diff --git a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java index 81acd8ca..d8a43b35 100644 --- a/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java +++ b/src/main/java/com/iemr/common/controller/users/IEMRAdminController.java @@ -156,7 +156,7 @@ public String userAuthenticate( logger.info("CAPTCHA validated successfully for user: {}", m_User.getUserName()); } else { logger.warn("CAPTCHA token missing for user: {}", m_User.getUserName()); - response.setError(new IEMRException("CAPTCHA token is required")); + response.setError(new IEMRException("CAPTCHA validation failed. Please try again.")); return response.toString(); } } else { @@ -254,20 +254,24 @@ public ResponseEntity refreshToken(@RequestBody Map request) try { if (jwtUtil.validateToken(refreshToken) == null) { - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Invalid token"); + logger.warn("Token validation failed: invalid token provided."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); } Claims claims = jwtUtil.getAllClaimsFromToken(refreshToken); // Verify token type if (!"refresh".equals(claims.get("token_type", String.class))) { - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Invalid token type"); + logger.warn("Token validation failed: incorrect token type in refresh request."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); + } // Check revocation using JTI String jti = claims.getId(); if (!redisTemplate.hasKey("refresh:" + jti)) { - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Token revoked"); + logger.warn("Token validation failed: refresh token is revoked or not found in store."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); } // Get user details @@ -277,11 +281,13 @@ public ResponseEntity refreshToken(@RequestBody Map request) // Validate that the user still exists and is active if (user == null) { - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("User not found"); + logger.warn("Token validation failed: user not found for userId in token."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); } if (user.getM_status() == null || !"Active".equalsIgnoreCase(user.getM_status().getStatus())) { - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("User account is inactive"); + logger.warn("Token validation failed: user account is inactive or not in 'Active' status."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Unauthorized."); } // Generate new tokens String newJwt = jwtUtil.generateToken(user.getUserName(), userId); @@ -302,10 +308,14 @@ public ResponseEntity refreshToken(@RequestBody Map request) return ResponseEntity.ok(tokens); } catch (ExpiredJwtException ex) { - return ResponseEntity.status(HttpStatus.UNAUTHORIZED).body("Token expired"); + logger.warn("Token validation failed: token has expired."); + return ResponseEntity.status(HttpStatus.UNAUTHORIZED) + .body("Authentication failed. Please log in again."); } catch (Exception e) { logger.error("Refresh failed: ", e); - return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("Token refresh failed"); + logger.error("Token refresh failed due to unexpected server error."); + return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR) + .body("An unexpected error occurred. Please try again later."); } } @@ -321,10 +331,12 @@ public String logOutUserFromConcurrentSession( List mUsers = iemrAdminUserServiceImpl.userExitsCheck(m_User.getUserName()); if (mUsers == null || mUsers.size() <= 0) { - throw new IEMRException("User not found, please contact administrator"); - } else if (mUsers.size() > 1) - throw new IEMRException("More than 1 user found, please contact administrator"); - else if (mUsers.size() == 1) { + logger.error("User not found"); + throw new IEMRException("Logout request failed, please try again later"); + } else if (mUsers.size() > 1) { + logger.error("More than 1 user found"); + throw new IEMRException("Logout failed. Please retry or contact administrator"); + } else if (mUsers.size() == 1) { String previousTokenFromRedis = sessionObject .getSessionObject((mUsers.get(0).getUserName().toString().trim().toLowerCase())); if (previousTokenFromRedis != null) { @@ -332,7 +344,8 @@ else if (mUsers.size() == 1) { sessionObject.deleteSessionObject(previousTokenFromRedis); response.setResponse("User successfully logged out"); } else - throw new IEMRException("Unable to fetch session from