra Date: Thu, 29 Jan 2026 16:30:39 +0530 Subject: [PATCH 3/5] fixed coderabit comment --- .../common/data/users/UserServiceRole.java | 7 +----- .../dynamicForm/FormMasterServiceImpl.java | 23 +++++++++++-------- 2 files changed, 14 insertions(+), 16 deletions(-) diff --git a/src/main/java/com/iemr/common/data/users/UserServiceRole.java b/src/main/java/com/iemr/common/data/users/UserServiceRole.java index 27c044cf..a6ab9c6d 100644 --- a/src/main/java/com/iemr/common/data/users/UserServiceRole.java +++ b/src/main/java/com/iemr/common/data/users/UserServiceRole.java @@ -7,7 +7,7 @@ @Table(name = "v_userservicerolemapping", schema = "db_iemr") public class UserServiceRole { private Integer userId; - private int usrMappingId; + private Integer usrMappingId; private String name; private String userName; private Short serviceId; @@ -361,9 +361,4 @@ public void setVillagename(String villagename) { this.villagename = villagename; } - @Override - public int hashCode() { - return Objects.hash(userId, usrMappingId, name, userName, serviceId, serviceName, isNational, stateId, stateName, workingDistrictId, workingDistrictName, workingLocationId, serviceProviderId, locationName, workingLocationAddress, roleId, roleName, providerServiceMapId, agentId, psmStatusId, psmStatus, userServciceRoleDeleted, userDeleted, serviceProviderDeleted, roleDeleted, providerServiceMappingDeleted, isInbound, isOutbound, blockid, blockname, villageid, villagename); - } - } diff --git a/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java b/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java index cbea4773..acbcb4e7 100644 --- a/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java +++ b/src/main/java/com/iemr/common/service/dynamicForm/FormMasterServiceImpl.java @@ -114,15 +114,16 @@ public FormField updateField(FieldDTO dto) { @Override public FormResponseDTO getStructuredFormByFormId(String formId, String lang, String token) { - int stateId = 0; + Integer stateId = 0; try { - if (!token.isEmpty()) { - List userServiceRole = userServiceRoleRepo.findByUserName(jwtUtil.getUsernameFromToken(token)); - if (userServiceRole != null) { - stateId = userServiceRole.get(0).getStateId(); - logger.info("State:Id" + stateId); - } - } + String username = jwtUtil.getUsernameFromToken(token); + + stateId = userServiceRoleRepo.findByUserName(username) + .stream() + .findFirst() + .map(UserServiceRole::getStateId) + .filter(Objects::nonNull) + .orElse(null); FormDefinition form = formRepo.findByFormId(formId) @@ -131,7 +132,7 @@ public FormResponseDTO getStructuredFormByFormId(String formId, String lang, Str List fields = fieldRepo.findByForm_FormIdOrderBySequenceAsc(formId); ObjectMapper objectMapper = new ObjectMapper(); - int finalStateId = stateId; + Integer finalStateId = stateId; List fieldDtos = fields.stream().filter(formField -> (formField.getStateCode().equals(0) || formField.getStateCode().equals(finalStateId))) .map(field -> { String labelKey = field.getFieldId(); // field label already contains label_key @@ -215,7 +216,9 @@ public FormResponseDTO getStructuredFormByFormId(String formId, String lang, Str GroupedFieldResponseDTO singleSection = new GroupedFieldResponseDTO(); singleSection.setFields(fieldDtos); - singleSection.setSectionTitle(singleSection.getSectionTitle()); // your custom section title + singleSection.setSectionTitle( + Objects.requireNonNullElse(singleSection.getSectionTitle(), "Section Title") + ); FormResponseDTO response = new FormResponseDTO(); response.setVersion(form.getVersion()); response.setFormId(form.getFormId()); From 45c693aec35e1bf4c0aa2df533761f87bd8048c1 Mon Sep 17 00:00:00 2001 From: Saurav Mishra Date: Thu, 29 Jan 2026 21:55:34 +0530 Subject: [PATCH 4/5] fix userMappingId issue --- src/main/java/com/iemr/common/data/users/UserServiceRole.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/main/java/com/iemr/common/data/users/UserServiceRole.java b/src/main/java/com/iemr/common/data/users/UserServiceRole.java index a6ab9c6d..935940d5 100644 --- a/src/main/java/com/iemr/common/data/users/UserServiceRole.java +++ b/src/main/java/com/iemr/common/data/users/UserServiceRole.java @@ -7,7 +7,7 @@ @Table(name = "v_userservicerolemapping", schema = "db_iemr") public class UserServiceRole { private Integer userId; - private Integer usrMappingId; + private int usrMappingId; private String name; private String userName; private Short serviceId; From ecf73fef7e55336039aff3738ee7119f281ec139 Mon Sep 17 00:00:00 2001 From: Saurav Mishra Date: Tue, 24 Feb 2026 18:07:28 +0530 Subject: [PATCH 5/5] Restrict user when account is locked --- .../controller/users/IEMRAdminController.java | 2093 +++++++++-------- 1 file changed, 1049 insertions(+), 1044 deletions(-) diff --git a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java index 554500f3..8cddaac7 100644 --- a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java +++ b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java @@ -1,24 +1,24 @@ /* -* AMRIT – Accessible Medical Records via Integrated Technology -* Integrated EHR (Electronic Health Records) Solution -* -* Copyright (C) "Piramal Swasthya Management and Research Institute" -* -* This file is part of AMRIT. -* -* This program is free software: you can redistribute it and/or modify -* it under the terms of the GNU General Public License as published by -* the Free Software Foundation, either version 3 of the License, or -* (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program. If not, see https://www.gnu.org/licenses/. -*/ + * AMRIT – Accessible Medical Records via Integrated Technology + * Integrated EHR (Electronic Health Records) Solution + * + * Copyright (C) "Piramal Swasthya Management and Research Institute" + * + * This file is part of AMRIT. + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation, either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see https://www.gnu.org/licenses/. + */ package com.iemr.common.controller.users; import java.util.*; @@ -77,42 +77,42 @@ @RequestMapping("/user") @RestController public class IEMRAdminController { - private final Logger logger = LoggerFactory.getLogger(this.getClass().getName()); - private InputMapper inputMapper = new InputMapper(); - -// @Value("${captcha.enable-captcha}") - private boolean enableCaptcha =false; - - @Autowired - private CaptchaValidationService captchaValidatorService; - private IEMRAdminUserService iemrAdminUserServiceImpl; - @Autowired - private JwtUtil jwtUtil; - @Autowired - private TokenDenylist tokenDenylist; - @Autowired - private CookieUtil cookieUtil; - @Autowired - private RedisTemplate redisTemplate; - - private AESUtil aesUtil; - - @Autowired - public void setAesUtil(AESUtil aesUtil) { - this.aesUtil = aesUtil; - } - - @Autowired - public void setIemrAdminUserService(IEMRAdminUserService iemrAdminUserService) { - this.iemrAdminUserServiceImpl = iemrAdminUserService; - } - - private SessionObject sessionObject; - - @Autowired - public void setSessionObject(SessionObject sessionObject) { - this.sessionObject = sessionObject; - } + private final Logger logger = LoggerFactory.getLogger(this.getClass().getName()); + private InputMapper inputMapper = new InputMapper(); + + // @Value("${captcha.enable-captcha}") + private boolean enableCaptcha = false; + + @Autowired + private CaptchaValidationService captchaValidatorService; + private IEMRAdminUserService iemrAdminUserServiceImpl; + @Autowired + private JwtUtil jwtUtil; + @Autowired + private TokenDenylist tokenDenylist; + @Autowired + private CookieUtil cookieUtil; + @Autowired + private RedisTemplate redisTemplate; + + private AESUtil aesUtil; + + @Autowired + public void setAesUtil(AESUtil aesUtil) { + this.aesUtil = aesUtil; + } + + @Autowired + public void setIemrAdminUserService(IEMRAdminUserService iemrAdminUserService) { + this.iemrAdminUserServiceImpl = iemrAdminUserService; + } + + private SessionObject sessionObject; + + @Autowired + public void setSessionObject(SessionObject sessionObject) { + this.sessionObject = sessionObject; + } @Autowired SecurePassword securePassword; @@ -232,301 +232,308 @@ public String userAuthenticate( responseObj = iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress, request.getRemoteHost()); - // Add tokens to response for mobile - if (isMobile && !mUser.isEmpty()) { - responseObj.put("jwtToken", jwtToken); - responseObj.put("refreshToken", refreshToken); - } - - response.setResponse(responseObj.toString()); - } catch (Exception e) { - logger.error("userAuthenticate failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("userAuthenticate response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "generating a auth token with the refreshToken.") - @RequestMapping(value = "/refreshToken", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) - public ResponseEntity refreshToken(@RequestBody Map request) { - String refreshToken = request.get("refreshToken"); - - try { - if (jwtUtil.validateToken(refreshToken) == null) { - logger.warn("Token validation failed: invalid token provided."); - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); - } - - Claims claims = jwtUtil.getAllClaimsFromToken(refreshToken); - - // Verify token type - if (!"refresh".equals(claims.get("token_type", String.class))) { - logger.warn("Token validation failed: incorrect token type in refresh request."); - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); - - } - - // Check revocation using JTI - String jti = claims.getId(); - if (!redisTemplate.hasKey("refresh:" + jti)) { - logger.warn("Token validation failed: refresh token is revoked or not found in store."); - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); - } - - // Get user details - // Get user details - String userId = claims.get("userId", String.class); - User user = iemrAdminUserServiceImpl.getUserById(Long.parseLong(userId)); - - // Validate that the user still exists and is active - if (user == null) { - logger.warn("Token validation failed: user not found for userId in token."); - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); - } - - if (user.getM_status() == null || !