@Override public boolean changePassword(String password, Session session) { Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); String username = authentication.getName(); JSONObject o = new JSONObject(password); String currentPass = o.getString("currentPass"); String newPass = o.getString("newPass"); String hQLquey = new StringBuilder("update Users set password="******":newpass") .append(" where username=:username") .toString(); if (authentication.isAuthenticated() && Utils.verifyPassword(username, currentPass, session)) { int status = session .createQuery(hQLquey) .setString("newpass", Utils.encryptPass(newPass)) .setString("username", username) .executeUpdate(); if (status == 1) { return true; } } return false; }
@Override public boolean createUser(Users user, UsersInfo usersInfo, Session session) { if (!Utils.isExists(user.getUsername())) { user.setPassword(Utils.encryptPass(user.getPassword())); usersInfo.setUsers(user); session.save(user); return true; } return false; }
@Override public boolean updateUserInfo(Users user, Session session) { boolean result = false; if (Utils.isAdmin()) { if (!Utils.isExists(user.getUsername())) { LOGGER.error("Couldn't update user's info of user with username " + user.getUsername()); } else { session.update(user); result = true; } } else { if (!Utils.isExists(user.getUsername()) || !isUserLoggedIn(user.getUsername())) { LOGGER.error("Couldn't update user's info of user with username " + user.getUsername()); } else { session.update(user.getUsersInfo()); result = true; } } return result; }