Merge pull request guardian#24082 from guardian/bt/remove-change-password-page

Remove change password page

Author: rebecca-thompson

common/app/navigation/AuthenticationComponentEvent.scala

@@ -10,7 +10,6 @@ object AuthenticationComponentEvent {
   case object RegisterToRecommend extends ComponentEventId("register_to_recommend_comment")
   case object SigninRedirect extends ComponentEventId("signin_redirect_for_action")
   case object SigninFromFormStack extends ComponentEventId("signin_from_formstack")
-  case object SigninFromPasswordResetConfirmation extends ComponentEventId("signin_from_password_reset_confirmation")
 
   def createAuthenticationComponentEventParams(componentEventId: ComponentEventId): String =
     createAuthenticationComponentEventTuple(componentEventId) match {

identity/app/controllers/ChangePasswordController.scala

@@ -1,152 +1,22 @@
 package controllers
 
 import common.ImplicitControllerExecutionContext
-import model.{ApplicationContext, IdentityPage, NoCache, ReturnJourney}
+import model.ApplicationContext
+import play.api.http.HttpConfiguration
 import play.api.mvc._
-import play.api.data.{Form, Forms}
-import play.api.data.Forms._
-import services._
 import utils.SafeLogging
-import form.Mappings
-import idapiclient.IdApiClient
-import play.filters.csrf.{CSRFAddToken, CSRFCheck}
-import actions.AuthenticatedActions
-import play.api.i18n.{Messages, MessagesProvider}
-
-import scala.concurrent.Future
-import idapiclient.requests.PasswordUpdate
-import pages.IdentityHtmlPage
-import play.api.http.HttpConfiguration
+import conf.Configuration
 
 class ChangePasswordController(
-    api: IdApiClient,
-    authenticatedActions: AuthenticatedActions,
-    authenticationService: AuthenticationService,
-    idRequestParser: IdRequestParser,
-    idUrlBuilder: IdentityUrlBuilder,
-    csrfCheck: CSRFCheck,
-    csrfAddToken: CSRFAddToken,
-    signInService: PlaySigninService,
     val controllerComponents: ControllerComponents,
     val httpConfiguration: HttpConfiguration,
 )(implicit context: ApplicationContext)
     extends BaseController
     with ImplicitControllerExecutionContext
-    with SafeLogging
-    with Mappings
-    with implicits.Forms {
-
-  import authenticatedActions.fullAuthAction
-
-  val page = IdentityPage("/password/change", "Change Password")
-
-  private val passwordForm = Form(
-    mapping(
-      ("oldPassword", optional(Forms.text)),
-      ("newPassword1", Forms.text),
-      ("newPassword2", Forms.text),
-    )(PasswordFormData.apply)(PasswordFormData.unapply),
-  )
-
-  private def passwordFormWithConstraints(implicit messagesProvider: MessagesProvider): Form[PasswordFormData] =
-    Form(
-      mapping(
-        ("oldPassword", optional(idPassword)),
-        ("newPassword1", idPassword),
-        ("newPassword2", idPassword),
-      )(PasswordFormData.apply)(PasswordFormData.unapply) verifying (
-        Messages("error.passwordsMustMatch"), { _.passwordsMatch }
-      ) verifying (
-        Messages("error.passwordMustChange"), { _.passwordChanged }
-      ),
-    )
-
-  def displayForm(): Action[AnyContent] =
-    csrfAddToken {
-      fullAuthAction.async { implicit request =>
-        val form = passwordForm.bindFromFlash.getOrElse(passwordForm)
-
-        val idRequest = idRequestParser(request)
-        api.passwordExists(request.user.auth, idRequest.trackingData) map { result =>
-          val pwdExists = result.right.toOption contains true
-          NoCache(
-            Ok(
-              IdentityHtmlPage.html(
-                views.html.password.changePassword(
-                  page = page,
-                  idRequest = idRequest,
-                  idUrlBuilder = idUrlBuilder,
-                  passwordForm = form,
-                  passwordExists = pwdExists,
-                ),
-              )(page, request, context),
-            ),
-          )
-        }
-      }
-    }
+    with SafeLogging {
 