("Active".equalsIgnoreCase(user.getM_status().getStatus()) - || "New".equalsIgnoreCase(user.getM_status().getStatus()))) { - logger.warn("Token validation failed: user account is neither 'Active' nor 'New'."); - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); - } - // Generate new tokens - String newJwt = jwtUtil.generateToken(user.getUserName(), userId); - - Map tokens = new HashMap<>(); - tokens.put("jwtToken", newJwt); - - // Generate and store a new refresh token (token rotation) - String newRefreshToken = jwtUtil.generateRefreshToken(user.getUserName(), userId); - String newJti = jwtUtil.getJtiFromToken(newRefreshToken); - redisTemplate.opsForValue().set( - "refresh:" + newJti, - userId, - jwtUtil.getRefreshTokenExpiration(), - TimeUnit.MILLISECONDS - ); - tokens.put("refreshToken", newRefreshToken); - - return ResponseEntity.ok(tokens); - } catch (ExpiredJwtException ex) { - logger.warn("Token validation failed: token has expired."); - return ResponseEntity.status(HttpStatus.UNAUTHORIZED) - .body("Authentication failed. Please log in again."); - } catch (Exception e) { - logger.error("Refresh failed: ", e); - logger.error("Token refresh failed due to unexpected server error."); - return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR) - .body("An unexpected error occurred. Please try again later."); - } - } - - @Operation(summary = "Log out user from concurrent session") - @RequestMapping(value = "/logOutUserFromConcurrentSession", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) - public String logOutUserFromConcurrentSession( - @Param(value = "\"{\\\"userName\\\":\\\"String\\\"}\"") @RequestBody LoginRequestModel m_User, - HttpServletRequest request) { - OutputResponse response = new OutputResponse(); - logger.info("logOutUserFromConcurrentSession request - " + m_User); - try { - if (m_User != null && m_User.getUserName() != null) { - List mUsers = iemrAdminUserServiceImpl.userExitsCheck(m_User.getUserName()); - - if (mUsers == null || mUsers.size() <= 0) { - logger.error("User not found"); - throw new IEMRException("Logout request failed, please try again later"); - } else if (mUsers.size() > 1) { - logger.error("More than 1 user found"); - throw new IEMRException("Logout failed. Please retry or contact administrator"); - } else if (mUsers.size() == 1) { - String previousTokenFromRedis = sessionObject - .getSessionObject((mUsers.get(0).getUserName().toString().trim().toLowerCase())); - if (previousTokenFromRedis != null) { - deleteSessionObjectByGettingSessionDetails(previousTokenFromRedis); - sessionObject.deleteSessionObject(previousTokenFromRedis); - response.setResponse("User successfully logged out"); - } else{ - logger.error("Unable to fetch session from redis"); - throw new IEMRException("Session error. Please try again later"); - } - } - } else { - throw new IEMRException("Invalid request object"); - } - - } catch (Exception e) { - logger.error("logOutUserFromConcurrentSession failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("logOutUserFromConcurrentSession response " + response.toString()); - return response.toString(); - } - - /** - * - * function to return session object against userName - */ - private String getConcurrentCheckSessionObjectAgainstUser(String userName) { - String response = null; - try { - response = sessionObject.getSessionObject(userName); - } catch (Exception e) { - logger.error(e.getMessage()); - } - return response; - } - - private void createUserMapping(User mUser, JSONObject resMap, JSONObject serviceRoleMultiMap, - JSONObject serviceRoleMap, JSONArray serviceRoleList, JSONObject previlegeObj) { - System.out.println(mUser); - String fName = mUser.getFirstName(); - String lName = mUser.getLastName(); - String mName = mUser.getMiddleName(); - String uName = (fName == null ? "" : fName) + " " + (mName == null ? "" : mName) + " " - + (lName == null ? "" : lName); - resMap.put("userID", mUser.getUserID()); - resMap.put("isAuthenticated", /* Boolean.valueOf(true) */true); - resMap.put("userName", mUser.getUserName()); - resMap.put("fullName", uName); - resMap.put("Status", mUser.getM_status().getStatus()); - resMap.put("agentID", mUser.getAgentID()); - resMap.put("agentPassword", mUser.getAgentPassword()); - resMap.put("m_UserLangMappings", new JSONArray(mUser.getM_UserLangMappings().toString())); - resMap.put("designationID", mUser.getDesignationID()); - resMap.put("dhistoken",mUser.getDhistoken()); - if (mUser.getDesignation() != null) { - resMap.put("designation", new JSONObject(mUser.getDesignation().toString())); - } - if (null != mUser.getM_UserServiceRoleMapping()) { - for (UserServiceRoleMapping m_UserServiceRoleMapping : mUser.getM_UserServiceRoleMapping()) { - serviceRoleMultiMap.put( - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster().getServiceName(), - m_UserServiceRoleMapping.getM_Role().getRoleName()); - String serv = m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster() - .getServiceName(); - if (!previlegeObj.has(serv)) { - previlegeObj.put(serv, new JSONObject( - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster().toString())); - previlegeObj.getJSONObject(serv).put("serviceName", serv); - previlegeObj.getJSONObject(serv).put("serviceID", - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getProviderServiceMapID()); - previlegeObj.getJSONObject(serv).put("providerServiceMapID", - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getProviderServiceMapID()); - previlegeObj.getJSONObject(serv).put("apimanClientKey", - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getAPIMANClientKey()); - previlegeObj.getJSONObject(serv).put("roles", new JSONArray()); - previlegeObj.getJSONObject(serv).put("stateID", - m_UserServiceRoleMapping.getM_ProviderServiceMapping().getStateID()); - previlegeObj.getJSONObject(serv).put("agentID", m_UserServiceRoleMapping.getAgentID()); - previlegeObj.getJSONObject(serv).put("agentPassword", m_UserServiceRoleMapping.getAgentPassword()); - } - JSONArray roles = previlegeObj.getJSONObject(serv).getJSONArray("roles"); - // roles.put(new JSONObject(m_UserServiceRoleMapping.getM_Role().toString())); - JSONObject roleObject = new JSONObject(m_UserServiceRoleMapping.getM_Role().toString()); - roleObject.put("teleConsultation", m_UserServiceRoleMapping.getTeleConsultation()); - roles.put(roleObject); - } - } - Iterator keySet = serviceRoleMultiMap.keys(); - while (keySet.hasNext()) { - String s = keySet.next(); - serviceRoleMap.put("Service", s); - serviceRoleMap.put("Role", serviceRoleMultiMap.get(s)); - serviceRoleList.put(serviceRoleMap); - } - resMap.put("Previlege", serviceRoleList); - } - - @RequestMapping(value = "/superUserAuthenticate", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) - public String superUserAuthenticate( - @Param(value = "\"{\\\"userName\\\":\\\"String\\\",\\\"doLogout\\\":\\\"Boolean\\\"}\"") @RequestBody LoginRequestModel m_User, - HttpServletRequest request,HttpServletResponse httpResponse) { - OutputResponse response = new OutputResponse(); - logger.info("userAuthenticate request "); - try { - - if (!m_User.getUserName().equalsIgnoreCase("SuperAdmin")) { - throw new IEMRException("Please log with admin credentials"); - } - String decryptPassword = aesUtil.decrypt("Piramal12Piramal", m_User.getPassword()); - User mUser = iemrAdminUserServiceImpl.superUserAuthenticate(m_User.getUserName(), decryptPassword); - JSONObject resMap = new JSONObject(); - JSONObject previlegeObj = new JSONObject(); - String jwtToken = null; - String refreshToken = null; - boolean isMobile = false; - if (m_User.getUserName() != null && (m_User.getDoLogout() == null || m_User.getDoLogout() == false)) { - String tokenFromRedis = getConcurrentCheckSessionObjectAgainstUser( - m_User.getUserName().trim().toLowerCase()); - if (tokenFromRedis != null) { - throw new IEMRException( - "You are already logged in,please confirm to logout from other device and login again"); - } - } else if (m_User.getUserName() != null && m_User.getDoLogout() != null && m_User.getDoLogout() == true) { - deleteSessionObject(m_User.getUserName().trim().toLowerCase()); - } - if (mUser != null) { - resMap.put("userID", mUser.getUserID()); - resMap.put("isAuthenticated", /* Boolean.valueOf(true) */true); - resMap.put("userName", mUser.getUserName()); - jwtToken = jwtUtil.generateToken(m_User.getUserName(), mUser.getUserID().toString()); - - User user = new User(); // Assuming the Users class exists - user.setUserID(mUser.getUserID()); - user.setUserName(mUser.getUserName()); - - String userAgent = request.getHeader("User-Agent"); - isMobile = UserAgentUtil.isMobileDevice(userAgent); - logger.info("UserAgentUtil isMobile : " + isMobile); - - if (isMobile) { - refreshToken = jwtUtil.generateRefreshToken(m_User.getUserName(), user.getUserID().toString()); - logger.debug("Refresh token generated successfully for user: {}", user.getUserName()); - String jti = jwtUtil.getJtiFromToken(refreshToken); - redisTemplate.opsForValue().set( - "refresh:" + jti, - user.getUserID().toString(), - jwtUtil.getRefreshTokenExpiration(), - TimeUnit.MILLISECONDS - ); - } else { - cookieUtil.addJwtTokenToCookie(jwtToken, httpResponse, request); - } - - String redisKey = "user_" + mUser.getUserID(); // Use user ID to create a unique key - - // Store the user in Redis (set a TTL of 30 minutes) - redisTemplate.opsForValue().set(redisKey, user, 30, TimeUnit.MINUTES); - - } else { - resMap.put("isAuthenticated", /* Boolean.valueOf(false) */false); - } - JSONObject responseObj = new JSONObject(resMap.toString()); - JSONArray previlageObjs = new JSONArray(); - Iterator services = previlegeObj.keys(); - while (services.hasNext()) { - String service = (String) services.next(); - previlageObjs.put(previlegeObj.getJSONObject(service)); - } - responseObj.put("previlegeObj", previlageObjs); - - String remoteAddress = request.getHeader("X-FORWARDED-FOR"); - if (remoteAddress == null || remoteAddress.trim().length() == 0) { - remoteAddress = request.getRemoteAddr(); - } - if (isMobile && null != mUser) { - responseObj.put("jwtToken", jwtToken); - responseObj.put("refreshToken", refreshToken); - } - responseObj = iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress, - request.getRemoteHost()); - response.setResponse(responseObj.toString()); - } catch (Exception e) { - logger.error("userAuthenticate failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("userAuthenticate response " + response.toString()); - return response.toString(); - } + // Add tokens to response for mobile + if (isMobile && !mUser.isEmpty()) { + responseObj.put("jwtToken", jwtToken); + responseObj.put("refreshToken", refreshToken); + } + + response.setResponse(responseObj.toString()); + } catch (Exception e) { + logger.error("userAuthenticate failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("userAuthenticate response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "generating a auth token with the refreshToken.") + @RequestMapping(value = "/refreshToken", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) + public ResponseEntity refreshToken(@RequestBody Map request) { + String refreshToken = request.get("refreshToken"); + + try { + if (jwtUtil.validateToken(refreshToken) == null) { + logger.warn("Token validation failed: invalid token provided."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); + } + + Claims claims = jwtUtil.getAllClaimsFromToken(refreshToken); + + // Verify token type + if (!"refresh".equals(claims.get("token_type", String.class))) { + logger.warn("Token validation failed: incorrect token type in refresh request."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); + + } + + // Check revocation using JTI + String jti = claims.getId(); + if (!redisTemplate.hasKey("refresh:" + jti)) { + logger.warn("Token validation failed: refresh token is revoked or not found in store."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); + } + + // Get user details + // Get user details + String userId = claims.get("userId", String.class); + User user = iemrAdminUserServiceImpl.getUserById(Long.parseLong(userId)); + + // Validate that the user still exists and is active + if (user == null) { + logger.warn("Token validation failed: user not found for userId in token."