Exemplo n.º 1
0
/**
 * User utilities.
 *
 * @author <a href="mailto:[email protected]">Liang Ding</a>
 * @version 1.0.1.3, Feb 7, 2012
 * @since 0.3.1
 */
public final class Users {

  /** Logger. */
  private static final Logger LOGGER = Logger.getLogger(Users.class.getName());

  /** User repository. */
  private UserRepository userRepository = UserRepositoryImpl.getInstance();

  /** User service. */
  private UserService userService = UserServiceFactory.getUserService();

  /** Article repository. */
  private ArticleRepository articleRepository = ArticleRepositoryImpl.getInstance();

  /**
   * Determines whether if exists multiple users in current Solo.
   *
   * @return {@code true} if exists, {@code false} otherwise
   * @throws ServiceException service exception
   */
  public boolean hasMultipleUsers() throws ServiceException {
    final Query query = new Query().setPageCount(1);

    try {
      final JSONArray users = userRepository.get(query).getJSONArray(Keys.RESULTS);

      return 1 != users.length();
    } catch (final RepositoryException e) {
      LOGGER.log(Level.SEVERE, "Determines multiple users failed", e);

      throw new ServiceException(e);
    } catch (final JSONException e) {
      LOGGER.log(Level.SEVERE, "Determines multiple users failed", e);

      throw new ServiceException(e);
    }
  }

  /**
   * Can the current user access an article specified by the given article id?
   *
   * @param articleId the given article id
   * @param request the specified request
   * @return {@code true} if the current user can access the article, {@code false} otherwise
   * @throws Exception exception
   */
  public boolean canAccessArticle(final String articleId, final HttpServletRequest request)
      throws Exception {
    if (Strings.isEmptyOrNull(articleId)) {
      return false;
    }

    if (isAdminLoggedIn(request)) {
      return true;
    }

    final JSONObject article = articleRepository.get(articleId);
    final String currentUserEmail = getCurrentUser(request).getString(User.USER_EMAIL);

    if (!article.getString(Article.ARTICLE_AUTHOR_EMAIL).equals(currentUserEmail)) {
      return false;
    }

    return true;
  }

  /**
   * Checks whether the current request is made by a logged in user (including default user and
   * administrator lists in <i>users</i>).
   *
   * <p>Invokes this method will try to login with cookie first.
   *
   * @param request the specified request
   * @param response the specified response
   * @return {@code true} if the current request is made by logged in user, returns {@code false}
   *     otherwise
   */
  public boolean isLoggedIn(final HttpServletRequest request, final HttpServletResponse response) {
    LoginProcessor.tryLogInWithCookie(request, response);

    final GeneralUser currentUser = userService.getCurrentUser(request);

    if (null == currentUser) {
      return false;
    }

    return isSoloUser(currentUser.getEmail()) || userService.isUserAdmin(request);
  }

  /**
   * Checks whether the current request is made by logged in administrator.
   *
   * @param request the specified request
   * @return {@code true} if the current request is made by logged in administrator, returns {@code
   *     false} otherwise
   */
  public boolean isAdminLoggedIn(final HttpServletRequest request) {
    return userService.isUserLoggedIn(request) && userService.isUserAdmin(request);
  }

  /**
   * Gets the current user.
   *
   * @param request the specified request
   * @return the current user, {@code null} if not found
   */
  public JSONObject getCurrentUser(final HttpServletRequest request) {
    final GeneralUser currentUser = userService.getCurrentUser(request);

    if (null == currentUser) {
      return null;
    }

    final String email = currentUser.getEmail();

    try {
      return userRepository.getByEmail(email);
    } catch (final RepositoryException e) {
      LOGGER.log(Level.SEVERE, "Gets current user by request failed, returns null", e);

      return null;
    }
  }

  /**
   * Determines whether the specified email is a user's email of this Solo application.
   *
   * @param email the specified email
   * @return {@code true} if it is, {@code false} otherwise
   */
  public boolean isSoloUser(final String email) {
    try {
      final Query query = new Query().setPageCount(1);
      final JSONObject result = userRepository.get(query);
      final JSONArray users = result.getJSONArray(Keys.RESULTS);

      return existEmail(email, users);
    } catch (final Exception e) {
      LOGGER.log(Level.SEVERE, e.getMessage(), e);
      return false;
    }
  }

