@CacheEvict(value = "users", allEntries = true) public User updatePassword(PasswordUpdateRequest request, PasswordResetToken passwordResetToken) { User user = userRepository.findByIdForUpdate(request.getUserId()); if (user == null) { throw new IllegalArgumentException("The user does not exist"); } PasswordEncoder passwordEncoder = new StandardPasswordEncoder(); user.setLoginPassword(passwordEncoder.encode(request.getPassword())); user.setUpdatedAt(LocalDateTime.now()); user.setUpdatedBy(passwordResetToken.getUser().toString()); user = userRepository.saveAndFlush(user); passwordResetTokenRepository.delete(passwordResetToken); try { Blog blog = blogService.readBlogById(Blog.DEFAULT_ID); String blogTitle = blog.getTitle(LocaleContextHolder.getLocale().getLanguage()); ServletUriComponentsBuilder builder = ServletUriComponentsBuilder.fromCurrentContextPath(); if (blog.isMultiLanguage()) { builder.path("/{language}"); } builder.path("/login"); Map<String, Object> urlVariables = new LinkedHashMap<>(); urlVariables.put("language", request.getLanguage()); urlVariables.put("token", passwordResetToken.getToken()); String loginLink = builder.buildAndExpand(urlVariables).toString(); Context ctx = new Context(LocaleContextHolder.getLocale()); ctx.setVariable("passwordResetToken", passwordResetToken); ctx.setVariable("resetLink", loginLink); MimeMessage mimeMessage = mailSender.createMimeMessage(); MimeMessageHelper message = new MimeMessageHelper(mimeMessage, true, "UTF-8"); // true = multipart message.setSubject( MessageFormat.format( messageSourceAccessor.getMessage( "PasswordChangedSubject", LocaleContextHolder.getLocale()), blogTitle)); message.setFrom(mailProperties.getProperties().get("mail.from")); message.setTo(passwordResetToken.getEmail()); String htmlContent = templateEngine.process("password-changed", ctx); message.setText(htmlContent, true); // true = isHtml mailSender.send(mimeMessage); } catch (MessagingException e) { throw new ServiceException(e); } return user; }
@CacheEvict(value = "users", allEntries = true) public User updatePassword(PasswordUpdateRequest request, AuthorizedUser updatedBy) { User user = userRepository.findByIdForUpdate(request.getUserId()); if (user == null) { throw new IllegalArgumentException("The user does not exist"); } PasswordEncoder passwordEncoder = new StandardPasswordEncoder(); user.setLoginPassword(passwordEncoder.encode(request.getPassword())); user.setUpdatedAt(LocalDateTime.now()); user.setUpdatedBy(updatedBy.toString()); return userRepository.saveAndFlush(user); }