redis"); + logger.error("Unable to fetch session from redis"); + throw new IEMRException("Session error. Please try again later"); } } else { throw new IEMRException("Invalid request object"); @@ -404,7 +417,7 @@ private void createUserMapping(User mUser, JSONObject resMap, JSONObject service previlegeObj.getJSONObject(serv).put("agentPassword", m_UserServiceRoleMapping.getAgentPassword()); } JSONArray roles = previlegeObj.getJSONObject(serv).getJSONArray("roles"); -// roles.put(new JSONObject(m_UserServiceRoleMapping.getM_Role().toString())); + // roles.put(new JSONObject(m_UserServiceRoleMapping.getM_Role().toString())); JSONObject roleObject = new JSONObject(m_UserServiceRoleMapping.getM_Role().toString()); roleObject.put("teleConsultation", m_UserServiceRoleMapping.getTeleConsultation()); roles.put(roleObject); @@ -506,7 +519,7 @@ public String superUserAuthenticate( response.setResponse(responseObj.toString()); } catch (Exception e) { logger.error("userAuthenticate failed with error " + e.getMessage(), e); - response.setError(e); + response.setError(5000, "Authentication failed. Please try again later."); // Generic fallback } logger.info("userAuthenticate response " + response.toString()); return response.toString(); @@ -563,7 +576,8 @@ public String getLoginResponse(HttpServletRequest request) { } if (jwtToken == null) { - throw new IEMRException("No authentication token found in header or cookie"); + logger.warn("Authentication failed: no token found in header or cookies."); + throw new IEMRException("Authentication failed. Please log in again."); } // Extract user ID from the JWT token @@ -572,7 +586,9 @@ public String getLoginResponse(HttpServletRequest request) { // Get user details and prepare response User user = iemrAdminUserServiceImpl.getUserById(Long.parseLong(userId)); if (user == null) { - throw new IEMRException("User not found"); + logger.warn("User lookup failed for provided userId."); + throw new IEMRException("Authentication failed. Please try again."); + } String remoteAddress = request.getHeader("X-FORWARDED-FOR"); @@ -603,10 +619,13 @@ public String forgetPassword( List mUsers = iemrAdminUserServiceImpl.userExitsCheck(m_User.getUserName()); if (mUsers == null || mUsers.size() <= 0) { - throw new IEMRException("user not found, please contact administrator"); - } else if (mUsers.size() > 1) - throw new IEMRException("more than 1 user found, please contact administrator"); - else if (mUsers.size() == 1) { + logger.error("User not found"); + throw new IEMRException("Request failed, please try again later"); + } else if (mUsers.size() > 1) { + logger.error("More than 1 user found"); + throw new IEMRException("Request failed. Please retry again"); + + } else if (mUsers.size() == 1) { List> quesAnsList = new ArrayList<>(); Map quesAnsMap; Map resMap = new HashMap<>(); @@ -626,7 +645,7 @@ else if (mUsers.size() == 1) { } } catch (Exception e) { logger.error("forgetPassword failed with error " + e.getMessage(), e); - response.setError(e); + response.setError(5000, "ForgetPassword failed."); } logger.info("forgetPassword response " + response.toString()); return response.toString(); @@ -642,8 +661,11 @@ public String setPassword( int noOfRowModified = 0; List mUsers = iemrAdminUserServiceImpl.userExitsCheck(m_user.getUserName()); if (mUsers.size() != 1) { - throw new IEMRException( - "Set forgot password failed as the user does not exist or is not active or multiple user found.Please contact with administrator"); + logger.warn( + "Password reset failed for username '{}'. Reason: user not found, inactive, or multiple matches.", + m_user.getUserName()); + + throw new IEMRException("Unable to process your request. Please try again or contact support."); } User mUser = mUsers.get(0); String setStatus; @@ -660,7 +682,7 @@ public String setPassword( } catch (Exception e) { logger.error("setForgetPassword failed with error " + e.getMessage(), e); if (e.getMessage().equals( - "Set forgot password failed as the user does not exist or is not active or multiple user found.Please contact with administrator")) + "Unable to process your request. Please try again or contact support.")) response.setError(e); else response.setError(5000, e.getMessage()); @@ -681,7 +703,9 @@ public String changePassword( List mUsers = iemrAdminUserServiceImpl.userExitsCheck(changePassword.getUserName()); String