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); + } + if(user.getDeleted()){ + logger.warn("Your account is locked or de-activated. Please contact administrator"); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Your account is locked or de-activated. Please contact administrator."); + } + if(user.getStatusID()>2){ + logger.warn("Your account is not active. Please contact administrator"); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Your account is not active. Please contact administrator."); + } + + if (user.getM_status() == null || !("Active".equalsIgnoreCase(user.getM_status().getStatus()) + || "New".equalsIgnoreCase(user.getM_status().getStatus()))) { + logger.warn("Token validation failed: user account is neither 'Active' nor 'New'."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); + } + // Generate new tokens + String newJwt = jwtUtil.generateToken(user.getUserName(), userId); + + Map tokens = new HashMap<>(); + tokens.put("jwtToken", newJwt); + + // Generate and store a new refresh token (token rotation) + String newRefreshToken = jwtUtil.generateRefreshToken(user.getUserName(), userId); + String newJti = jwtUtil.getJtiFromToken(newRefreshToken); + redisTemplate.opsForValue().set( + "refresh:" + newJti, + userId, + jwtUtil.getRefreshTokenExpiration(), + TimeUnit.MILLISECONDS + ); + tokens.put("refreshToken", newRefreshToken); + + return ResponseEntity.ok(tokens); + } catch (ExpiredJwtException ex) { + logger.warn("Token validation failed: token has expired."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED) + .body("Authentication failed. Please log in again."); + } catch (Exception e) { + logger.error("Refresh failed: ", e); + logger.error("Token refresh failed due to unexpected server error."); + return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR) + .body("An unexpected error occurred. Please try again later."); + } + } + + @Operation(summary = "Log out user from concurrent session") + @RequestMapping(value = "/logOutUserFromConcurrentSession", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) + public String logOutUserFromConcurrentSession( + @Param(value = "\"{\\\"userName\\\":\\\"String\\\"}\"") @RequestBody LoginRequestModel m_User, + HttpServletRequest request) { + OutputResponse response = new OutputResponse(); + logger.info("logOutUserFromConcurrentSession request - " + m_User); + try { + if (m_User != null && m_User.getUserName() != null) { + List mUsers = iemrAdminUserServiceImpl.userExitsCheck(m_User.getUserName()); + + if (mUsers == null || mUsers.size() <= 0) { + logger.error("User not found"); + throw new IEMRException("Logout request failed, please try again later"); + } else if (mUsers.size() > 1) { + logger.error("More than 1 user found"); + throw new IEMRException("Logout failed. Please retry or contact administrator"); + } else if (mUsers.size() == 1) { + String previousTokenFromRedis = sessionObject + .getSessionObject((mUsers.get(0).getUserName().toString().trim().toLowerCase())); + if (previousTokenFromRedis != null) { + deleteSessionObjectByGettingSessionDetails(previousTokenFromRedis); + sessionObject.deleteSessionObject(previousTokenFromRedis); + response.setResponse("User successfully logged out"); + } else { + logger.error("Unable to fetch session from redis"); + throw new IEMRException("Session error. Please try again later"); + } + } + } else { + throw new IEMRException("Invalid request object"); + } + + } catch (Exception e) { + logger.error("logOutUserFromConcurrentSession failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("logOutUserFromConcurrentSession response " + response.toString()); + return response.toString(); + } + + /** + * function to return session object against userName + */ + private String getConcurrentCheckSessionObjectAgainstUser(String userName) { + String response = null; + try { + response = sessionObject.getSessionObject(userName); + } catch (Exception e) { + logger.error(e.getMessage()); + } + return response; + } + + private void createUserMapping(User mUser, JSONObject resMap, JSONObject serviceRoleMultiMap, + JSONObject serviceRoleMap, JSONArray serviceRoleList, JSONObject previlegeObj) { + System.out.println(mUser); + String fName = mUser.getFirstName(); + String lName = mUser.getLastName(); + String mName = mUser.getMiddleName(); + String uName = (fName == null ? "" : fName) + " " + (mName == null ? "" : mName) + " " + + (lName == null ? "" : lName); + resMap.put("userID", mUser.getUserID()); + resMap.put("isAuthenticated", /* Boolean.valueOf(true) */true); + resMap.put("userName", mUser.getUserName()); + resMap.put("fullName", uName); + resMap.put("Status", mUser.getM_status().getStatus()); + resMap.put("agentID", mUser.getAgentID()); + resMap.put("agentPassword", mUser.getAgentPassword()); + resMap.put("m_UserLangMappings", new JSONArray(mUser.getM_UserLangMappings().toString())); + resMap.put("designationID", mUser.getDesignationID()); + resMap.put("dhistoken", mUser.getDhistoken()); + if (mUser.getDesignation() != null) { + resMap.put("designation", new JSONObject(mUser.getDesignation().toString())); + } + if (null != mUser.getM_UserServiceRoleMapping()) { + for (UserServiceRoleMapping m_UserServiceRoleMapping : mUser.getM_UserServiceRoleMapping()) { + serviceRoleMultiMap.put( + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster().getServiceName(), + m_UserServiceRoleMapping.getM_Role().getRoleName()); + String serv = m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster() + .getServiceName(); + if (!previlegeObj.has(serv)) { + previlegeObj.put(serv, new JSONObject( + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getM_ServiceMaster().toString())); + previlegeObj.getJSONObject(serv).put("serviceName", serv); + previlegeObj.getJSONObject(serv).put("serviceID", + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getProviderServiceMapID()); + previlegeObj.getJSONObject(serv).put("providerServiceMapID", + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getProviderServiceMapID()); + previlegeObj.getJSONObject(serv).put("apimanClientKey", + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getAPIMANClientKey()); + previlegeObj.getJSONObject(serv).put("roles", new JSONArray()); + previlegeObj.getJSONObject(serv).put("stateID", + m_UserServiceRoleMapping.getM_ProviderServiceMapping().getStateID()); + previlegeObj.getJSONObject(serv).put("agentID", m_UserServiceRoleMapping.getAgentID()); + previlegeObj.getJSONObject(serv).put("agentPassword", m_UserServiceRoleMapping.getAgentPassword()); + } + JSONArray roles = previlegeObj.getJSONObject(serv).getJSONArray("roles"); + // roles.put(new JSONObject(m_UserServiceRoleMapping.getM_Role().toString())); + JSONObject roleObject = new JSONObject(m_UserServiceRoleMapping.getM_Role().toString()); + roleObject.put("teleConsultation", m_UserServiceRoleMapping.getTeleConsultation()); + roles.put(roleObject); + } + } + Iterator keySet = serviceRoleMultiMap.keys(); + while (keySet.hasNext()) { + String s = keySet.next(); + serviceRoleMap.put("Service", s); + serviceRoleMap.put("Role", serviceRoleMultiMap.get(s)); + serviceRoleList.put(serviceRoleMap); + } + resMap.put("Previlege", serviceRoleList); + } + + @RequestMapping(value = "/superUserAuthenticate", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) + public String superUserAuthenticate( + @Param(value = "\"{\\\"userName\\\":\\\"String\\\",\\\"doLogout\\\":\\\"Boolean\\\"}\"") @RequestBody LoginRequestModel m_User, + HttpServletRequest request, HttpServletResponse httpResponse) { + OutputResponse response = new OutputResponse(); + logger.info("userAuthenticate request "); + try { + + if (!m_User.getUserName().equalsIgnoreCase("SuperAdmin")) { + throw new IEMRException("Please log with admin credentials"); + } + String decryptPassword = aesUtil.decrypt("Piramal12Piramal", m_User.getPassword()); + User mUser = iemrAdminUserServiceImpl.superUserAuthenticate(m_User.getUserName(), decryptPassword); + JSONObject resMap = new JSONObject(); + JSONObject previlegeObj = new JSONObject(); + String jwtToken = null; + String refreshToken = null; + boolean isMobile = false; + if (m_User.getUserName() != null && (m_User.getDoLogout() == null || m_User.getDoLogout() == false)) { + String tokenFromRedis = getConcurrentCheckSessionObjectAgainstUser( + m_User.getUserName().trim().toLowerCase()); + if (tokenFromRedis != null) { + throw new IEMRException( + "You are already logged in,please confirm to logout from other device and login again"); + } + } else if (m_User.getUserName() != null && m_User.getDoLogout() != null && m_User.getDoLogout() == true) { + deleteSessionObject(m_User.getUserName().trim().toLowerCase()); + } + if (mUser != null) { + resMap.put("userID", mUser.getUserID()); + resMap.put("isAuthenticated", /* Boolean.valueOf(true) */true); + resMap.put("userName", mUser.getUserName()); + jwtToken = jwtUtil.generateToken(m_User.getUserName(), mUser.getUserID().toString()); + + User user = new User(); // Assuming the Users class exists + user.setUserID(mUser.getUserID()); + user.setUserName(mUser.getUserName()); + + String userAgent = request.getHeader("User-Agent"); + isMobile = UserAgentUtil.isMobileDevice(userAgent); + logger.info("UserAgentUtil isMobile : " + isMobile); + + if (isMobile) { + refreshToken = jwtUtil.generateRefreshToken(m_User.getUserName(), user.getUserID().toString()); + logger.debug("Refresh token generated successfully for user: {}", user.getUserName()); + String jti = jwtUtil.getJtiFromToken(refreshToken); + redisTemplate.opsForValue().set( + "refresh:" + jti, + user.getUserID().toString(), + jwtUtil.getRefreshTokenExpiration(), + TimeUnit.MILLISECONDS + ); + } else { + cookieUtil.addJwtTokenToCookie(jwtToken, httpResponse, request); + } + + String redisKey = "user_" + mUser.getUserID(); // Use user ID to create a unique key + + // Store the user in Redis (set a TTL of 30 minutes) + redisTemplate.opsForValue().set(redisKey, user, 30, TimeUnit.MINUTES); + + } else { + resMap.put("isAuthenticated", /* Boolean.valueOf(false) */false); + } + JSONObject responseObj = new JSONObject(resMap.toString()); + JSONArray previlageObjs = new JSONArray(); + Iterator services = previlegeObj.keys(); + while (services.hasNext()) { + String service = (String) services.next(); + previlageObjs.put(previlegeObj.getJSONObject(service)); + } + responseObj.put("previlegeObj", previlageObjs); + + String remoteAddress = request.getHeader("X-FORWARDED-FOR"); + if (remoteAddress == null || remoteAddress.trim().length() == 0) { + remoteAddress = request.getRemoteAddr(); + } + if (isMobile && null != mUser) { + responseObj.put("jwtToken", jwtToken); + responseObj.put("refreshToken", refreshToken); + } + responseObj = iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress, + request.getRemoteHost()); + response.setResponse(responseObj.toString()); + } catch (Exception e) { + logger.error("userAuthenticate failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("userAuthenticate response " + response.toString()); + return response.toString(); + } // @Operation(summary = "User authentication V1") // @RequestMapping(value = "/userAuthenticateV1", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) @@ -555,697 +562,695 @@ public String superUserAuthenticate( // return response.toString(); // } - @Operation(summary = "Get login response") - @RequestMapping(value = "/getLoginResponse", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public String getLoginResponse(HttpServletRequest request) { - OutputResponse response = new OutputResponse(); - try { - String authHeader = request.getHeader("Authorization"); - if (authHeader.isEmpty()) { - // Try JWT token from header first - String jwtToken = request.getHeader("Jwttoken"); - - // If not in header, try cookie - if (jwtToken == null) { - Cookie[] cookies = request.getCookies(); - if (cookies != null) { - for (Cookie cookie : cookies) { - if ("Jwttoken".equalsIgnoreCase(cookie.getName())) { - jwtToken = cookie.getValue(); - break; - } - } - } - } - - if (jwtToken == null) { - logger.warn("Authentication failed: no token found in header or cookies."); - throw new IEMRException("Authentication failed. Please log in again."); - } - - // Extract user ID from the JWT token - String userId = jwtUtil.getUserIdFromToken(jwtToken); - - // Get user details and prepare response - User user = iemrAdminUserServiceImpl.getUserById(Long.parseLong(userId)); - if (user == null) { - logger.warn("User lookup failed for provided userId."); - throw new IEMRException("Authentication failed. Please try again."); - - } - - String remoteAddress = request.getHeader("X-FORWARDED-FOR"); - if (remoteAddress == null || remoteAddress.trim().length() == 0) { - remoteAddress = request.getRemoteAddr(); - } - - // Use the helper method to prepare response - JSONObject responseObj = prepareAuthenticationResponse(user, remoteAddress, request.getRemoteHost()); - response.setResponse(responseObj.toString()); - } else { - response.setResponse(sessionObject.getSessionObject(authHeader)); - } - } catch (Exception e) { - logger.error("getLoginResponse failed with error " + e.getMessage(), e); - response.setError(e); - } - return response.toString(); - } - - @Operation(summary = "Forget password") - @RequestMapping(value = "/forgetPassword", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) - public String forgetPassword( - @Param(value = "\"{\\\"userName\\\":\\\"String\\\"}\"") @RequestBody ChangePasswordModel m_User) { - OutputResponse response = new OutputResponse(); - logger.info("forgetPassword request " + m_User); - try { - List mUsers = iemrAdminUserServiceImpl.userExitsCheck(m_User.getUserName()); - - if (mUsers == null || mUsers.size() <= 0) { - logger.error("User not found"); - throw new IEMRException("If the username is registered, you will be asked a security question"); - } else if (mUsers.size() > 1) { - logger.error("More than 1 user found"); - throw new IEMRException("If the username is registered, you will be asked a security question"); - - } else if (mUsers.size() == 1) { - List> quesAnsList = new ArrayList<>(); - Map quesAnsMap; - Map resMap = new HashMap<>(); - List mUserSecQuesMapping = iemrAdminUserServiceImpl - .userSecurityQuestion(mUsers.get(0).getUserID()); - if (mUserSecQuesMapping != null) { - for (UserSecurityQMapping element : mUserSecQuesMapping) { - quesAnsMap = new HashMap<>(); - quesAnsMap.put("questionId", element.getQuestionID()); - quesAnsMap.put("question", element.getM_LoginSecurityQuestions().getQuestion()); - - quesAnsList.add(quesAnsMap); - } - resMap.put("SecurityQuesAns", quesAnsList); - } - response.setResponse(OutputMapper.gsonWithoutExposeRestriction().toJson(resMap)); - } - } catch (Exception e) { - logger.error("forgetPassword failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("forgetPassword response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "Set forget password") - @RequestMapping(value = "/setForgetPassword", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) - public String setPassword( - @Param(value = "\"{\"userName\":\"String\",\"password\":\"String\",\"transactionId\":\"String\"}\"") @RequestBody ChangePasswordModel m_user) { - OutputResponse response = new OutputResponse(); - logger.info("setForgetPassword request " + m_user); - try { - int noOfRowModified = 0; - List mUsers = iemrAdminUserServiceImpl.userExitsCheck(m_user.getUserName()); - if (mUsers.size() != 1) { - logger.warn( - "Password reset failed for username '{}'. Reason: user not found, inactive, or multiple matches.", - m_user.getUserName()); - - throw new IEMRException("Unable to process your request. Please try again or contact support."); - } - User mUser = mUsers.get(0); - String setStatus; - String decryptPassword = aesUtil.decrypt("Piramal12Piramal", m_user.getPassword()); - noOfRowModified = iemrAdminUserServiceImpl.setForgetPassword(mUser, decryptPassword, - m_user.getTransactionId(), m_user.getIsAdmin()); - if (noOfRowModified > 0) { - setStatus = "Password Changed"; - } else { - setStatus = "Something Wrong..!!!"; - } - logger.info("Set forgot password changed " + noOfRowModified + " rows of data."); - response.setResponse(setStatus); - } catch (Exception e) { - logger.error("setForgetPassword failed with error " + e.getMessage(), e); - if (e.getMessage().equals( - "Unable to process your request. Please try again or contact support.")) - response.setError(e); - else - response.setError(5000, e.getMessage()); - } - - logger.info("setForgetPassword response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "Change password") - @RequestMapping(value = "/changePassword", method = RequestMethod.POST, produces = "application/json") - public String changePassword( - @Param(value = "\"{\\\"userName\\\":\\\"String\\\",\\\"password\\\":\\\"String\\\",\\\"transactionId\\\":\\\"String\\\"}\"") @RequestBody ChangePasswordModel changePassword) { - OutputResponse response = new OutputResponse(); - logger.info("changePassword request " + changePassword); - try { - int noOfRowUpdated = 0; - List mUsers = iemrAdminUserServiceImpl.userExitsCheck(changePassword.getUserName()); - String changeReqResult; - if (mUsers.size() != 1) { - logger.warn("Change password attempt failed. User not found or not available."); - - throw new IEMRException("Unable to change password. Please try again later"); - } - try { - int validatePassword; - validatePassword = securePassword.validatePassword(changePassword.getPassword(), - mUsers.get(0).getPassword()); - if (validatePassword == 1) { - User mUser = mUsers.get(0); - noOfRowUpdated = iemrAdminUserServiceImpl.setForgetPassword(mUser, changePassword.getNewPassword(), - changePassword.getTransactionId(), changePassword.getIsAdmin()); - - } else if (validatePassword == 2) { - User mUser = mUsers.get(0); - noOfRowUpdated = iemrAdminUserServiceImpl.setForgetPassword(mUser, changePassword.getNewPassword(), - changePassword.getTransactionId(), changePassword.getIsAdmin()); - - } - } catch (Exception e) { - throw new IEMRException(e.getMessage()); - } - - if (noOfRowUpdated > 0) { - changeReqResult = "Password SuccessFully Change"; - } else { - changeReqResult = "Something WentWrong.....Please Contact Administrator..!!!"; - } - response.setResponse(changeReqResult); - } catch (Exception e) { - logger.error("changePassword failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("changePassword response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "Save user security questions & answers") - @RequestMapping(value = "/saveUserSecurityQuesAns", method = RequestMethod.POST, produces = "application/json") - public String saveUserSecurityQuesAns( - @Param(value = "\"[{\\\"userID\\\":\\\"Integer\\\",\\\"questionID\\\":\\\"Integer\\\",\\\"answers\\\":\\\"String\\\"," - + "\\\"mobileNumber\\\":\\\"String\\\",\\\"createdBy\\\":\\\"String\\\"}]\"") @RequestBody Iterable m_UserSecurityQMapping) { - OutputResponse response = new OutputResponse(); - logger.info("saveUserSecurityQuesAns request " + m_UserSecurityQMapping); - try { - String responseData = iemrAdminUserServiceImpl.saveUserSecurityQuesAns(m_UserSecurityQMapping); - response.setResponse(responseData); - } catch (Exception e) { - logger.error("saveUserSecurityQuesAns failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("saveUserSecurityQuesAns response " + response.toString()); - return response.toString(); - } - - /** - * - * @return security qtns - */ - @Operation(summary = "Get security quetions") - @RequestMapping(value = "/getsecurityquetions", method = RequestMethod.GET) - public String getSecurityts() { - OutputResponse response = new OutputResponse(); - logger.info("getsecurityquetions request "); - try { - ArrayList test = iemrAdminUserServiceImpl.getAllLoginSecurityQuestions(); - response.setResponse(test.toString()); - } catch (Exception e) { - logger.error("getsecurityquetions failed with error " + e.getMessage(), e); - response.setError(5000, "Unable to fetch security questions"); - } - logger.info("getsecurityquetions response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "Get roles by provider id") - @RequestMapping(value = "/getRolesByProviderID", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public String getRolesByProviderID( - @Param(value = "{\"providerServiceMapID\":\"Integer - providerServiceMapID\"}") @RequestBody String request) { - OutputResponse response = new OutputResponse(); - logger.info("getRolesByProviderID request "); - try { - response.setResponse(iemrAdminUserServiceImpl.getRolesByProviderID(request)); - } catch (Exception e) { - logger.error("getRolesByProviderID failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("getRolesByProviderID response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "Get role screen mapping by provider id") - @RequestMapping(value = "/getRoleScreenMappingByProviderID", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public String getRoleScreenMappingByProviderID( - @Param(value = "{\"providerServiceMapID\":\"Integer - providerServiceMapID\"}") @RequestBody String request) { - - OutputResponse response = new OutputResponse(); - logger.info("getRoleScreenMappingByProviderID"); - try { - ObjectMapper objectMapper = new ObjectMapper(); - ServiceRoleScreenMapping serviceRoleScreenMapping = objectMapper.readValue(request, - ServiceRoleScreenMapping.class); - - List mapping = iemrAdminUserServiceImpl - .getUserServiceRoleMappingForProvider(serviceRoleScreenMapping.getProviderServiceMapID()); - - response.setResponse(mapping.toString()); - } catch (Exception e) { - logger.error("getRoleScreenMappingByProviderID failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("getRoleScreenMappingByProviderID response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "Get users by provider id") - @RequestMapping(value = "/getUsersByProviderID", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public String getUsersByProviderID(@Param(value = "{\"providerServiceMapID\":\"Integer - providerServiceMapID\", " - + "\"RoleID\":\"Optional: Integer - role ID to be filtered\", " - + "\"languageName\":\"Optional: String - languageName\"}") @RequestBody String request) { - OutputResponse response = new OutputResponse(); - logger.info("getRolesByProviderID request "); - try { - response.setResponse(iemrAdminUserServiceImpl.getUsersByProviderID(request)); - } catch (Exception e) { - logger.error("getRolesByProviderID failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("getRolesByProviderID response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "Get user service point van details") - @RequestMapping(value = "/getUserServicePointVanDetails", method = RequestMethod.POST, produces = "application/json", headers = "Authorization") - public String getUserServicePointVanDetails( - @Param(value = "\"{\\\"userID\\\":\\\"Integer\\\",\"providerServiceMapID\":\"Integer\"}\"") @RequestBody String comingRequest) { - OutputResponse response = new OutputResponse(); - try { - - JSONObject obj = new JSONObject(comingRequest); - logger.info("getUserServicePointVanDetails request " + comingRequest); - String responseData = iemrAdminUserServiceImpl.getUserServicePointVanDetails(obj.getInt("userID")); - response.setResponse(responseData); - } catch (Exception e) { - response.setError(e); - logger.error("get User SP and van details failed with " + e.getMessage(), e); - - } - logger.info("getUserServicePointVanDetails response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "Get service point villages") - @RequestMapping(value = "/getServicepointVillages", method = RequestMethod.POST, produces = "application/json", headers = "Authorization") - public String getServicepointVillages( - @Param(value = "\"{\\\"servicePointID\\\":\\\"Integer\\\"}\"") @RequestBody String comingRequest) { - OutputResponse response = new OutputResponse(); - try { - - JSONObject obj = new JSONObject(comingRequest); - logger.info("getServicepointVillages request " + comingRequest); - String responseData = iemrAdminUserServiceImpl.getServicepointVillages(obj.getInt("servicePointID")); - response.setResponse(responseData); - } catch (Exception e) { - response.setError(e); - logger.error("get villages with servicepoint failed with " + e.getMessage(), e); - - } - logger.info("getServicepointVillages response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "Get locations by provider id") - @RequestMapping(value = "/getLocationsByProviderID", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public String getLocationsByProviderID( - @Param(value = "{\"providerServiceMapID\":\"Integer - providerServiceMapID\", " - + "\"roleID\":\"Integer - roleID\"}") @RequestBody String request) { - OutputResponse response = new OutputResponse(); - logger.info("getLocationsByProviderID request "); - try { - response.setResponse(iemrAdminUserServiceImpl.getLocationsByProviderID(request)); - } catch (Exception e) { - logger.error("getLocationsByProviderID failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("getLocationsByProviderID response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "User log out") - @RequestMapping(value = "/userLogout", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public String userLogout(HttpServletRequest request) { - OutputResponse response = new OutputResponse(); - logger.info("userLogout"); - try { - deleteSessionObjectByGettingSessionDetails(request.getHeader("Authorization")); - sessionObject.deleteSessionObject(request.getHeader("Authorization")); - response.setResponse("Success"); - } catch (Exception e) { - response.setError(e); - } - return response.toString(); - } - - /** - * - * @param key - * @return - */ - private void deleteSessionObjectByGettingSessionDetails(String key) { - String sessionDetails = null; - try { - logger.info("inside delete child:" + key); - sessionDetails = sessionObject.getSessionObject(key); - logger.info("isessionDetails:" + sessionDetails); - JsonObject jsnOBJ = new JsonObject(); - JsonParser jsnParser = new JsonParser(); - JsonElement jsnElmnt = jsnParser.parse(sessionDetails); - jsnOBJ = jsnElmnt.getAsJsonObject(); - if (jsnOBJ.has("userName") && jsnOBJ.get("userName") != null) { - logger.info("deleting key:" + jsnOBJ.get("userName").getAsString().trim().toLowerCase()); - sessionObject.deleteSessionObject(jsnOBJ.get("userName").getAsString().trim().toLowerCase()); - } - } catch (Exception e) { - logger.error(e.getMessage()); - } - } - - private void deleteSessionObject(String key) { - try { - sessionObject.deleteSessionObject(key); - } catch (Exception e) { - logger.error(e.getMessage()); - } - } - - @Operation(summary = "Force log out") - @RequestMapping(value = "/forceLogout", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public String forceLogout(@RequestBody ForceLogoutRequestModel request, HttpServletRequest httpRequest, HttpServletResponse response) { - OutputResponse outputResponse = new OutputResponse(); - try { - // Perform the force logout logic - iemrAdminUserServiceImpl.forceLogout(request); - - // Extract token from cookies or headers - String token = getJwtTokenFromCookies(httpRequest); - if (token == null) { - response.setStatus(HttpServletResponse.SC_BAD_REQUEST); - outputResponse.setError(new RuntimeException("No JWT token found in request")); - return outputResponse.toString(); - } - - // Validate the token: Check if it is expired or in the deny list - Claims claims = jwtUtil.validateToken(token); - if (claims.isEmpty() || claims.getExpiration() == null || claims.getId() == null) { // If token is either expired or in the deny list, return 401 Unauthorized - response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); - outputResponse.setError(new RuntimeException("Token is expired or has been logged out")); - return outputResponse.toString(); - } - - // Extract the jti (JWT ID) and expiration time from the validated claims - String jti = claims.getId(); // jti is in the 'id' field of claims - long expirationTime = claims.getExpiration().getTime(); // Use expiration from claims - long ttlMillis = expirationTime - System.currentTimeMillis(); - tokenDenylist.addTokenToDenylist(jti, ttlMillis); - - // Set the response message - outputResponse.setResponse("Success"); - } catch (Exception e) { - outputResponse.setError(e); - } - return outputResponse.toString(); - } - - private String getJwtTokenFromCookies(HttpServletRequest request) { - Cookie[] cookies = request.getCookies(); - if (cookies != null) { - for (Cookie cookie : cookies) { - if (cookie.getName().equalsIgnoreCase(Constants.JWT_TOKEN)) { - return cookie.getValue(); - } - } - } - return null; - } - - - @Operation(summary = "User force log out") - @RequestMapping(value = "/userForceLogout", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public String userForceLogout( - @Param(value = "\"{\\\"userName\\\":\\\"String\\\"}\"") @RequestBody ForceLogoutRequestModel request) { - OutputResponse response = new OutputResponse(); - try { - iemrAdminUserServiceImpl.userForceLogout(request); - response.setResponse("Success"); - } catch (Exception e) { - response.setError(e); - } - return response.toString(); - } - - @Operation(summary = "Get agent by role id") - @RequestMapping(value = "/getAgentByRoleID", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public String getAgentByRoleID(@Param(value = "{\"providerServiceMapID\":\"Integer - providerServiceMapID\", " - + "\"RoleID\":\"Optional: Integer - role ID to be filtered\"}") @RequestBody String request) { - OutputResponse response = new OutputResponse(); - logger.info("getAgentByRoleID request " + request.toString()); - try { - response.setResponse(iemrAdminUserServiceImpl.getAgentByRoleID(request)); - } catch (Exception e) { - logger.error("getAgentByRoleID failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("getAgentByRoleID response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "User authenticate by encryption") - @RequestMapping(value = "/userAuthenticateByEncryption", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) - public String userAuthenticateByEncryption( - @Param(value = "\"{\\\"userName\\\":\\\"String\\\",\\\"password\\\":\\\"String\\\"}\"") @RequestBody String req, - HttpServletRequest request) { - OutputResponse response = new OutputResponse(); - logger.info("userAuthenticateByEncryption request "); - try { - List mUser = iemrAdminUserServiceImpl.userAuthenticateByEncryption(req); - JSONObject resMap = new JSONObject(); - JSONObject serviceRoleMultiMap = new JSONObject(); - JSONObject serviceRoleMap = new JSONObject(); - JSONArray serviceRoleList = new JSONArray(); - JSONObject previlegeObj = new JSONObject(); - - if (mUser.size() == 1) { - createUserMapping(mUser.get(0), resMap, serviceRoleMultiMap, serviceRoleMap, serviceRoleList, - previlegeObj); - } else { - resMap.put("isAuthenticated", /* Boolean.valueOf(false) */false); - } - JSONObject responseObj = new JSONObject(resMap.toString()); - JSONArray previlageObjs = new JSONArray(); - Iterator services = previlegeObj.keys(); - while (services.hasNext()) { - String service = (String) services.next(); - previlageObjs.put(previlegeObj.getJSONObject(service)); - } - responseObj.put("previlegeObj", previlageObjs); - String remoteAddress = request.getHeader("X-FORWARDED-FOR"); - if (remoteAddress == null || remoteAddress.trim().length() == 0) { - remoteAddress = request.getRemoteAddr(); - } - responseObj = iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress, - request.getRemoteHost()); - response.setResponse(responseObj.toString()); - } catch (Exception e) { - logger.error("userAuthenticateByEncryption failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("userAuthenticateByEncryption response " + response.toString()); - return response.toString(); - } - - @Operation(summary = "Get role wrap up time") - @RequestMapping(value = "/role/{roleID}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public String getrolewrapuptime(@PathVariable("roleID") Integer roleID) { - - OutputResponse response = new OutputResponse(); - try { - M_Role test = iemrAdminUserServiceImpl.getrolewrapuptime(roleID); - if (test == null) { - throw new Exception("RoleID Not Found"); - } - response.setResponse(test.toString()); - } catch (Exception e) { - response.setError(e); - } - return response.toString(); - } - - /** - * @param request - * @return transaction Id for password change - */ - @Operation(summary = "Validating security question and answers for password change") - @RequestMapping(value = { "/validateSecurityQuestionAndAnswer" }, method = { RequestMethod.POST }) - public String validateSecurityQuestionAndAnswer( - @Param(value = "{\"SecurityQuesAns\": [{\"questionId\":\"String\",\"answer\":\"String\"}],\"userName\":\"String\"}") @RequestBody String request) { - - OutputResponse response = new OutputResponse(); - logger.info("validateSecurityQuestionAndAnswer API request" + request); - try { - if (request != null) { - JsonObject requestObj = new JsonObject(); - JsonParser jsnParser = new JsonParser(); - JsonElement jsnElmnt = jsnParser.parse(request); - requestObj = jsnElmnt.getAsJsonObject(); - String resp = iemrAdminUserServiceImpl.validateQuestionAndAnswersForPasswordChange(requestObj); - response.setResponse(resp); - } else - throw new IEMRException("Invalid Request"); - } catch (Exception e) { - logger.error("validateSecurityQuestionAndAnswer failed: {}", e.toString()); - response.setError(5000, e.getMessage()); - } - logger.info("validateSecurityQuestionAndAnswer API response" + response.toString()); - return response.toString(); - } - - @Operation(summary = "User authentication") - @RequestMapping(value = "/bhavya/userAuthenticate", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) - public String userAuthenticateBhavya( - @Param(value = "\"{\\\"userName\\\":\\\"String\\\",\\\"password\\\":\\\"String\\\"}\"") @RequestBody