  /**
   * Determines whether the specified email exits in the specified users.
   *
   * @param email the specified email
   * @param users the specified user
   * @return {@code true} if exists, {@code false} otherwise
   * @throws JSONException json exception
   */
  private boolean existEmail(final String email, final JSONArray users) throws JSONException {
    for (int i = 0; i < users.length(); i++) {
      final JSONObject user = users.getJSONObject(i);

      if (user.getString(User.USER_EMAIL).equalsIgnoreCase(email)) {
        return true;
      }
    }

    return false;
  }

  /**
   * Gets the {@link Users} singleton.
   *
   * @return the singleton
   */
  public static Users getInstance() {
    return SingletonHolder.SINGLETON;
  }

  /** Private default constructor. */
  private Users() {}

  /**
   * Singleton holder.
   *
   * @author <a href="mailto:[email protected]">Liang Ding</a>
   * @version 1.0.0.0, Jan 12, 2011
   */
  private static final class SingletonHolder {

    /** Singleton. */
    private static final Users SINGLETON = new Users();

    /** Private default constructor. */
    private SingletonHolder() {}
  }
}
Exemplo n.º 2
0
/**
 * User query service.
 *
 * @author <a href="http://88250.b3log.org">Liang Ding</a>
 * @version 1.0.0.3, Jul 10, 2013
 * @since 0.4.0
 */
@Service
public class UserQueryService {

  /** Logger. */
  private static final Logger LOGGER = Logger.getLogger(UserQueryService.class.getName());

  /** User service. */
  private UserService userService = UserServiceFactory.getUserService();

  /** User repository. */
  @Inject private UserRepository userRepository;

  /** User management service. */
  @Inject private UserMgmtService userMgmtService;

  /**
   * Determines whether if exists multiple users in current Solo.
   *
   * @return {@code true} if exists, {@code false} otherwise
   * @throws ServiceException service exception
   */
  public boolean hasMultipleUsers() throws ServiceException {
    final Query query = new Query().setPageCount(1);

    try {
      final JSONArray users = userRepository.get(query).getJSONArray(Keys.RESULTS);

      return 1 != users.length();
    } catch (final RepositoryException e) {
      LOGGER.log(Level.ERROR, "Determines multiple users failed", e);

      throw new ServiceException(e);
    } catch (final JSONException e) {
      LOGGER.log(Level.ERROR, "Determines multiple users failed", e);

      throw new ServiceException(e);
    }
  }

  /**
   * Checks whether the current request is made by a logged in user (including default user and
   * administrator lists in <i>users</i>).
   *
   * <p>Invokes this method will try to login with cookie first.
   *
   * @param request the specified request
   * @param response the specified response
   * @return {@code true} if the current request is made by logged in user, returns {@code false}
   *     otherwise
   */
  public boolean isLoggedIn(final HttpServletRequest request, final HttpServletResponse response) {
    userMgmtService.tryLogInWithCookie(request, response);

    final GeneralUser currentUser = userService.getCurrentUser(request);

    return null != currentUser;
  }

  /**
   * Checks whether the current request is made by logged in administrator.
   *
   * @param request the specified request
   * @return {@code true} if the current request is made by logged in administrator, returns {@code
   *     false} otherwise
   */
  public boolean isAdminLoggedIn(final HttpServletRequest request) {
    return userService.isUserLoggedIn(request) && userService.isUserAdmin(request);
  }

  /**
   * Gets the current user.
   *
   * @param request the specified request
   * @return the current user, {@code null} if not found
   */
  public JSONObject getCurrentUser(final HttpServletRequest request) {
    final GeneralUser currentUser = userService.getCurrentUser(request);

    if (null == currentUser) {
      return null;
    }

    final String email = currentUser.getEmail();

    try {
      return userRepository.getByEmail(email);
    } catch (final RepositoryException e) {
      LOGGER.log(Level.ERROR, "Gets current user by request failed, returns null", e);

      return null;
    }
  }

  /**
   * Gets the administrator.
   *
   * @return administrator, returns {@code null} if not found
   * @throws ServiceException service exception
   */
  public JSONObject getAdmin() throws ServiceException {
    try {
      return userRepository.getAdmin();
    } catch (final RepositoryException e) {
      LOGGER.log(Level.ERROR, "Gets admin failed", e);
      throw new ServiceException(e);
    }
  }