changeReqResult; if (mUsers.size() != 1) { - throw new IEMRException("Change password failed with error as user is not available"); + logger.warn("Change password attempt failed. User not found or not available."); + + throw new IEMRException("Unable to change password. Please try again later"); } try { int validatePassword; @@ -710,7 +734,7 @@ public String changePassword( response.setResponse(changeReqResult); } catch (Exception e) { logger.error("changePassword failed with error " + e.getMessage(), e); - response.setError(e); + response.setError(5000, "Password change failed. Please try again later."); } logger.info("changePassword response " + response.toString()); return response.toString(); @@ -728,7 +752,7 @@ public String saveUserSecurityQuesAns( response.setResponse(responseData); } catch (Exception e) { logger.error("saveUserSecurityQuesAns failed with error " + e.getMessage(), e); - response.setError(e); + response.setError(5000, "Failed to save security questions. Please try again later."); } logger.info("saveUserSecurityQuesAns response " + response.toString()); return response.toString(); @@ -748,7 +772,7 @@ public String getSecurityts() { response.setResponse(test.toString()); } catch (Exception e) { logger.error("getsecurityquetions failed with error " + e.getMessage(), e); - response.setError(e); + response.setError(5000, "Unable to fetch security questions"); } logger.info("getsecurityquetions response " + response.toString()); return response.toString(); @@ -1034,7 +1058,7 @@ public String userAuthenticateByEncryption( response.setResponse(responseObj.toString()); } catch (Exception e) { logger.error("userAuthenticateByEncryption failed with error " + e.getMessage(), e); - response.setError(e); + response.setError(5000, "Request failed. Please try again."); } logger.info("userAuthenticateByEncryption response " + response.toString()); return response.toString(); @@ -1052,7 +1076,7 @@ public String getrolewrapuptime(@PathVariable("roleID") Integer roleID) { } response.setResponse(test.toString()); } catch (Exception e) { - response.setError(e); + response.setError(5000, "Request failed. Please try again."); } return response.toString(); } @@ -1079,8 +1103,8 @@ public String validateSecurityQuestionAndAnswer( } else throw new IEMRException("Invalid Request"); } catch (Exception e) { - response.setError(5000, e.getMessage()); - logger.error(e.toString()); + logger.error("validateSecurityQuestionAndAnswer failed: {}", e.toString()); + response.setError(5000, "Request failed. Please try again."); } logger.info("validateSecurityQuestionAndAnswer API response" + response.toString()); return response.toString(); @@ -1136,7 +1160,7 @@ public String userAuthenticateBhavya( response.setResponse(responseObj.toString()); } catch (Exception e) { logger.error("userAuthenticate failed with error " + e.getMessage(), e); - response.setError(e); + response.setError(5000, "Authentication failed. Please try again."); } logger.info("userAuthenticate response " + response.toString()); return response.toString(); diff --git a/src/main/java/com/iemr/common/service/users/IEMRAdminUserServiceImpl.java b/src/main/java/com/iemr/common/service/users/IEMRAdminUserServiceImpl.java index a0efd373..591180bd 100644 --- a/src/main/java/com/iemr/common/service/users/IEMRAdminUserServiceImpl.java +++ b/src/main/java/com/iemr/common/service/users/IEMRAdminUserServiceImpl.java @@ -224,7 +224,7 @@ public void setValidator(Validator validator) { public List userAuthenticate(String userName, String password) throws Exception { List users = iEMRUserRepositoryCustom.findByUserNameNew(userName); if (users.size() != 1) { - throw new IEMRException("User login failed due to incorrect username/password"); + throw new IEMRException("Invalid username or password"); } else { if (users.get(0).getDeleted()) throw new IEMRException("Your account is locked or de-activated. Please contact administrator"); @@ -263,16 +263,18 @@ else if (users.get(0).getStatusID() > 2) user.setFailedAttempt(user.getFailedAttempt() + 1); user.setDeleted(true); user = iEMRUserRepositoryCustom.save(user); + logger.warn("User Account has been locked after reaching the limit of {} failed login attempts.", + ConfigProperties.getInteger("failedLoginAttempt")); + throw new IEMRException( - "User login failed due to incorrect username/password. Your