LoginRequestModel m_User, - HttpServletRequest request) { - OutputResponse response = new OutputResponse(); - logger.info("userAuthenticate request - " + m_User + " " + m_User.getUserName() + " " + m_User.getPassword()); - try { - // String decryptPassword = aesUtil.decrypt("Piramal12Piramal", - // m_User.getPassword()); - // logger.info("decryptPassword : " + m_User.getPassword()); - List mUser = iemrAdminUserServiceImpl.userAuthenticate(m_User.getUserName(), m_User.getPassword()); - JSONObject resMap = new JSONObject(); - JSONObject serviceRoleMultiMap = new JSONObject(); - JSONObject serviceRoleMap = new JSONObject(); - JSONArray serviceRoleList = new JSONArray(); - JSONObject previlegeObj = new JSONObject(); - if (m_User.getUserName() != null && (m_User.getDoLogout() == null || m_User.getDoLogout() == false)) { - String tokenFromRedis = getConcurrentCheckSessionObjectAgainstUser( - m_User.getUserName().trim().toLowerCase()); - if (tokenFromRedis != null) { - throw new IEMRException( - "You are already logged in,please confirm to logout from other device and login again"); - } - } else if (m_User.getUserName() != null && m_User.getDoLogout() != null && m_User.getDoLogout() == true) { - deleteSessionObject(m_User.getUserName().trim().toLowerCase()); - } - if (mUser.size() == 1) { - createUserMapping(mUser.get(0), resMap, serviceRoleMultiMap, serviceRoleMap, serviceRoleList, - previlegeObj); - } else { - resMap.put("isAuthenticated", /* Boolean.valueOf(false) */false); - } - JSONObject responseObj = new JSONObject(resMap.toString()); - JSONArray previlageObjs = new JSONArray(); - Iterator services = previlegeObj.keys(); - while (services.hasNext()) { - String service = (String) services.next(); - previlageObjs.put(previlegeObj.getJSONObject(service)); - } - responseObj.put("previlegeObj", previlageObjs); - String remoteAddress = request.getHeader("X-FORWARDED-FOR"); - if (remoteAddress == null || remoteAddress.trim().length() == 0) { - remoteAddress = request.getRemoteAddr(); - } - responseObj = iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress, - request.getRemoteHost()); - response.setResponse(responseObj.toString()); - } catch (Exception e) { - logger.error("userAuthenticate failed with error " + e.getMessage(), e); - response.setError(e); - } - logger.info("userAuthenticate response " + response.toString()); - return response.toString(); - } - - @GetMapping("/get-jwt-token") - public ResponseEntity getJwtTokenFromCookie(HttpServletRequest httpRequest) { - // Retrieve the cookie named 'jwtToken' - Cookie[] cookies = httpRequest.getCookies(); - - if (cookies != null) { - for (Cookie cookie : cookies) { - - if ("Jwttoken".equalsIgnoreCase(cookie.getName())) { - - String jwtToken = cookie.getValue(); - // Return the JWT token in the response - return ResponseEntity.ok(jwtToken); - } - } - } - // Return 404 if the token is not found in the cookies - return ResponseEntity.status(HttpStatus.NOT_FOUND).body("JWT token not found"); - } - - private JSONObject prepareAuthenticationResponse(User mUser, String remoteAddress, String remoteHost) throws Exception { - JSONObject resMap = new JSONObject(); - JSONObject serviceRoleMultiMap = new JSONObject(); - JSONObject serviceRoleMap = new JSONObject(); - JSONArray serviceRoleList = new JSONArray(); - JSONObject previlegeObj = new JSONObject(); - - if (mUser != null) { - mUser.setM_UserServiceRoleMapping(iemrAdminUserServiceImpl.getUserServiceRoleMapping(mUser.getUserID())); - createUserMapping(mUser, resMap, serviceRoleMultiMap, serviceRoleMap, serviceRoleList, previlegeObj); - } else { - resMap.put("isAuthenticated", false); - } - - JSONObject responseObj = new JSONObject(resMap.toString()); - JSONArray previlageObjs = new JSONArray(); - Iterator services = previlegeObj.keys(); - while (services.hasNext()) { - String service = (String) services.next(); - previlageObjs.put(previlegeObj.getJSONObject(service)); - } - responseObj.put("previlegeObj", previlageObjs); - - return iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress, remoteHost); - } - - @Operation(summary = "Get UserId based on userName") - @GetMapping(value = "/userName/{userName}", produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public ResponseEntity getUserDetails(@PathVariable("userName") String userName) { - try { - List users = iemrAdminUserServiceImpl.getUserIdbyUserName(userName); - if (users.isEmpty()) { - return new ResponseEntity<>(Map.of("error", "UserName Not Found"), HttpStatus.NOT_FOUND); - } - User user = users.get(0); - return new ResponseEntity<>(Map.of("userName", user.getUserName(), "userId", user.getUserID()), - HttpStatus.OK); - } catch (Exception e) { - return new ResponseEntity<>(Map.of("error", "Internal server error"), HttpStatus.INTERNAL_SERVER_ERROR); - } - - } - - @Operation(summary = "Get UserId based on userName") - @GetMapping(value = "/checkUserName/{userName}", produces = MediaType.APPLICATION_JSON, headers = "Authorization") - public ResponseEntity checkUserDetails(@PathVariable("userName") String userName) { - try { - List users = iemrAdminUserServiceImpl.findUserIdByUserName(userName); - if (users.isEmpty()) { - return new ResponseEntity<>(Map.of("error", "UserName Not Found"), HttpStatus.NOT_FOUND); - } - User user = users.get(0); - return new ResponseEntity<>(Map.of("userName", user.getUserName(), "userId", user.getUserID()), - HttpStatus.OK); - } catch (Exception e) { - return new ResponseEntity<>(Map.of("error", "Internal server error"), HttpStatus.INTERNAL_SERVER_ERROR); - } - - } + @Operation(summary = "Get login response") + @RequestMapping(value = "/getLoginResponse", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public String getLoginResponse(HttpServletRequest request) { + OutputResponse response = new OutputResponse(); + try { + String authHeader = request.getHeader("Authorization"); + if (authHeader.isEmpty()) { + // Try JWT token from header first + String jwtToken = request.getHeader("Jwttoken"); + + // If not in header, try cookie + if (jwtToken == null) { + Cookie[] cookies = request.getCookies(); + if (cookies != null) { + for (Cookie cookie : cookies) { + if ("Jwttoken".equalsIgnoreCase(cookie.getName())) { + jwtToken = cookie.getValue(); + break; + } + } + } + } + + if (jwtToken == null) { + logger.warn("Authentication failed: no token found in header or cookies."); + throw new IEMRException("Authentication failed. Please log in again."); + } + + // Extract user ID from the JWT token + String userId = jwtUtil.getUserIdFromToken(jwtToken); + + // Get user details and prepare response + User user = iemrAdminUserServiceImpl.getUserById(Long.parseLong(userId)); + if (user == null) { + logger.warn("User lookup failed for provided userId."); + throw new IEMRException("Authentication failed. Please try again."); + + } + + String remoteAddress = request.getHeader("X-FORWARDED-FOR"); + if (remoteAddress == null || remoteAddress.trim().length() == 0) { + remoteAddress = request.getRemoteAddr(); + } + + // Use the helper method to prepare response + JSONObject responseObj = prepareAuthenticationResponse(user, remoteAddress, request.getRemoteHost()); + response.setResponse(responseObj.toString()); + } else { + response.setResponse(sessionObject.getSessionObject(authHeader)); + } + } catch (Exception e) { + logger.error("getLoginResponse failed with error " + e.getMessage(), e); + response.setError(e); + } + return response.toString(); + } + + @Operation(summary = "Forget password") + @RequestMapping(value = "/forgetPassword", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) + public String forgetPassword( + @Param(value = "\"{\\\"userName\\\":\\\"String\\\"}\"") @RequestBody ChangePasswordModel m_User) { + OutputResponse response = new OutputResponse(); + logger.info("forgetPassword request " + m_User); + try { + List mUsers = iemrAdminUserServiceImpl.userExitsCheck(m_User.getUserName()); + + if (mUsers == null || mUsers.size() <= 0) { + logger.error("User not found"); + throw new IEMRException("If the username is registered, you will be asked a security question"); + } else if (mUsers.size() > 1) { + logger.error("More than 1 user found"); + throw new IEMRException("If the username is registered, you will be asked a security question"); + + } else if (mUsers.size() == 1) { + List> quesAnsList = new ArrayList<>(); + Map quesAnsMap; + Map resMap = new HashMap<>(); + List mUserSecQuesMapping = iemrAdminUserServiceImpl + .userSecurityQuestion(mUsers.get(0).getUserID()); + if (mUserSecQuesMapping != null) { + for (UserSecurityQMapping element : mUserSecQuesMapping) { + quesAnsMap = new HashMap<>(); + quesAnsMap.put("questionId", element.getQuestionID()); + quesAnsMap.put("question", element.getM_LoginSecurityQuestions().getQuestion()); + + quesAnsList.add(quesAnsMap); + } + resMap.put("SecurityQuesAns", quesAnsList); + } + response.setResponse(OutputMapper.gsonWithoutExposeRestriction().toJson(resMap)); + } + } catch (Exception e) { + logger.error("forgetPassword failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("forgetPassword response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "Set forget password") + @RequestMapping(value = "/setForgetPassword", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) + public String setPassword( + @Param(value = "\"{\"userName\":\"String\",\"password\":\"String\",\"transactionId\":\"String\"}\"") @RequestBody ChangePasswordModel m_user) { + OutputResponse response = new OutputResponse(); + logger.info("setForgetPassword request " + m_user); + try { + int noOfRowModified = 0; + List mUsers = iemrAdminUserServiceImpl.userExitsCheck(m_user.getUserName()); + if (mUsers.size() != 1) { + logger.warn( + "Password reset failed for username '{}'. Reason: user not found, inactive, or multiple matches.", + m_user.getUserName()); + + throw new IEMRException("Unable to process your request. Please try again or contact support."); + } + User mUser = mUsers.get(0); + String setStatus; + String decryptPassword = aesUtil.decrypt("Piramal12Piramal", m_user.getPassword()); + noOfRowModified = iemrAdminUserServiceImpl.setForgetPassword(mUser, decryptPassword, + m_user.getTransactionId(), m_user.getIsAdmin()); + if (noOfRowModified > 0) { + setStatus = "Password Changed"; + } else { + setStatus = "Something Wrong..!!!"; + } + logger.info("Set forgot password changed " + noOfRowModified + " rows of data."); + response.setResponse(setStatus); + } catch (Exception e) { + logger.error("setForgetPassword failed with error " + e.getMessage(), e); + if (e.getMessage().equals( + "Unable to process your request. Please try again or contact support.")) + response.setError(e); + else + response.setError(5000, e.getMessage()); + } + + logger.info("setForgetPassword response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "Change password") + @RequestMapping(value = "/changePassword", method = RequestMethod.POST, produces = "application/json") + public String changePassword( + @Param(value = "\"{\\\"userName\\\":\\\"String\\\",\\\"password\\\":\\\"String\\\",\\\"transactionId\\\":\\\"String\\\"}\"") @RequestBody ChangePasswordModel changePassword) { + OutputResponse response = new OutputResponse(); + logger.info("changePassword request " + changePassword); + try { + int noOfRowUpdated = 0; + List mUsers = iemrAdminUserServiceImpl.userExitsCheck(changePassword.getUserName()); + String changeReqResult; + if (mUsers.size() != 1) { + logger.warn("Change password attempt failed. User not found or not available."); + + throw new IEMRException("Unable to change password. Please try again later"); + } + try { + int validatePassword; + validatePassword = securePassword.validatePassword(changePassword.getPassword(), + mUsers.get(0).getPassword()); + if (validatePassword == 1) { + User mUser = mUsers.get(0); + noOfRowUpdated = iemrAdminUserServiceImpl.setForgetPassword(mUser, changePassword.getNewPassword(), + changePassword.getTransactionId(), changePassword.getIsAdmin()); + + } else if (validatePassword == 2) { + User mUser = mUsers.get(0); + noOfRowUpdated = iemrAdminUserServiceImpl.setForgetPassword(mUser, changePassword.getNewPassword(), + changePassword.getTransactionId(), changePassword.getIsAdmin()); + + } + } catch (Exception e) { + throw new IEMRException(e.getMessage()); + } + + if (noOfRowUpdated > 0) { + changeReqResult = "Password SuccessFully Change"; + } else { + changeReqResult = "Something WentWrong.....Please Contact Administrator..!!!"; + } + response.setResponse(changeReqResult); + } catch (Exception e) { + logger.error("changePassword failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("changePassword response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "Save user security questions & answers") + @RequestMapping(value = "/saveUserSecurityQuesAns", method = RequestMethod.POST, produces = "application/json") + public String saveUserSecurityQuesAns( + @Param(value = "\"[{\\\"userID\\\":\\\"Integer\\\",\\\"questionID\\\":\\\"Integer\\\",\\\"answers\\\":\\\"String\\\"," + + "\\\"mobileNumber\\\":\\\"String\\\",\\\"createdBy\\\":\\\"String\\\"}]\"") @RequestBody Iterable m_UserSecurityQMapping) { + OutputResponse response = new OutputResponse(); + logger.info("saveUserSecurityQuesAns request " + m_UserSecurityQMapping); + try { + String responseData = iemrAdminUserServiceImpl.saveUserSecurityQuesAns(m_UserSecurityQMapping); + response.setResponse(responseData); + } catch (Exception e) { + logger.error("saveUserSecurityQuesAns failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("saveUserSecurityQuesAns response " + response.toString()); + return response.toString(); + } + + /** + * @return security qtns + */ + @Operation(summary = "Get security quetions") + @RequestMapping(value = "/getsecurityquetions", method = RequestMethod.GET) + public String getSecurityts() { + OutputResponse response = new OutputResponse(); + logger.info("getsecurityquetions request "); + try { + ArrayList test = iemrAdminUserServiceImpl.getAllLoginSecurityQuestions(); + response.setResponse(test.toString()); + } catch (Exception e) { + logger.error("getsecurityquetions failed with error " + e.getMessage(), e); + response.setError(5000, "Unable to fetch security questions"); + } + logger.info("getsecurityquetions response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "Get roles by provider id") + @RequestMapping(value = "/getRolesByProviderID", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public String getRolesByProviderID( + @Param(value = "{\"providerServiceMapID\":\"Integer - providerServiceMapID\"}") @RequestBody String request) { + OutputResponse response = new OutputResponse(); + logger.info("getRolesByProviderID request "); + try { + response.setResponse(iemrAdminUserServiceImpl.getRolesByProviderID(request)); + } catch (Exception e) { + logger.error("getRolesByProviderID failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("getRolesByProviderID response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "Get role screen mapping by provider id") + @RequestMapping(value = "/getRoleScreenMappingByProviderID", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public String getRoleScreenMappingByProviderID( + @Param(value = "{\"providerServiceMapID\":\"Integer - providerServiceMapID\"}") @RequestBody String request) { + + OutputResponse response = new OutputResponse(); + logger.info("getRoleScreenMappingByProviderID"); + try { + ObjectMapper objectMapper = new ObjectMapper(); + ServiceRoleScreenMapping serviceRoleScreenMapping = objectMapper.readValue(request, + ServiceRoleScreenMapping.class); + + List mapping = iemrAdminUserServiceImpl + .getUserServiceRoleMappingForProvider(serviceRoleScreenMapping.getProviderServiceMapID()); + + response.setResponse(mapping.toString()); + } catch (Exception e) { + logger.error("getRoleScreenMappingByProviderID failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("getRoleScreenMappingByProviderID response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "Get users by provider id") + @RequestMapping(value = "/getUsersByProviderID", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public String getUsersByProviderID(@Param(value = "{\"providerServiceMapID\":\"Integer - providerServiceMapID\", " + + "\"RoleID\":\"Optional: Integer - role ID to be filtered\", " + + "\"languageName\":\"Optional: String - languageName\"}") @RequestBody String request) { + OutputResponse response = new OutputResponse(); + logger.info("getRolesByProviderID request "); + try { + response.setResponse(iemrAdminUserServiceImpl.getUsersByProviderID(request)); + } catch (Exception e) { + logger.error("getRolesByProviderID failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("getRolesByProviderID response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "Get user service point van details") + @RequestMapping(value = "/getUserServicePointVanDetails", method = RequestMethod.POST, produces = "application/json", headers = "Authorization") + public String getUserServicePointVanDetails( + @Param(value = "\"{\\\"userID\\\":\\\"Integer\\\",\"providerServiceMapID\":\"Integer\"}\"") @RequestBody String comingRequest) { + OutputResponse response = new OutputResponse(); + try { + + JSONObject obj = new JSONObject(comingRequest); + logger.info("getUserServicePointVanDetails request " + comingRequest); + String responseData = iemrAdminUserServiceImpl.getUserServicePointVanDetails(obj.getInt("userID")); + response.setResponse(responseData); + } catch (Exception e) { + response.setError(e); + logger.error("get User SP and van details failed with " + e.getMessage(), e); + + } + logger.info("getUserServicePointVanDetails response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "Get service point villages") + @RequestMapping(value = "/getServicepointVillages", method = RequestMethod.POST, produces = "application/json", headers = "Authorization") + public String getServicepointVillages( + @Param(value = "\"{\\\"servicePointID\\\":\\\"Integer\\\"}\"") @RequestBody String comingRequest) { + OutputResponse response = new OutputResponse(); + try { + + JSONObject obj = new JSONObject(comingRequest); + logger.info("getServicepointVillages request " + comingRequest); + String responseData = iemrAdminUserServiceImpl.getServicepointVillages(obj.getInt("servicePointID")); + response.setResponse(responseData); + } catch (Exception e) { + response.setError(e); + logger.error("get villages with servicepoint failed with " + e.getMessage(), e); + + } + logger.info("getServicepointVillages response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "Get locations by provider id") + @RequestMapping(value = "/getLocationsByProviderID", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public String getLocationsByProviderID( + @Param(value = "{\"providerServiceMapID\":\"Integer - providerServiceMapID\", " + + "\"roleID\":\"Integer - roleID\"}") @RequestBody String request) { + OutputResponse response = new OutputResponse(); + logger.info("getLocationsByProviderID request "); + try { + response.setResponse(iemrAdminUserServiceImpl.getLocationsByProviderID(request)); + } catch (Exception e) { + logger.error("getLocationsByProviderID failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("getLocationsByProviderID response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "User log out") + @RequestMapping(value = "/userLogout", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public String userLogout(HttpServletRequest request) { + OutputResponse response = new OutputResponse(); + logger.info("userLogout"); + try { + deleteSessionObjectByGettingSessionDetails(request.getHeader("Authorization")); + sessionObject.deleteSessionObject(request.getHeader("Authorization")); + response.setResponse("Success"); + } catch (Exception e) { + response.setError(e); + } + return response.toString(); + } + + /** + * @param key + * @return + */ + private void deleteSessionObjectByGettingSessionDetails(String key) { + String sessionDetails = null; + try { + logger.info("inside delete child:" + key); + sessionDetails = sessionObject.getSessionObject(key); + logger.info("isessionDetails:" + sessionDetails); + JsonObject jsnOBJ = new JsonObject(); + JsonParser jsnParser = new JsonParser(); + JsonElement jsnElmnt = jsnParser.parse(sessionDetails); + jsnOBJ = jsnElmnt.getAsJsonObject(); + if (jsnOBJ.has("userName") && jsnOBJ.get("userName") != null) { + logger.info("deleting key:" + jsnOBJ.get("userName").getAsString().trim().toLowerCase()); + sessionObject.deleteSessionObject(jsnOBJ.get("userName").getAsString().trim().toLowerCase()); + } + } catch (Exception e) { + logger.error(e.getMessage()); + } + } + + private void deleteSessionObject(String key) { + try { + sessionObject.deleteSessionObject(key); + } catch (Exception e) { + logger.error(e.getMessage()); + } + } + + @Operation(summary = "Force log out") + @RequestMapping(value = "/forceLogout", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public String forceLogout(@RequestBody ForceLogoutRequestModel request, HttpServletRequest httpRequest, HttpServletResponse response) { + OutputResponse outputResponse = new OutputResponse(); + try { + // Perform the force logout logic + iemrAdminUserServiceImpl.forceLogout(request); + + // Extract token from cookies or headers + String token = getJwtTokenFromCookies(httpRequest); + if (token == null) { + response.setStatus(HttpServletResponse.SC_BAD_REQUEST); + outputResponse.setError(new RuntimeException("No JWT token found in request")); + return outputResponse.toString(); + } + + // Validate the token: Check if it is expired or in the deny list + Claims claims = jwtUtil.validateToken(token); + if (claims.isEmpty() || claims.getExpiration() == null || claims.getId() == null) { // If token is either expired or in the deny list, return 401 Unauthorized + response.setStatus(HttpServletResponse.SC_UNAUTHORIZED); + outputResponse.setError(new RuntimeException("Token is expired or has been logged out")); + return outputResponse.toString(); + } + + // Extract the jti (JWT ID) and expiration time from the validated claims + String jti = claims.getId(); // jti is in the 'id' field of claims + long expirationTime = claims.getExpiration().getTime(); // Use expiration from claims + long ttlMillis = expirationTime - System.currentTimeMillis(); + tokenDenylist.addTokenToDenylist(jti, ttlMillis); + + // Set the response message + outputResponse.setResponse("Success"); + } catch (Exception