@At("/passwd/reset")
public void resetPassword(String email, HttpServletRequest req) {
if (Strings.isBlank(email)) return;
User user = dao.fetch(User.class, Cnd.where("email", "=", email));
if (user == null) return;
dao.clear(PasswordReset.class, Cnd.where("uid", "=", user.getId()));
String token = R.UU64() + R.UU64();
PasswordReset reset = new PasswordReset();
reset.setUid(dao.fetch(User.class, Cnd.where("email", "=", email)).getId());
reset.setToken(token);
dao.insert(reset);
String url = req.getRequestURL() + "/callback?token=" + token;
mailService.add2Queue(email, "推爸 密码重置请求", "Reset URL --> " + url);
}
@At("/passwd/reset/callback")
public Object resetPasswdCallback(String token) {
PasswordReset reset = dao.fetch(PasswordReset.class, Cnd.where("token", "=", token));
if (reset != null) {
dao.clear(PasswordReset.class, Cnd.where("token", "=", token));
if (System.currentTimeMillis() - reset.getCreateTime().getTime() > 30 * 60 * 1000)
return Ajax.fail().setMsg("token is expise");
String passwd = R.sg(12).next();
dao.update(
User.class, Chain.make("passwd", xMD5(passwd)), Cnd.where("id", "=", reset.getUid()));
String email = dao.fetch(User.class, Cnd.where("id", "=", reset.getUid())).getEmail();
mailService.add2Queue(email, "推爸密码重置邮件", "Your password : "******"Reset success!! Check you email!");
}
return Ajax.fail().setMsg("Token not found!!");
}