account is locked due to " - + ConfigProperties.getInteger("failedLoginAttempt") - + " failed attempts. Please contact administrator."); + "Your account has been locked due to multiple failed login attempts. Please contact administrator."); } else { user.setFailedAttempt(user.getFailedAttempt() + 1); user = iEMRUserRepositoryCustom.save(user); - throw new IEMRException("User login failed due to incorrect username/password. " - + (ConfigProperties.getInteger("failedLoginAttempt") - user.getFailedAttempt()) - + " more attempt left."); + logger.warn("Failed login attempt {} of {} for a user account.", + user.getFailedAttempt(), ConfigProperties.getInteger("failedLoginAttempt")); + throw new IEMRException( + "Your account has been locked due to multiple failed login attempts. Please contact administrator."); } } else { if (user.getFailedAttempt() != 0) { @@ -307,7 +309,7 @@ public User superUserAuthenticate(String userName, String password) throws Excep List users = iEMRUserRepositoryCustom.findByUserName(userName); if (users.size() != 1) { - throw new IEMRException("User login failed due to incorrect username/password"); + throw new IEMRException("Invalid username or password"); } else { if (users.get(0).getDeleted()) throw new IEMRException("Your account is locked or de-activated. Please contact administrator"); @@ -344,16 +346,18 @@ else if (users.get(0).getStatusID() > 2) user.setFailedAttempt(user.getFailedAttempt() + 1); user.setDeleted(true); user = iEMRUserRepositoryCustom.save(user); + logger.warn("User Account has been locked after reaching the limit of {} failed login attempts.", + ConfigProperties.getInteger("failedLoginAttempt")); + throw new IEMRException( - "User login failed due to incorrect username/password. Your account is locked due to " - + ConfigProperties.getInteger("failedLoginAttempt") - + " failed attempts. Please contact administrator."); + "Your account has been locked due to multiple failed login attempts. Please contact administrator."); } else { user.setFailedAttempt(user.getFailedAttempt() + 1); user = iEMRUserRepositoryCustom.save(user); - throw new IEMRException("User login failed due to incorrect username/password. " - + (ConfigProperties.getInteger("failedLoginAttempt") - user.getFailedAttempt()) - + " more attempt left."); + logger.warn("Failed login attempt {} of {} for a user account.", + user.getFailedAttempt(), ConfigProperties.getInteger("failedLoginAttempt")); + throw new IEMRException( + "Your account has been locked due to multiple failed login attempts. Please contact administrator."); } } else { if (user.getFailedAttempt() != 0) { @@ -376,10 +380,10 @@ public LoginResponseModel userAuthenticateV1(LoginRequestModel loginRequest, Str User user = users.get(0); try { if (!securePassword.validatePasswordExisting(loginRequest.getPassword(), user.getPassword())) { - throw new IEMRException("User login failed due to incorrect username/password"); + throw new IEMRException("Invalid username or password"); } } catch (Exception e) { - throw new IEMRException("User login failed due to incorrect username/password"); + throw new IEMRException("Invalid username or password"); } loginResponseModel = userMapper.userDataToLoginResponse(user); logger.info("Login response is " + loginResponseModel.toString()); @@ -391,7 +395,7 @@ public LoginResponseModel userAuthenticateV1(LoginRequestModel loginRequest, Str // loginResponseModel.setHostName(hostName); // loginResponseModel.setIpAddress(ipAddress); } else { - throw new IEMRException("User login failed due to incorrect username/password"); + throw new IEMRException("Invalid username or password"); } return loginResponseModel; @@ -614,7 +618,8 @@ public String saveUserSecurityQuesAns(Iterable m_UserSecur User users = iEMRUserRepositoryCustom .findUserByUserID(m_UserSecurityQMapping.iterator().next().getUserID()); if (users == null) { - throw new IEMRException("User does not exist or is not active"); + logger.warn("User validation failed: user not found for provided ID."); + throw new IEMRException("Invalid user. Please contact administrator."); } Iterable obj = iEMRUserSecurityQuesAnsRepository.saveAll(m_UserSecurityQMapping); @@ -627,7 +632,9 @@ public String saveUserSecurityQuesAns(Iterable m_UserSecur sessionObject.deleteSessionObject((users.getUserID().toString() + users.getUserName())); return