  /**
   * Gets a user by the specified email.
   *
   * @param email the specified email
   * @return user, returns {@code null} if not found
   * @throws ServiceException service exception
   */
  public JSONObject getUserByEmail(final String email) throws ServiceException {
    try {
      return userRepository.getByEmail(email);
    } catch (final RepositoryException e) {
      LOGGER.log(Level.ERROR, "Gets user by email[" + email + "] failed", e);
      throw new ServiceException(e);
    }
  }

  /**
   * Gets users by the specified request json object.
   *
   * @param requestJSONObject the specified request json object, for example,
   *     <pre>
   * {
   *     "paginationCurrentPageNum": 1,
   *     "paginationPageSize": 20,
   *     "paginationWindowSize": 10,
   * }, see {@link Pagination} for more details
   * </pre>
   *
   * @return for example,
   *     <pre>
   * {
   *     "pagination": {
   *         "paginationPageCount": 100,
   *         "paginationPageNums": [1, 2, 3, 4, 5]
   *     },
   *     "users": [{
   *         "oId": "",
   *         "userName": "",
   *         "userEmail": "",
   *         "userPassword": "",
   *         "roleName": ""
   *      }, ....]
   * }
   * </pre>
   *
   * @throws ServiceException service exception
   * @see Pagination
   */
  public JSONObject getUsers(final JSONObject requestJSONObject) throws ServiceException {
    final JSONObject ret = new JSONObject();

    final int currentPageNum = requestJSONObject.optInt(Pagination.PAGINATION_CURRENT_PAGE_NUM);
    final int pageSize = requestJSONObject.optInt(Pagination.PAGINATION_PAGE_SIZE);
    final int windowSize = requestJSONObject.optInt(Pagination.PAGINATION_WINDOW_SIZE);
    final Query query = new Query().setCurrentPageNum(currentPageNum).setPageSize(pageSize);

    JSONObject result = null;

    try {
      result = userRepository.get(query);
    } catch (final RepositoryException e) {
      LOGGER.log(Level.ERROR, "Gets users failed", e);

      throw new ServiceException(e);
    }

    final int pageCount =
        result.optJSONObject(Pagination.PAGINATION).optInt(Pagination.PAGINATION_PAGE_COUNT);

    final JSONObject pagination = new JSONObject();

    ret.put(Pagination.PAGINATION, pagination);
    final List<Integer> pageNums =
        Paginator.paginate(currentPageNum, pageSize, pageCount, windowSize);

    pagination.put(Pagination.PAGINATION_PAGE_COUNT, pageCount);
    pagination.put(Pagination.PAGINATION_PAGE_NUMS, pageNums);

    final JSONArray users = result.optJSONArray(Keys.RESULTS);

    ret.put(User.USERS, users);

    return ret;
  }

  /**
   * Gets a user by the specified user id.
   *
   * @param userId the specified user id
   * @return for example,
   *     <pre>
   * {
   *     "user": {
   *         "oId": "",
   *         "userName": "",
   *         "userEmail": "",
   *         "userPassword": ""
   *     }
   * }
   * </pre>
   *     , returns {@code null} if not found
   * @throws ServiceException service exception
   */
  public JSONObject getUser(final String userId) throws ServiceException {
    final JSONObject ret = new JSONObject();

    JSONObject user = null;

    try {
      user = userRepository.get(userId);
    } catch (final RepositoryException e) {
      LOGGER.log(Level.ERROR, "Gets a user failed", e);
      throw new ServiceException(e);
    }

    if (null == user) {
      return null;
    }

    ret.put(User.USER, user);

    return ret;
  }

  /**
   * Gets the URL of user logout.
   *
   * @return logout URL, returns {@code null} if the user is not logged in
   */
  public String getLogoutURL() {
    return userService.createLogoutURL("/");
  }

  /**
   * Gets the URL of user login.
   *
   * @param redirectURL redirect URL after logged in
   * @return login URL
   */
  public String getLoginURL(final String redirectURL) {
    return userService.createLoginURL(redirectURL);
  }

  /**
   * Sets the user management service with the specified user management service.
   *
   * @param userMgmtService the specified user management service
   */
  public void setUserMgmtService(final UserMgmtService userMgmtService) {
    this.userMgmtService = userMgmtService;
  }

