import java.io.IOException;
import java.io.PrintWriter;
+import java.net.URLEncoder;
import java.util.HashMap;
import java.util.Map;
import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.localisation.Language;
import org.cacert.gigi.output.template.Form;
+import org.cacert.gigi.output.template.MailTemplate;
import org.cacert.gigi.output.template.Template;
import org.cacert.gigi.util.AuthorizationContext;
+import org.cacert.gigi.util.HTMLEncoder;
+import org.cacert.gigi.util.RandomToken;
+import org.cacert.gigi.util.ServerConstants;
public class PasswordResetPage extends Page {
+ public static final int HOUR_MAX = 96;
+
public static final String PATH = "/passwordReset";
public PasswordResetPage() {
public static class PasswordResetForm extends Form {
- private static Template t = new Template(PasswordResetForm.class.getResource("PasswordResetForm.templ"));
+ private static final Template t = new Template(PasswordResetForm.class.getResource("PasswordResetForm.templ"));
private User u;
@Override
public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException {
- try (GigiPreparedStatement passwordReset = new GigiPreparedStatement("UPDATE `passwordResetTickets` SET `used` = CURRENT_TIMESTAMP WHERE `used` IS NULL AND `created` < CURRENT_TIMESTAMP - interval '96 hours';")) {
+ try (GigiPreparedStatement passwordReset = new GigiPreparedStatement("UPDATE `passwordResetTickets` SET `used` = CURRENT_TIMESTAMP WHERE `used` IS NULL AND `created` < CURRENT_TIMESTAMP - interval '1 hours' * ?;")) {
+ passwordReset.setInt(1, HOUR_MAX);
passwordReset.execute();
}
@Override
public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
PasswordResetForm form = Form.getForm(req, PasswordResetForm.class);
- try {
- form.submit(resp.getWriter(), req);
- resp.getWriter().println(getLanguage(req).getTranslation("Password reset successful."));
+ PrintWriter w = resp.getWriter();
+ if (form.submitProtected(w, req)) {
+ w.println("<div class='alert alert-success'>");
+ w.println(HTMLEncoder.encodeHTML(getLanguage(req).getTranslation("Password reset successful.")));
+ w.println("</div>");
return;
- } catch (GigiApiException e) {
- e.format(resp.getWriter(), getLanguage(req));
}
- form.output(resp.getWriter(), getLanguage(req), new HashMap<String, Object>());
}
@Override
public boolean isPermitted(AuthorizationContext ac) {
return true;
}
+
+ private static final MailTemplate passwordResetMail = new MailTemplate(PasswordResetPage.class.getResource("PasswordResetMail.templ"));
+
+ public static void initPasswordResetProcess(PrintWriter out, User targetUser, HttpServletRequest req, String aword, Language l, String method, String subject) {
+ String ptok = RandomToken.generateToken(32);
+ int id = targetUser.generatePasswordResetTicket(Page.getUser(req), ptok, aword);
+ try {
+ HashMap<String, Object> vars = new HashMap<>();
+ vars.put("subject", subject);
+ vars.put("method", method);
+ vars.put("link", "https://" + ServerConstants.getWwwHostNamePortSecure() + PasswordResetPage.PATH //
+ + "?id=" + id + "&token=" + URLEncoder.encode(ptok, "UTF-8"));
+ vars.put("hour_max", HOUR_MAX);
+
+ passwordResetMail.sendMail(l, vars, Page.getUser(req).getEmail());
+ out.println(Page.getLanguage(req).getTranslation("Password reset successful."));
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+
+ }
}