X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2FPasswordResetPage.java;h=580d0e54235da0c4e0305200f853fd1800ba86be;hp=496c0e1e7d2d9e9305c49a630dce85c453ee06c5;hb=abff88a2bf173198fe55c35ead97c9c7cdb5924c;hpb=d23d7a6fa9dc38c6193fea70017e0bff11257be5 diff --git a/src/org/cacert/gigi/pages/PasswordResetPage.java b/src/org/cacert/gigi/pages/PasswordResetPage.java index 496c0e1e..580d0e54 100644 --- a/src/org/cacert/gigi/pages/PasswordResetPage.java +++ b/src/org/cacert/gigi/pages/PasswordResetPage.java @@ -2,7 +2,6 @@ package org.cacert.gigi.pages; import java.io.IOException; import java.io.PrintWriter; -import java.io.StringWriter; import java.net.URLEncoder; import java.util.HashMap; import java.util.Map; @@ -13,11 +12,11 @@ import javax.servlet.http.HttpServletResponse; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.database.GigiPreparedStatement; import org.cacert.gigi.dbObjects.User; -import org.cacert.gigi.email.Sendmail; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.template.Form; -import org.cacert.gigi.output.template.SprintfCommand; +import org.cacert.gigi.output.template.MailTemplate; import org.cacert.gigi.output.template.Template; +import org.cacert.gigi.output.template.TranslateCommand; import org.cacert.gigi.util.AuthorizationContext; import org.cacert.gigi.util.RandomToken; import org.cacert.gigi.util.ServerConstants; @@ -34,7 +33,7 @@ public class PasswordResetPage extends Page { public static class PasswordResetForm extends Form { - private static Template t = new Template(PasswordResetForm.class.getResource("PasswordResetForm.templ")); + private static final Template t = new Template(PasswordResetForm.class.getResource("PasswordResetForm.templ")); private User u; @@ -60,7 +59,7 @@ public class PasswordResetPage extends Page { } @Override - public boolean submit(PrintWriter out, HttpServletRequest req) throws GigiApiException { + public SuccessMessageResult submit(HttpServletRequest req) throws GigiApiException { try (GigiPreparedStatement passwordReset = new GigiPreparedStatement("UPDATE `passwordResetTickets` SET `used` = CURRENT_TIMESTAMP WHERE `used` IS NULL AND `created` < CURRENT_TIMESTAMP - interval '1 hours' * ?;")) { passwordReset.setInt(1, HOUR_MAX); passwordReset.execute(); @@ -76,28 +75,27 @@ public class PasswordResetPage extends Page { throw new GigiApiException("New passwords differ."); } u.consumePasswordResetTicket(id, tok, p1); - return true; + return new SuccessMessageResult(new TranslateCommand("Password reset successful.")); } @Override protected void outputContent(PrintWriter out, Language l, Map vars) { - t.output(out, l, vars); } } + @Override + public boolean beforePost(HttpServletRequest req, HttpServletResponse resp) throws IOException { + return Form.getForm(req, PasswordResetForm.class).submitExceptionProtected(req, resp); + } + @Override public void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException { - PasswordResetForm form = Form.getForm(req, PasswordResetForm.class); - try { - form.submit(resp.getWriter(), req); - resp.getWriter().println(getLanguage(req).getTranslation("Password reset successful.")); - return; - } catch (GigiApiException e) { - e.format(resp.getWriter(), getLanguage(req)); + if (Form.printFormErrors(req, resp.getWriter())) { + PasswordResetForm form = Form.getForm(req, PasswordResetForm.class); + form.output(resp.getWriter(), getLanguage(req), new HashMap()); } - form.output(resp.getWriter(), getLanguage(req), new HashMap()); } @Override @@ -114,31 +112,20 @@ public class PasswordResetPage extends Page { return true; } - public static void initPasswordResetProcess(PrintWriter out, User targetUser, HttpServletRequest req, String aword, Language l, String method, String subject) { + private static final MailTemplate passwordResetMail = new MailTemplate(PasswordResetPage.class.getResource("PasswordResetMail.templ")); + + public static void initPasswordResetProcess(User targetUser, HttpServletRequest req, String aword, Language l, String method, String subject) { String ptok = RandomToken.generateToken(32); int id = targetUser.generatePasswordResetTicket(Page.getUser(req), ptok, aword); try { - StringWriter sw = new StringWriter(); - PrintWriter outMail = new PrintWriter(sw); - outMail.print(l.getTranslation("Hi,") + "\n\n"); - outMail.print(method); - outMail.print("\n\nhttps://"); - outMail.print(ServerConstants.getWwwHostNamePortSecure() + PasswordResetPage.PATH); - outMail.print("?id="); - outMail.print(id); - outMail.print("&token="); - outMail.print(URLEncoder.encode(ptok, "UTF-8")); - outMail.print("\n"); - outMail.print("\n"); - SprintfCommand.createSimple("This process will expire in {0} hours.", Integer.toString(HOUR_MAX)).output(outMail, l, new HashMap()); - outMail.print("\n"); - outMail.print("\n"); - outMail.print(l.getTranslation("Best regards")); - outMail.print("\n"); - outMail.print(l.getTranslation("SomeCA.org Support!")); - outMail.close(); - Sendmail.getInstance().sendmail(Page.getUser(req).getEmail(), "[SomeCA.org] " + subject, sw.toString(), "support@cacert.org", null, null, null, null, false); - out.println(Page.getLanguage(req).getTranslation("Password reset successful.")); + HashMap vars = new HashMap<>(); + vars.put("subject", subject); + vars.put("method", method); + vars.put("link", "https://" + ServerConstants.getWwwHostNamePortSecure() + PasswordResetPage.PATH // + + "?id=" + id + "&token=" + URLEncoder.encode(ptok, "UTF-8")); + vars.put("hour_max", HOUR_MAX); + + passwordResetMail.sendMail(l, vars, Page.getUser(req).getEmail()); } catch (IOException e) { e.printStackTrace(); }