  /**
   * Sets the user repository with the specified user repository.
   *
   * @param userRepository the specified user repository
   */
  public void setUserRepository(final UserRepository userRepository) {
    this.userRepository = userRepository;
  }
}
Exemplo n.º 3
0
/**
 * Login/logout processor.
 *
 * <p>
 *
 * <p>Initializes administrator.
 *
 * @author <a href="http://88250.b3log.org">Liang Ding</a>
 * @author <a href="mailto:[email protected]">Liyuan Li</a>
 * @author <a href="mailto:[email protected]">Dongxu Wang</a>
 * @version 1.1.1.6, Oct 26, 2013
 * @since 0.3.1
 */
@RequestProcessor
public class LoginProcessor {

  /** Logger. */
  private static final Logger LOGGER = Logger.getLogger(LoginProcessor.class.getName());

  /** User query service. */
  @Inject private UserQueryService userQueryService;

  /** User service. */
  private UserService userService = UserServiceFactory.getUserService();

  /** Mail service. */
  private MailService mailService = MailServiceFactory.getMailService();

  /** User management service. */
  @Inject private UserMgmtService userMgmtService;

  /** Language service. */
  @Inject private LangPropsService langPropsService;

  /** Filler. */
  @Inject private Filler filler;

  /** Preference query service. */
  @Inject private PreferenceQueryService preferenceQueryService;

  /** Option query service. */
  @Inject private OptionQueryService optionQueryService;

  /** Option management service. */
  @Inject private OptionMgmtService optionMgmtService;

  /** Option repository. */
  @Inject private OptionRepository optionRepository;

  /**
   * Shows login page.
   *
   * @param context the specified context
   * @throws Exception exception
   */
  @RequestProcessing(value = "/login", method = HTTPRequestMethod.GET)
  public void showLogin(final HTTPRequestContext context) throws Exception {
    final HttpServletRequest request = context.getRequest();

    String destinationURL = request.getParameter(Common.GOTO);

    if (Strings.isEmptyOrNull(destinationURL)) {
      destinationURL = Latkes.getServePath() + Common.ADMIN_INDEX_URI;
    }

    final HttpServletResponse response = context.getResponse();

    userMgmtService.tryLogInWithCookie(request, response);

    if (null != userService.getCurrentUser(request)) { // User has already logged in
      response.sendRedirect(destinationURL);

      return;
    }

    renderPage(context, "login.ftl", destinationURL, request);
  }

  /**
   * Logins.
   *
   * <p>Renders the response with a json object, for example,
   *
   * <pre>
   * {
   *     "isLoggedIn": boolean,
   *     "msg": "" // optional, exists if isLoggedIn equals to false
   * }
   * </pre>
   *
   * @param context the specified context
   */
  @RequestProcessing(value = "/login", method = HTTPRequestMethod.POST)
  public void login(final HTTPRequestContext context) {
    final HttpServletRequest request = context.getRequest();

    final JSONRenderer renderer = new JSONRenderer();

    context.setRenderer(renderer);
    final JSONObject jsonObject = new JSONObject();

    renderer.setJSONObject(jsonObject);

    try {
      jsonObject.put(Common.IS_LOGGED_IN, false);
      final String loginFailLabel = langPropsService.get("loginFailLabel");

      jsonObject.put(Keys.MSG, loginFailLabel);

      final JSONObject requestJSONObject =
          Requests.parseRequestJSONObject(request, context.getResponse());
      final String userEmail = requestJSONObject.getString(User.USER_EMAIL);
      final String userPwd = requestJSONObject.getString(User.USER_PASSWORD);

      if (Strings.isEmptyOrNull(userEmail) || Strings.isEmptyOrNull(userPwd)) {
        return;
      }

      LOGGER.log(Level.INFO, "Login[email={0}]", userEmail);

      final JSONObject user = userQueryService.getUserByEmail(userEmail);

      if (null == user) {
        LOGGER.log(Level.WARN, "Not found user[email={0}]", userEmail);
        return;
      }

      if (MD5.hash(userPwd).equals(user.getString(User.USER_PASSWORD))) {
        Sessions.login(request, context.getResponse(), user);

        LOGGER.log(Level.INFO, "Logged in[email={0}]", userEmail);

        jsonObject.put(Common.IS_LOGGED_IN, true);

        if (Role.VISITOR_ROLE.equals(user.optString(User.USER_ROLE))) {
          jsonObject.put("to", Latkes.getServePath());
        } else {
          jsonObject.put("to", Latkes.getServePath() + Common.ADMIN_INDEX_URI);
        }

        jsonObject.remove(Keys.MSG);

        return;
      }

      LOGGER.log(Level.WARN, "Wrong password[{0}]", userPwd);
    } catch (final Exception e) {
      LOGGER.log(Level.ERROR, e.getMessage(), e);
    }
  }