generateTransactionIdForPasswordChange(users); } else { - throw new IEMRException("Failed to save security question and answers, Please try again"); + logger.error( + "Failed to save user security questions. Repository save operation returned empty result."); + throw new IEMRException("Unable to complete the operation. Please try again later."); } } else throw new IEMRException("Invalid user, please contact administrator"); @@ -867,9 +874,9 @@ public JSONObject generateKeyAndValidateIP(JSONObject responseObj, String ipAddr throws JSONException, NoSuchAlgorithmException, IEMRException { String key = generateKey(responseObj); // commented the below code to restrict IP address and hostname to be sent on UI -// responseObj.put("loginIPAddress", ipAddress); -// responseObj.put("ipAddress", ipAddress); -// responseObj.put("hostName", hostName); + // responseObj.put("loginIPAddress", ipAddress); + // responseObj.put("ipAddress", ipAddress); + // responseObj.put("hostName", hostName); responseObj = validator.updateCacheObj(responseObj, key, ""); setConcurrentCheckSessionObject(responseObj, key); return responseObj; @@ -958,10 +965,10 @@ public void userForceLogout(ForceLogoutRequestModel request) throws Exception { } try { if (!securePassword.validatePasswordExisting(request.getPassword(), users.get(0).getPassword())) { - throw new Exception("Force logout failed due to incorrect password"); + throw new Exception("Force logout failed"); } } catch (Exception e) { - throw new Exception("Force logout failed due to incorrect password"); + throw new Exception("Force logout failed"); } userForceLogout(request, users.get(0)); } @@ -1049,15 +1056,15 @@ public List userAuthenticateByEncryption(String req) throws Exception { LoginRequestModel m_user = InputMapper.gson().fromJson(jsonreq, LoginRequestModel.class); List users = iEMRUserRepositoryCustom.findByUserName(m_user.getUserName()); if (users.size() != 1) { - throw new IEMRException("User login failed due to incorrect username/password"); + throw new IEMRException("Invalid username or password"); } User user = users.get(0); try { if (!securePassword.validatePasswordExisting(m_user.getPassword(), user.getPassword())) { - throw new IEMRException("User login failed due to incorrect username/password"); + throw new IEMRException("Invalid username or password"); } } catch (Exception e) { - throw new IEMRException("User login failed due to incorrect username/password"); + throw new IEMRException("Invalid username or password"); } user.setM_UserServiceRoleMapping(getUserServiceRoleMapping(user.getUserID())); return users; @@ -1105,7 +1112,10 @@ public String validateQuestionAndAnswersForPasswordChange(JsonObject request) th if (request.has("userName") && request.get("userName") != null) { List users = iEMRUserRepositoryCustom.findByUserName(request.get("userName").getAsString()); if (users.size() != 1) { - throw new IEMRException("User does not exist or is not active or more than 1 user found"); + logger.warn("User validation failed: not found or duplicate entries for username '{}'", + request.get("userName").getAsString()); + throw new IEMRException("Unable to validate credentials. Please contact administrator."); + } User user = users.get(0); sessionObject.deleteSessionObject((user.getUserID().toString() + user.getUserName())); @@ -1118,8 +1128,12 @@ public String validateQuestionAndAnswersForPasswordChange(JsonObject request) th user.getUserID(), securityAnswers.getQuestionId(), securityAnswers.getAnswer()); if (userSecurityQuestionAnswers == null - || userSecurityQuestionAnswers.getUserSecurityQAID() == null) - throw new IEMRException("Security answers does not match"); + || userSecurityQuestionAnswers.getUserSecurityQAID() == null) { + logger.warn("Security answer mismatch for userId={}, questionId={}", + user.getUserID(), securityAnswers.getQuestionId()); + throw new IEMRException( + "We couldn't verify your answers. Please try again"); + } pointer++; } @@ -1132,7 +1146,7 @@ public String validateQuestionAndAnswersForPasswordChange(JsonObject request) th throw new IEMRException("Invalid questions, validation failed, please contact administrator"); } else - throw new IEMRException("Invalid/NULL user name"); + throw new IEMRException("Invalid request. Please try again."); } catch (Exception e) { logger.error(e.getMessage(), e); throw new IEMRException(e.getMessage());