@RequestMapping(value = "/password-reset/{uuid}", method = RequestMethod.GET)
public String passwordResetForm(ModelMap model, @PathVariable("uuid") String uuid) {
PasswordResetRequest request = passwordResetRequestService.findByUuid(uuid);
if (request == null
|| request.getCreated() < System.currentTimeMillis() - PasswordResetRequest.TIME_TO_LIVE) {
return "redirect:/password-reset";
}
model.put("uuid", uuid);
model.put("pageTitle", "Password Reset");
return "password-reset-form";
}
@RequestMapping(
value = "/password-reset/{uuid}",
method = RequestMethod.POST,
consumes = "application/json; charset=utf-8",
produces = "application/json; charset=utf-8")
public @ResponseBody PasswordResetStatusDto passwordResetFormPost(
@PathVariable("uuid") String uuid,
@Valid @RequestBody(required = true) PasswordResetRequestFormDto form,
ModelMap model) {
PasswordResetStatusDto status = new PasswordResetStatusDto();
PasswordResetRequest passwordResetRequest = passwordResetRequestService.findByUuid(uuid);
if (passwordResetRequest == null
|| passwordResetRequest.getCreated()
< System.currentTimeMillis() - PasswordResetRequest.TIME_TO_LIVE) {
status.setError(true);
return status;
}
UserAccount userAccount = userService.findById(passwordResetRequest.getUserAccountId());
if (userAccount == null) {
status.setError(true);
return status;
}
if (!form.getPassword().equals(form.getPassword2())) {
status.setError(true);
return status;
}
userAccount.setPasswordHash(PasswordUtils.generatePasswordHash(form.getPassword()));
userAccount.setActive(true);
userService.update(userAccount);
passwordResetRequestService.delete(passwordResetRequest);
status.setError(false);
return status;
}