Examples of PasswordReset

org.broadleafcommerce.common.security.util.PasswordReset
@author jfischer
org.opentides.bean.PasswordReset
@author allanctan

Examples of org.opentides.bean.PasswordReset

  
  @Test
  public void testResetPassword() {
    String email = "admin@ideyatech.com";
        userService.requestPasswordReset(email);
    PasswordReset example = new PasswordReset();
    example.setEmailAddress(email);
    example.setStatus(PasswordReset.STATUS_ACTIVE);
    List<PasswordReset> actuals = passwordResetDAO.findByExample(example, true);
    PasswordReset actual = actuals.get(0);
    long actualId = actual.getId();    
    actual.setPassword("tennis");
    assertTrue(userService.resetPassword(actual));
    // password reset must be updated to used
    PasswordReset newActual = passwordResetDAO.loadEntityModel(actualId);
    assertSame(PasswordReset.STATUS_USED, newActual.getStatus());
    // and password must change 
    // but there is no way to get password anymore.
//    BaseUser user = userDAO.loadByEmailAddress(email);
//    assertEquals("", user.getCredential().getPassword());
  }

View Full Code Here

Examples of org.opentides.bean.PasswordReset

    if (!userDAO.isRegisteredByEmail(emailAddress))
      throw new InvalidImplementationException(
          "Email ["
              + emailAddress
              + "] was not validated prior to calling this service. Please validate first.");
    PasswordReset passwd = new PasswordReset();
    String token = StringUtil.generateRandomString(tokenLength);
    String cipher = StringUtil.encrypt(token + emailAddress);
    passwd.setEmailAddress(emailAddress);
    passwd.setToken(token);
    passwd.setStatus("active");
    passwd.setCipher(cipher);
    passwordResetDAO.saveEntityModel(passwd);
    // send email for confirmation
    sendEmailConfirmation(emailAddress, token, cipher);
  }

View Full Code Here

Examples of org.opentides.bean.PasswordReset

   * Resets the password by specifying email address and token.
   */
  @Override
  public boolean confirmPasswordReset(String emailAddress, String token) {
    // check if email and token matched
    PasswordReset example = new PasswordReset();
    example.setEmailAddress(emailAddress);
    example.setToken(token);
    example.setStatus("active");
    List<PasswordReset> actuals = passwordResetDAO.findByExample(example,
        true);
    if (actuals == null || actuals.size() == 0) {
      _log.info("Failed to confirm password reset. No records matched in password reset database for email "
          + emailAddress);
      return false;
    }
    // check if password reset is active and not expired
    PasswordReset actual = actuals.get(0);
    Date updated = actual.getUpdateDate();
    Date expireDate = new Date(updated.getTime() + 86400000);
    Date today = new Date();
    if (expireDate.getTime() < today.getTime()) {
      // expired
      _log.info("Password reset has expired for " + emailAddress);
      actual.setStatus(PasswordReset.STATUS_EXPIRED);
      passwordResetDAO.saveEntityModel(actual);
      return false;
    }
    return true;
  }

View Full Code Here

Examples of org.opentides.bean.PasswordReset

   * @return
   */
  @Override
  public boolean resetPassword(PasswordReset passwd) {
    // check if password reset is active and not expired
    PasswordReset example = new PasswordReset();
    example.setEmailAddress(passwd.getEmailAddress());
    example.setToken(passwd.getToken());
    example.setStatus("active");
    List<PasswordReset> actuals = passwordResetDAO.findByExample(example,
        true);
    if (actuals == null || actuals.size() == 0) {
      _log.info("Failed to reset password. No records found in password reset for email "
          + passwd.getEmailAddress());
      return false;
    }
    PasswordReset actual = actuals.get(0);
    actual.setStatus(PasswordReset.STATUS_USED);
    passwordResetDAO.saveEntityModel(actual);


    // now reset the password
    UserDAO userDAO = (UserDAO) getDao();
    BaseUser user = userDAO.loadByEmailAddress(passwd.getEmailAddress());

View Full Code Here

Examples of org.opentides.bean.PasswordReset

   */
  @Override
  protected ModelAndView onSubmit(HttpServletRequest request,
      HttpServletResponse response, Object command, BindException errors)
      throws Exception {
    PasswordReset passwd = (PasswordReset) command;
    boolean success=false;
    // let's check if password reset session is properly set.
    String secureCode = (String) request.getSession().getAttribute(ConfirmPasswordResetController.SECURE_SESSION_KEY);
    if (!StringUtil.isEmpty(secureCode) && secureCode.startsWith(ConfirmPasswordResetController.SECURE_SESSION_CODE) &&
      (passwd.getEmailAddress().equals(secureCode.substring(ConfirmPasswordResetController.SECURE_SESSION_CODE.length())))) {      
      success = userService.resetPassword(passwd);
    } 
    
    if (success) {
      _log.info("Password changed. "+passwd.getEmailAddress() +" has successfully changed password.");
      Map<String,String> model = new HashMap<String,String>();
      model.put("message", "msg.password-change-successful");
      model.put("title", "label.forgot-password");    
      return new ModelAndView(getSuccessView(), model);
    } else {
      Map<String,String> model = new HashMap<String,String>();
      _log.info("Unauthorized access to reset password using email ["+passwd.getEmailAddress()+
          "] and secureCode ["+secureCode+"] from IP "+request.getRemoteAddr());
      model.put("message", "error.unauthorized-access-to-change-password");
      model.put("title", "label.forgot-password");
      return new ModelAndView(getSuccessView(), model);
    }

View Full Code Here

0 1

TOP

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.