@RequestMapping( value = "/password-reset", method = RequestMethod.POST, consumes = "application/json; charset=utf-8", produces = "application/json; charset=utf-8") public @ResponseBody PasswordResetStatusDto passwordResetPost( @Valid @RequestBody(required = true) PasswordResetRequestDto user) { PasswordResetStatusDto status = new PasswordResetStatusDto(); UserAccount userAccount = userService.findByEmail(user.getEmail()); if (userAccount == null) { status.setError(true); return status; } PasswordResetRequest request = passwordResetRequestService.findByUserAccountId(userAccount.getId()); if (request != null && request.getCreated() >= System.currentTimeMillis() - PasswordResetRequest.TIME_TO_LIVE) { return status; } if (request != null && request.getCreated() < System.currentTimeMillis() - PasswordResetRequest.TIME_TO_LIVE) { passwordResetRequestService.delete(request); } request = new PasswordResetRequest(); request.setUserAccountId(userAccount.getId()); request.setUuid(UUID.randomUUID().toString()); request.setCreated(System.currentTimeMillis()); passwordResetRequestService.save(request); try { MailNew emailPasswordReset = mailBuilder.emailPasswordReset(request, userAccount, session); mailService.sendMail(emailPasswordReset); } catch (Exception e) { log.error("Unable to send confirmation email", e); } return status; }
@RequestMapping(value = "/password-reset/{uuid}", method = RequestMethod.GET) public String passwordResetForm(ModelMap model, @PathVariable("uuid") String uuid) { PasswordResetRequest request = passwordResetRequestService.findByUuid(uuid); if (request == null || request.getCreated() < System.currentTimeMillis() - PasswordResetRequest.TIME_TO_LIVE) { return "redirect:/password-reset"; } model.put("uuid", uuid); model.put("pageTitle", "Password Reset"); return "password-reset-form"; }
@RequestMapping( value = "/password-reset/{uuid}", method = RequestMethod.POST, consumes = "application/json; charset=utf-8", produces = "application/json; charset=utf-8") public @ResponseBody PasswordResetStatusDto passwordResetFormPost( @PathVariable("uuid") String uuid, @Valid @RequestBody(required = true) PasswordResetRequestFormDto form, ModelMap model) { PasswordResetStatusDto status = new PasswordResetStatusDto(); PasswordResetRequest passwordResetRequest = passwordResetRequestService.findByUuid(uuid); if (passwordResetRequest == null || passwordResetRequest.getCreated() < System.currentTimeMillis() - PasswordResetRequest.TIME_TO_LIVE) { status.setError(true); return status; } UserAccount userAccount = userService.findById(passwordResetRequest.getUserAccountId()); if (userAccount == null) { status.setError(true); return status; } if (!form.getPassword().equals(form.getPassword2())) { status.setError(true); return status; } userAccount.setPasswordHash(PasswordUtils.generatePasswordHash(form.getPassword())); userAccount.setActive(true); userService.update(userAccount); passwordResetRequestService.delete(passwordResetRequest); status.setError(false); return status; }