  /**
   * Logout.
   *
   * @param context the specified context
   * @throws IOException io exception
   */
  @RequestProcessing(value = "/logout", method = HTTPRequestMethod.GET)
  public void logout(final HTTPRequestContext context) throws IOException {
    final HttpServletRequest httpServletRequest = context.getRequest();

    Sessions.logout(httpServletRequest, context.getResponse());

    String destinationURL = httpServletRequest.getParameter(Common.GOTO);

    if (Strings.isEmptyOrNull(destinationURL)) {
      destinationURL = "/";
    }

    context.getResponse().sendRedirect(destinationURL);
  }

  /**
   * Shows forgotten password page.
   *
   * @param context the specified context
   * @throws Exception exception
   */
  @RequestProcessing(value = "/forgot", method = HTTPRequestMethod.GET)
  public void showForgot(final HTTPRequestContext context) throws Exception {
    final HttpServletRequest request = context.getRequest();

    String destinationURL = request.getParameter(Common.GOTO);

    if (Strings.isEmptyOrNull(destinationURL)) {
      destinationURL = Latkes.getServePath() + Common.ADMIN_INDEX_URI;
    }

    renderPage(context, "reset-pwd.ftl", destinationURL, request);
  }

  /**
   * Resets forgotten password.
   *
   * <p>Renders the response with a json object, for example,
   *
   * <pre>
   * {
   *     "isLoggedIn": boolean,
   *     "msg": "" // optional, exists if isLoggedIn equals to false
   * }
   * </pre>
   *
   * @param context the specified context
   */
  @RequestProcessing(value = "/forgot", method = HTTPRequestMethod.POST)
  public void forgot(final HTTPRequestContext context) {
    final HttpServletRequest request = context.getRequest();

    final JSONRenderer renderer = new JSONRenderer();

    context.setRenderer(renderer);
    final JSONObject jsonObject = new JSONObject();

    renderer.setJSONObject(jsonObject);

    try {
      jsonObject.put("succeed", false);
      jsonObject.put(Keys.MSG, langPropsService.get("resetPwdSuccessMsg"));

      final JSONObject requestJSONObject =
          Requests.parseRequestJSONObject(request, context.getResponse());
      final String userEmail = requestJSONObject.getString(User.USER_EMAIL);

      if (Strings.isEmptyOrNull(userEmail)) {
        LOGGER.log(Level.WARN, "Why user's email is empty");
        return;
      }

      LOGGER.log(Level.INFO, "Login[email={0}]", userEmail);

      final JSONObject user = userQueryService.getUserByEmail(userEmail);

      if (null == user) {
        LOGGER.log(Level.WARN, "Not found user[email={0}]", userEmail);
        jsonObject.put(Keys.MSG, langPropsService.get("userEmailNotFoundMsg"));
        return;
      }

      sendResetUrl(userEmail, jsonObject);
    } catch (final Exception e) {
      LOGGER.log(Level.ERROR, e.getMessage(), e);
    }
  }

  /**
   * Resets forgotten password.
   *
   * <p>Renders the response with a json object, for example,
   *
   * <pre>
   * {
   *     "isLoggedIn": boolean,
   *     "msg": "" // optional, exists if isLoggedIn equals to false
   * }
   * </pre>
   *
   * @param context the specified context
   */
  @RequestProcessing(value = "/reset", method = HTTPRequestMethod.POST)
  public void reset(final HTTPRequestContext context) {
    final HttpServletRequest request = context.getRequest();
    final JSONRenderer renderer = new JSONRenderer();

    context.setRenderer(renderer);
    final JSONObject jsonObject = new JSONObject();

    renderer.setJSONObject(jsonObject);

    try {
      final JSONObject requestJSONObject;

      requestJSONObject = Requests.parseRequestJSONObject(request, context.getResponse());
      final String userEmail = requestJSONObject.getString(User.USER_EMAIL);
      final String newPwd = requestJSONObject.getString("newPwd");
      final JSONObject user = userQueryService.getUserByEmail(userEmail);

      user.put(User.USER_PASSWORD, newPwd);
      userMgmtService.updateUser(user);
      LOGGER.log(Level.DEBUG, "[{0}]'s password updated successfully.", new Object[] {userEmail});

      jsonObject.put("succeed", true);
      jsonObject.put("to", Latkes.getServePath() + "/login?from=reset");
      jsonObject.put(Keys.MSG, langPropsService.get("resetPwdSuccessMsg"));
    } catch (final Exception e) {
      LOGGER.log(Level.ERROR, e.getMessage(), e);
    }
  }

