X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2FPasswordResetPage.java;fp=src%2Forg%2Fcacert%2Fgigi%2Fpages%2FPasswordResetPage.java;h=8faaf8263ecc5a4c066d8aa0ec6738d5efdd6cd7;hp=0000000000000000000000000000000000000000;hb=6857b65a9147a61ef0e4c1286beb6d6c3f2f5404;hpb=50b8341607e23812216349ef37711e5a85d957c3 diff --git a/src/org/cacert/gigi/pages/PasswordResetPage.java b/src/org/cacert/gigi/pages/PasswordResetPage.java new file mode 100644 index 00000000..8faaf826 --- /dev/null +++ b/src/org/cacert/gigi/pages/PasswordResetPage.java @@ -0,0 +1,93 @@ +package org.cacert.gigi.pages; + +import java.io.IOException; +import java.io.PrintWriter; +import java.util.HashMap; +import java.util.Map; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; + +import org.cacert.gigi.GigiApiException; +import org.cacert.gigi.dbObjects.User; +import org.cacert.gigi.localisation.Language; +import org.cacert.gigi.output.template.Form; +import org.cacert.gigi.output.template.Template; +import org.cacert.gigi.util.AuthorizationContext; + +public class PasswordResetPage extends Page { + + public static final String PATH = "/passwordReset"; + + public PasswordResetPage() { + super("Password Reset"); + } + + public static class PasswordResetForm extends Form { + + private static Template t = new Template(PasswordResetForm.class.getResource("PasswordResetForm.templ")); + + private User u; + + private int id; + + public PasswordResetForm(HttpServletRequest hsr) throws GigiApiException { + super(hsr, PATH); + id = Integer.parseInt(hsr.getParameter("id")); + u = User.getResetWithToken(id, hsr.getParameter("token")); + if (u == null) { + throw new GigiApiException("User missing or token invalid"); + } + + } + + @Override + public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException { + String p1 = req.getParameter("pword1"); + String p2 = req.getParameter("pword2"); + String tok = req.getParameter("private_token"); + if (p1 == null || p2 == null || tok == null) { + throw new GigiApiException("Missing form parameter."); + } + if ( !p1.equals(p2)) { + throw new GigiApiException("New passwords differ."); + } + u.consumePasswordResetTicket(id, tok, p1); + return true; + } + + @Override + protected void outputContent(PrintWriter out, Language l, Map vars) { + + t.output(out, l, vars); + } + + } + + @Override + public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { + PasswordResetForm form = Form.getForm(req, PasswordResetForm.class); + try { + form.submit(resp.getWriter(), req); + resp.getWriter().println(getLanguage(req).getTranslation("Password reset successful.")); + return; + } catch (GigiApiException e) { + e.format(resp.getWriter(), getLanguage(req)); + } + form.output(resp.getWriter(), getLanguage(req), new HashMap()); + } + + @Override + public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { + try { + new PasswordResetForm(req).output(resp.getWriter(), getLanguage(req), new HashMap()); + } catch (GigiApiException e) { + e.format(resp.getWriter(), getLanguage(req)); + } + } + + @Override + public boolean isPermitted(AuthorizationContext ac) { + return true; + } +}