@RequestMapping(
      value = "/password-reset",
      method = RequestMethod.POST,
      consumes = "application/json; charset=utf-8",
      produces = "application/json; charset=utf-8")
  public @ResponseBody PasswordResetStatusDto passwordResetPost(
      @Valid @RequestBody(required = true) PasswordResetRequestDto user) {
    PasswordResetStatusDto status = new PasswordResetStatusDto();

    UserAccount userAccount = userService.findByEmail(user.getEmail());
    if (userAccount == null) {
      status.setError(true);
      return status;
    }

    PasswordResetRequest request =
        passwordResetRequestService.findByUserAccountId(userAccount.getId());
    if (request != null
        && request.getCreated() >= System.currentTimeMillis() - PasswordResetRequest.TIME_TO_LIVE) {
      return status;
    }

    if (request != null
        && request.getCreated() < System.currentTimeMillis() - PasswordResetRequest.TIME_TO_LIVE) {
      passwordResetRequestService.delete(request);
    }

    request = new PasswordResetRequest();
    request.setUserAccountId(userAccount.getId());
    request.setUuid(UUID.randomUUID().toString());
    request.setCreated(System.currentTimeMillis());
    passwordResetRequestService.save(request);

    try {
      MailNew emailPasswordReset = mailBuilder.emailPasswordReset(request, userAccount, session);
      mailService.sendMail(emailPasswordReset);
    } catch (Exception e) {
      log.error("Unable to send confirmation email", e);
    }

    return status;
  }
  @RequestMapping(
      value = "/password-reset/{uuid}",
      method = RequestMethod.POST,
      consumes = "application/json; charset=utf-8",
      produces = "application/json; charset=utf-8")
  public @ResponseBody PasswordResetStatusDto passwordResetFormPost(
      @PathVariable("uuid") String uuid,
      @Valid @RequestBody(required = true) PasswordResetRequestFormDto form,
      ModelMap model) {
    PasswordResetStatusDto status = new PasswordResetStatusDto();

    PasswordResetRequest passwordResetRequest = passwordResetRequestService.findByUuid(uuid);
    if (passwordResetRequest == null
        || passwordResetRequest.getCreated()
            < System.currentTimeMillis() - PasswordResetRequest.TIME_TO_LIVE) {
      status.setError(true);
      return status;
    }

    UserAccount userAccount = userService.findById(passwordResetRequest.getUserAccountId());
    if (userAccount == null) {
      status.setError(true);
      return status;
    }

    if (!form.getPassword().equals(form.getPassword2())) {
      status.setError(true);
      return status;
    }

    userAccount.setPasswordHash(PasswordUtils.generatePasswordHash(form.getPassword()));
    userAccount.setActive(true);
    userService.update(userAccount);
    passwordResetRequestService.delete(passwordResetRequest);

    status.setError(false);
    return status;
  }