-  def renderPasswordConfirmation(returnUrl: Option[String]): Action[AnyContent] =
+  def redirectToResetPassword: Action[AnyContent] =
     Action { implicit request =>
-      // TODO: returnUrl doesn't appear to be used by this route.
-      //  Leaving to be fixed by consolidating the whole route with *reset* confirmation
-      val returnJourney = ReturnJourney(returnUrl)
-      val idRequest = idRequestParser(request)
-      val userIsLoggedIn = authenticationService.userIsFullyAuthenticated(request)
-      NoCache(
-        Ok(
-          IdentityHtmlPage.html(
-            views.html.password
-              .passwordResetConfirmation(page, idRequest, idUrlBuilder, userIsLoggedIn, returnUrl, returnJourney),
-          )(page, request, context),
-        ),
-      )
+      Redirect(url = s"${Configuration.id.url}/reset", MOVED_PERMANENTLY)
     }
-
-  def submitForm(): Action[AnyContent] =
-    csrfCheck {
-      fullAuthAction.async { implicit request =>
-        val idRequest = idRequestParser(request)
-        val boundForm = passwordFormWithConstraints.bindFromRequest()
-
-        def onError(formWithErrors: Form[PasswordFormData]): Future[Result] = {
-          logger.info("form errors in change password attempt")
-          Future.successful(
-            NoCache(
-              SeeOther(routes.ChangePasswordController.displayForm.url)
-                .flashing(clearPasswords(formWithErrors).toFlash),
-            ),
-          )
-        }
-
-        def onSuccess(form: PasswordFormData): Future[Result] = {
-          val update = PasswordUpdate(form.oldPassword, form.newPassword1)
-          val authResponse = api.updatePassword(update, request.user.auth, idRequest.trackingData)
-
-          signInService.getCookies(authResponse, rememberMe = true) map {
-            case Left(errors) =>
-              val formWithErrors = errors.foldLeft(boundForm) { (form, error) =>
-                form.withError(error.context.getOrElse(""), error.description)
-              }
-              NoCache(
-                SeeOther(routes.ChangePasswordController.displayForm.url)
-                  .flashing(clearPasswords(formWithErrors).toFlash),
-              )
-            case Right(cookies) =>
-              NoCache(SeeOther(routes.ChangePasswordController.renderPasswordConfirmation(None).url))
-                .withCookies(cookies: _*)
-          }
-        }
-
-        boundForm.fold[Future[Result]](onError, onSuccess)
-      }
-    }
-
-  private def clearPasswords(formWithPasswords: Form[PasswordFormData]) = formWithPasswords.copy(data = Map.empty)
-
-}
-
-case class PasswordFormData(oldPassword: Option[String], newPassword1: String, newPassword2: String) {
-  lazy val passwordsMatch = newPassword1 == newPassword2
-  lazy val passwordChanged = oldPassword map { _ != newPassword1 } getOrElse true
 }

identity/app/controllers/editprofile/tabs/AccountTab.scala

@@ -12,6 +12,6 @@ trait AccountTab extends EditProfileControllerComponents {
     }
 
   /** GET /account/edit */
-  def redirectToAccountSettings: Action[AnyContent] = redirectToManage("account-settings")
+  def redirectToManageAccountSettings: Action[AnyContent] = redirectToManage("account-settings")
 
 }

identity/app/controllers/editprofile/tabs/EmailsTab.scala

@@ -16,8 +16,5 @@ trait EmailsTab extends EditProfileControllerComponents {
     }
 
   /** GET /email-prefs */
-  def redirectToEmailPrefs: Action[AnyContent] = redirectToManage("email-prefs")
-
-  /** GET /privacy/edit */
-  def displayPrivacyFormRedirect: Action[AnyContent] = redirectToManage("email-prefs")
+  def redirectToManageEmailPrefs: Action[AnyContent] = redirectToManage("email-prefs")
 }

identity/app/controllers/editprofile/tabs/PublicTab.scala

@@ -12,6 +12,6 @@ trait PublicTab extends EditProfileControllerComponents {
     }
 
   /** GET /public/edit */
-  def redirectToPublicSettings: Action[AnyContent] = redirectToManage("public-settings")
+  def redirectToManagePublicSettings: Action[AnyContent] = redirectToManage("public-settings")
 
 }

identity/app/idapiclient/IdApiClient.scala

@@ -11,7 +11,7 @@ import net.liftweb.json.compactRender
 import net.liftweb.json.JsonAST.JObject
 import net.liftweb.json.Serialization.write
 import utils.SafeLogging
-import idapiclient.requests.{AutoSignInToken, DeletionBody, PasswordUpdate, TokenPassword}
+import idapiclient.requests.{AutoSignInToken, DeletionBody}
 import org.slf4j.LoggerFactory
 import play.api.libs.ws.WSClient
 
@@ -58,7 +58,6 @@ class IdApiClient(idJsonBodyParser: IdApiJsonBodyParser, conf: IdConfig, httpCli
   }
 
