@Override public void changePassword(ChangePasswordData cpd) { notNull(cpd, Messages.VALIDATION_ACCOUNT_DATA_EMPTY); hasLength(cpd.getCurrentPassword(), Messages.VALIDATION_CURRENT_PASSWOD_EMPTY); hasLength(cpd.getPassword(), Messages.VALIDATION_PASSWOD_EMPTY); hasLength(cpd.getConfirmPassword(), Messages.VALIDATION_CONFIRM_PASSWORD_EMPTY); User user = userDao.findById(cpd.getUserId()); validationService.validatePassword(user.getName(), cpd.getPassword(), cpd.getConfirmPassword()); user.setPassword(cryptoService.crypt(cpd.getPassword())); // TODO should store the date of password change in another column? user.setLastUpdatedOn(new Date()); }
@Override @Transactional(propagation = Propagation.REQUIRED, readOnly = false) public void sendResetPasswordEmail(String email) { hasLength(email, Messages.VALIDATION_EMAIL_EMPTY); User user = userDao.findByEmail(email); if (user.getResetPasswordToken() == null) { String randomString = UUID.randomUUID().toString(); String signedRandomString = cryptoService.crypt(randomString); user.setResetPasswordToken(signedRandomString); } emailService.sendResetPasswordEmail(user); }
@Override @Transactional(propagation = Propagation.REQUIRED, readOnly = false) public void resetPassword(ResetPasswordData rpd) { hasLength(rpd.getPassword(), Messages.VALIDATION_PASSWOD_EMPTY); hasLength(rpd.getConfirmPassword(), Messages.VALIDATION_CONFIRM_PASSWORD_EMPTY); hasLength(rpd.getResetPasswordToken(), Messages.VALIDATION_INVALID_RESET_PASSWORD_TOKEN); User user = userDao.findByResetPasswordToken(rpd.getResetPasswordToken()); if (user != null) { validationService.validatePassword( user.getName(), rpd.getPassword(), rpd.getConfirmPassword()); user.setPassword(cryptoService.crypt(rpd.getPassword())); user.setResetPasswordToken(null); } else { throw new IllegalArgumentException(Messages.VALIDATION_INVALID_RESET_PASSWORD_TOKEN); } }
@Override @Transactional(propagation = Propagation.REQUIRED, readOnly = false) // Refactor this method to start the transaction only when its needed public AccountData create(RegistrationData rd) { validate(rd); Date now = new Date(); User user = new User(rd); user.setPassword(cryptoService.crypt(rd.getPassword())); user.setCreatedOn(now); user.setLastAccess(now); Logger.debug(">>>> Saving user: " + user.toString()); user = userDao.save(user); return new AccountData(user); }