e) { + outputResponse.setError(e); + } + return outputResponse.toString(); + } + + private String getJwtTokenFromCookies(HttpServletRequest request) { + Cookie[] cookies = request.getCookies(); + if (cookies != null) { + for (Cookie cookie : cookies) { + if (cookie.getName().equalsIgnoreCase(Constants.JWT_TOKEN)) { + return cookie.getValue(); + } + } + } + return null; + } + + + @Operation(summary = "User force log out") + @RequestMapping(value = "/userForceLogout", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public String userForceLogout( + @Param(value = "\"{\\\"userName\\\":\\\"String\\\"}\"") @RequestBody ForceLogoutRequestModel request) { + OutputResponse response = new OutputResponse(); + try { + iemrAdminUserServiceImpl.userForceLogout(request); + response.setResponse("Success"); + } catch (Exception e) { + response.setError(e); + } + return response.toString(); + } + + @Operation(summary = "Get agent by role id") + @RequestMapping(value = "/getAgentByRoleID", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON, produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public String getAgentByRoleID(@Param(value = "{\"providerServiceMapID\":\"Integer - providerServiceMapID\", " + + "\"RoleID\":\"Optional: Integer - role ID to be filtered\"}") @RequestBody String request) { + OutputResponse response = new OutputResponse(); + logger.info("getAgentByRoleID request " + request.toString()); + try { + response.setResponse(iemrAdminUserServiceImpl.getAgentByRoleID(request)); + } catch (Exception e) { + logger.error("getAgentByRoleID failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("getAgentByRoleID response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "User authenticate by encryption") + @RequestMapping(value = "/userAuthenticateByEncryption", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) + public String userAuthenticateByEncryption( + @Param(value = "\"{\\\"userName\\\":\\\"String\\\",\\\"password\\\":\\\"String\\\"}\"") @RequestBody String req, + HttpServletRequest request) { + OutputResponse response = new OutputResponse(); + logger.info("userAuthenticateByEncryption request "); + try { + List mUser = iemrAdminUserServiceImpl.userAuthenticateByEncryption(req); + JSONObject resMap = new JSONObject(); + JSONObject serviceRoleMultiMap = new JSONObject(); + JSONObject serviceRoleMap = new JSONObject(); + JSONArray serviceRoleList = new JSONArray(); + JSONObject previlegeObj = new JSONObject(); + + if (mUser.size() == 1) { + createUserMapping(mUser.get(0), resMap, serviceRoleMultiMap, serviceRoleMap, serviceRoleList, + previlegeObj); + } else { + resMap.put("isAuthenticated", /* Boolean.valueOf(false) */false); + } + JSONObject responseObj = new JSONObject(resMap.toString()); + JSONArray previlageObjs = new JSONArray(); + Iterator services = previlegeObj.keys(); + while (services.hasNext()) { + String service = (String) services.next(); + previlageObjs.put(previlegeObj.getJSONObject(service)); + } + responseObj.put("previlegeObj", previlageObjs); + String remoteAddress = request.getHeader("X-FORWARDED-FOR"); + if (remoteAddress == null || remoteAddress.trim().length() == 0) { + remoteAddress = request.getRemoteAddr(); + } + responseObj = iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress, + request.getRemoteHost()); + response.setResponse(responseObj.toString()); + } catch (Exception e) { + logger.error("userAuthenticateByEncryption failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("userAuthenticateByEncryption response " + response.toString()); + return response.toString(); + } + + @Operation(summary = "Get role wrap up time") + @RequestMapping(value = "/role/{roleID}", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public String getrolewrapuptime(@PathVariable("roleID") Integer roleID) { + + OutputResponse response = new OutputResponse(); + try { + M_Role test = iemrAdminUserServiceImpl.getrolewrapuptime(roleID); + if (test == null) { + throw new Exception("RoleID Not Found"); + } + response.setResponse(test.toString()); + } catch (Exception e) { + response.setError(e); + } + return response.toString(); + } + + /** + * @param request + * @return transaction Id for password change + */ + @Operation(summary = "Validating security question and answers for password change") + @RequestMapping(value = {"/validateSecurityQuestionAndAnswer"}, method = {RequestMethod.POST}) + public String validateSecurityQuestionAndAnswer( + @Param(value = "{\"SecurityQuesAns\": [{\"questionId\":\"String\",\"answer\":\"String\"}],\"userName\":\"String\"}") @RequestBody String request) { + + OutputResponse response = new OutputResponse(); + logger.info("validateSecurityQuestionAndAnswer API request" + request); + try { + if (request != null) { + JsonObject requestObj = new JsonObject(); + JsonParser jsnParser = new JsonParser(); + JsonElement jsnElmnt = jsnParser.parse(request); + requestObj = jsnElmnt.getAsJsonObject(); + String resp = iemrAdminUserServiceImpl.validateQuestionAndAnswersForPasswordChange(requestObj); + response.setResponse(resp); + } else + throw new IEMRException("Invalid Request"); + } catch (Exception e) { + logger.error("validateSecurityQuestionAndAnswer failed: {}", e.toString()); + response.setError(5000, e.getMessage()); + } + logger.info("validateSecurityQuestionAndAnswer API response" + response.toString()); + return response.toString(); + } + + @Operation(summary = "User authentication") + @RequestMapping(value = "/bhavya/userAuthenticate", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON) + public String userAuthenticateBhavya( + @Param(value = "\"{\\\"userName\\\":\\\"String\\\",\\\"password\\\":\\\"String\\\"}\"") @RequestBody LoginRequestModel m_User, + HttpServletRequest request) { + OutputResponse response = new OutputResponse(); + logger.info("userAuthenticate request - " + m_User + " " + m_User.getUserName() + " " + m_User.getPassword()); + try { + // String decryptPassword = aesUtil.decrypt("Piramal12Piramal", + // m_User.getPassword()); + // logger.info("decryptPassword : " + m_User.getPassword()); + List mUser = iemrAdminUserServiceImpl.userAuthenticate(m_User.getUserName(), m_User.getPassword()); + JSONObject resMap = new JSONObject(); + JSONObject serviceRoleMultiMap = new JSONObject(); + JSONObject serviceRoleMap = new JSONObject(); + JSONArray serviceRoleList = new JSONArray(); + JSONObject previlegeObj = new JSONObject(); + if (m_User.getUserName() != null && (m_User.getDoLogout() == null || m_User.getDoLogout() == false)) { + String tokenFromRedis = getConcurrentCheckSessionObjectAgainstUser( + m_User.getUserName().trim().toLowerCase()); + if (tokenFromRedis != null) { + throw new IEMRException( + "You are already logged in,please confirm to logout from other device and login again"); + } + } else if (m_User.getUserName() != null && m_User.getDoLogout() != null && m_User.getDoLogout() == true) { + deleteSessionObject(m_User.getUserName().trim().toLowerCase()); + } + if (mUser.size() == 1) { + createUserMapping(mUser.get(0), resMap, serviceRoleMultiMap, serviceRoleMap, serviceRoleList, + previlegeObj); + } else { + resMap.put("isAuthenticated", /* Boolean.valueOf(false) */false); + } + JSONObject responseObj = new JSONObject(resMap.toString()); + JSONArray previlageObjs = new JSONArray(); + Iterator services = previlegeObj.keys(); + while (services.hasNext()) { + String service = (String) services.next(); + previlageObjs.put(previlegeObj.getJSONObject(service)); + } + responseObj.put("previlegeObj", previlageObjs); + String remoteAddress = request.getHeader("X-FORWARDED-FOR"); + if (remoteAddress == null || remoteAddress.trim().length() == 0) { + remoteAddress = request.getRemoteAddr(); + } + responseObj = iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress, + request.getRemoteHost()); + response.setResponse(responseObj.toString()); + } catch (Exception e) { + logger.error("userAuthenticate failed with error " + e.getMessage(), e); + response.setError(e); + } + logger.info("userAuthenticate response " + response.toString()); + return response.toString(); + } + + @GetMapping("/get-jwt-token") + public ResponseEntity getJwtTokenFromCookie(HttpServletRequest httpRequest) { + // Retrieve the cookie named 'jwtToken' + Cookie[] cookies = httpRequest.getCookies(); + + if (cookies != null) { + for (Cookie cookie : cookies) { + + if ("Jwttoken".equalsIgnoreCase(cookie.getName())) { + + String jwtToken = cookie.getValue(); + // Return the JWT token in the response + return ResponseEntity.ok(jwtToken); + } + } + } + // Return 404 if the token is not found in the cookies + return ResponseEntity.status(HttpStatus.NOT_FOUND).body("JWT token not found"); + } + + private JSONObject prepareAuthenticationResponse(User mUser, String remoteAddress, String remoteHost) throws Exception { + JSONObject resMap = new JSONObject(); + JSONObject serviceRoleMultiMap = new JSONObject(); + JSONObject serviceRoleMap = new JSONObject(); + JSONArray serviceRoleList = new JSONArray(); + JSONObject previlegeObj = new JSONObject(); + + if (mUser != null) { + mUser.setM_UserServiceRoleMapping(iemrAdminUserServiceImpl.getUserServiceRoleMapping(mUser.getUserID())); + createUserMapping(mUser, resMap, serviceRoleMultiMap, serviceRoleMap, serviceRoleList, previlegeObj); + } else { + resMap.put("isAuthenticated", false); + } + + JSONObject responseObj = new JSONObject(resMap.toString()); + JSONArray previlageObjs = new JSONArray(); + Iterator services = previlegeObj.keys(); + while (services.hasNext()) { + String service = (String) services.next(); + previlageObjs.put(previlegeObj.getJSONObject(service)); + } + responseObj.put("previlegeObj", previlageObjs); + + return iemrAdminUserServiceImpl.generateKeyAndValidateIP(responseObj, remoteAddress, remoteHost); + } + + @Operation(summary = "Get UserId based on userName") + @GetMapping(value = "/userName/{userName}", produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public ResponseEntity getUserDetails(@PathVariable("userName") String userName) { + try { + List users = iemrAdminUserServiceImpl.getUserIdbyUserName(userName); + if (users.isEmpty()) { + return new ResponseEntity<>(Map.of("error", "UserName Not Found"), HttpStatus.NOT_FOUND); + } + User user = users.get(0); + return new ResponseEntity<>(Map.of("userName", user.getUserName(), "userId", user.getUserID()), + HttpStatus.OK); + } catch (Exception e) { + return new ResponseEntity<>(Map.of("error", "Internal server error"), HttpStatus.INTERNAL_SERVER_ERROR); + } + + } + + @Operation(summary = "Get UserId based on userName") + @GetMapping(value = "/checkUserName/{userName}", produces = MediaType.APPLICATION_JSON, headers = "Authorization") + public ResponseEntity checkUserDetails(@PathVariable("userName") String userName) { + try { + List users = iemrAdminUserServiceImpl.findUserIdByUserName(userName); + if (users.isEmpty()) { + return new ResponseEntity<>(Map.of("error", "UserName Not Found"), HttpStatus.NOT_FOUND); + } + User user = users.get(0); + return new ResponseEntity<>(Map.of("userName", user.getUserName(), "userId", user.getUserID()), + HttpStatus.OK); + } catch (Exception e) { + return new ResponseEntity<>(Map.of("error", "Internal server error"), HttpStatus.INTERNAL_SERVER_ERROR); + } + + } }