   // USERS
-
   def user(userId: String, auth: Auth = Anonymous): Future[Response[User]] = {
     val apiPath = urlJoin("user", userId)
     val params = buildParams(Some(auth))
@@ -85,48 +84,14 @@ class IdApiClient(idJsonBodyParser: IdApiJsonBodyParser, conf: IdConfig, httpCli
     response map extractUser
   }
 
-  // PASSWORD RESET/UPDATE
-
-  def passwordExists(auth: Auth, trackingData: TrackingData): Future[Response[Boolean]] = {
-    val apiPath = urlJoin("user", "password-exists")
-    val headers = buildHeaders(Some(auth), extra = xForwardedForHeader(trackingData))
-    val response = httpClient.GET(apiUrl(apiPath), None, buildParams(Some(auth)), headers)
-    response map extract[Boolean](jsonField("passwordExists"))
-  }
-
-  def updatePassword(
-      pwdUpdate: PasswordUpdate,
-      auth: Auth,
-      trackingData: TrackingData,
-  ): Future[Response[CookiesResponse]] = {
-    val apiPath = urlJoin("user", "password")
-    val body = write(pwdUpdate)
-    val headers = buildHeaders(Some(auth), extra = xForwardedForHeader(trackingData))
-    val response = httpClient.POST(apiUrl(apiPath), Some(body), clientAuth.parameters, headers)
-    response map extract[CookiesResponse](jsonField("cookies"))
-  }
-
   def userForToken(token: String): Future[Response[User]] = {
     val apiPath = urlJoin("pwd-reset", "user-for-token")
     val params = buildParams(extra = Iterable("token" -> token))
     val response = httpClient.GET(apiUrl(apiPath), None, params, buildHeaders())
     response map extractUser
   }
 
-  def resetPassword(
-      token: String,
-      newPassword: String,
-      trackingData: TrackingData,
-  ): Future[Response[CookiesResponse]] = {
-    val apiPath = urlJoin("pwd-reset", "reset-pwd-for-user")
-    val postBody = write(TokenPassword(token, newPassword))
-    val headers = clientAuth.headers ++ buildHeaders(extra = xForwardedForHeader(trackingData))
-    val response = httpClient.POST(apiUrl(apiPath), Some(postBody), clientAuth.parameters, headers)
-    response map extract(jsonField("cookies"))
-  }
-
   // EMAILS
-
   def userEmails(userId: String, trackingParameters: TrackingData): Future[Response[Subscriber]] = {
     val apiPath = urlJoin("useremails", userId)
     val params = buildParams(tracking = Some(trackingParameters))
@@ -165,6 +130,7 @@ class IdApiClient(idJsonBodyParser: IdApiJsonBodyParser, conf: IdConfig, httpCli
     ) map extractUnit
   }
 
+  // Passwords
   def setPasswordGuest(password: String, token: String): Future[Response[CookiesResponse]] = {
     val body: JObject = "password" -> password
     put(
@@ -181,10 +147,7 @@ class IdApiClient(idJsonBodyParser: IdApiJsonBodyParser, conf: IdConfig, httpCli
     ).map(extract(jsonField("cookies")))
   }
 
-  def deleteTelephone(auth: Auth): Future[Response[Unit]] =
-    delete("user/me/telephoneNumber", Some(auth)) map extractUnit
-
-  // THIRD PARTY SIGN-IN
+  // ACCOUNT DELETION
   def executeAccountDeletionStepFunction(
       userId: String,
       email: String,

identity/app/idapiclient/requests/PasswordUpdate.scala

@@ -57,9 +57,6 @@ class AuthenticationService(
       .unsafeRunSync()
   }
 
-  def userIsFullyAuthenticated(request: RequestHeader): Boolean =
-    fullyAuthenticatedUser(request).isDefined
-
   def consentCookieAuthenticatedUser(request: RequestHeader): Option[AuthenticatedUser] =
     for {
       scGuRp <- request.cookies.get("SC_GU_RP")

identity/app/idapiclient/requests/TokenPassword.scala

@@ -25,7 +25,7 @@
     <section class="identity-forms-message">
         <h1 class="identity-title">Thank you! We've got your preferences</h1>
         <div class="identity-forms-message__body">
-            <p>You can change these anytime by going to My account > <a class="u-underline" data-link-name="complete-consents : to-email-prefs" href="@idUrlBuilder.buildUrl(controllers.editprofile.routes.EditProfileController.redirectToEmailPrefs.url, idRequest)">
+            <p>You can change these anytime by going to My account > <a class="u-underline" data-link-name="complete-consents : to-email-prefs" href="@idUrlBuilder.buildUrl(controllers.editprofile.routes.EditProfileController.redirectToManageEmailPrefs.url, idRequest)">
                 Email Preferences
             </a>.</p>
             <br/>