  /**
   * Whether user is going to update an expired password out of 24 hours.
   *
   * @return whether the password has been expired TODO implement it
   */
  private boolean isPwdExpired() {
    return false;
  }

  /**
   * Sends the password resetting URL with a random token.
   *
   * @param userEmail the given email
   * @param jsonObject return code and message object
   * @throws JSONException the JSONException
   * @throws ServiceException the ServiceException
   * @throws IOException the IOException
   * @throws RepositoryException the RepositoryException
   */
  private void sendResetUrl(final String userEmail, final JSONObject jsonObject)
      throws JSONException, ServiceException, IOException, RepositoryException {
    final JSONObject preference = preferenceQueryService.getPreference();
    final String token = new Randoms().nextStringWithMD5();
    final String adminEmail = preference.getString(Preference.ADMIN_EMAIL);
    final String mailSubject = langPropsService.get("resetPwdMailSubject");
    final String mailBody =
        langPropsService.get("resetPwdMailBody")
            + " "
            + Latkes.getServePath()
            + "/forgot?token="
            + token
            + "&login="******"passwordReset");
    option.put(Option.OPTION_VALUE, System.currentTimeMillis());

    final Transaction transaction = optionRepository.beginTransaction();

    optionRepository.add(option);
    transaction.commit();

    message.setFrom(adminEmail);
    message.addRecipient(userEmail);
    message.setSubject(mailSubject);
    message.setHtmlBody(mailBody);

    mailService.send(message);

    jsonObject.put("succeed", true);
    jsonObject.put("to", Latkes.getServePath() + "/login?from=forgot");
    jsonObject.put(Keys.MSG, langPropsService.get("resetPwdSuccessSend"));

    LOGGER.log(
        Level.DEBUG,
        "Sent a mail[mailSubject={0}, mailBody=[{1}] to [{2}]",
        new Object[] {mailSubject, mailBody, userEmail});
  }

  /**
   * Render a page template with the destination URL.
   *
   * @param context the context
   * @param pageTemplate the page template
   * @param destinationURL the destination URL
   * @param request for reset password page
   * @throws JSONException the JSONException
   * @throws ServiceException the ServiceException
   */
  private void renderPage(
      final HTTPRequestContext context,
      final String pageTemplate,
      final String destinationURL,
      final HttpServletRequest request)
      throws JSONException, ServiceException {
    final AbstractFreeMarkerRenderer renderer = new ConsoleRenderer();

    renderer.setTemplateName(pageTemplate);
    context.setRenderer(renderer);

    final Map<String, Object> dataModel = renderer.getDataModel();
    final Map<String, String> langs = langPropsService.getAll(Latkes.getLocale());
    final JSONObject preference = preferenceQueryService.getPreference();

    dataModel.putAll(langs);
    dataModel.put(Common.GOTO, destinationURL);
    dataModel.put(Common.YEAR, String.valueOf(Calendar.getInstance().get(Calendar.YEAR)));
    dataModel.put(Common.VERSION, SoloServletListener.VERSION);
    dataModel.put(Common.STATIC_RESOURCE_VERSION, Latkes.getStaticResourceVersion());
    dataModel.put(Preference.BLOG_TITLE, preference.getString(Preference.BLOG_TITLE));

    final String token = request.getParameter("token");
    final String email = request.getParameter("login");
    final JSONObject tokenObj = optionQueryService.getOptionById(token);

    if (tokenObj == null) {
      dataModel.put("inputType", "email");
    } else {
      // TODO verify the expired time in the tokenObj
      dataModel.put("inputType", "password");
      dataModel.put("userEmailHidden", email);
    }

    final String from = request.getParameter("from");

    if ("forgot".equals(from)) {
      dataModel.put("resetMsg", langPropsService.get("resetPwdSuccessSend"));
    } else if ("reset".equals(from)) {
      dataModel.put("resetMsg", langPropsService.get("resetPwdSuccessMsg"));
    } else {
      dataModel.put("resetMsg", "");
    }

    Keys.fillRuntime(dataModel);
    filler.fillMinified(dataModel);
  }
}