public boolean checkAndChangePassword(
final User user, final String oldPassword, final String password) throws MailException {
if (user.checkPassword(oldPassword)) {
((UserImpl) user).setPassword(password);
entityManager.merge(user);
final UserString email = user.getEmail();
if (email != null)
MailSender.sendPasswordChangeMail(user.getName().toString(), password, email.nonEscaped());
return true;
}
return false;
}
public void forgotPassword(final String email) throws UserNotFoundException, MailException {
final Query query =
entityManager.createQuery("select u from UserImpl u where u.email=:cryptedMail");
query.setParameter("cryptedMail", CipherHelper.cipher(email));
final List<UserImpl> list = query.getResultList();
if (list.isEmpty()) throw new UserNotFoundException();
for (final UserImpl user : list) {
final String password = Helper.randomstring();
user.setPassword(password);
MailSender.forgotPasswordMail(user.getName(), password, email);
entityManager.merge(user);
}
}
