import club.wpia.gigi.output.template.Form;
import club.wpia.gigi.output.template.Template;
import club.wpia.gigi.output.template.TranslateCommand;
+import club.wpia.gigi.pages.LoginPage;
+import club.wpia.gigi.util.AuthorizationContext;
public class ChangeForm extends Form {
private User target;
+ private AuthorizationContext c;
+
public ChangeForm(HttpServletRequest hsr, User target) {
super(hsr);
this.target = target;
+ c = LoginPage.getAuthorizationContext(hsr);
}
private static final Template t = new Template(ChangePasswordPage.class.getResource("ChangePasswordForm.templ"));
@Override
public void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
+ if ( !c.isStronglyAuthenticated()) {
+ vars.put("currentLoginMethod", "pw");
+ }
t.output(out, l, vars);
}
String p1 = req.getParameter("pword1");
String p2 = req.getParameter("pword2");
GigiApiException error = new GigiApiException();
- if (oldpassword == null || p1 == null || p2 == null) {
+ if ((oldpassword == null && !c.isStronglyAuthenticated()) || p1 == null || p2 == null) {
throw new GigiApiException("All fields are required.");
}
if ( !p1.equals(p2)) {
throw new GigiApiException("New passwords do not match.");
}
try {
- target.changePassword(oldpassword, p1);
+ if (c.isStronglyAuthenticated()) {
+ target.setPassword(p1);
+ } else {
+ target.changePassword(oldpassword, p1);
+ }
target.writeUserLog(target, "User triggered password reset");
} catch (GigiApiException e) {
error.mergeInto(e);
}
+ @Test
+ public void testChangePasswordCertLogin() throws IOException, GigiApiException {
+ // no cert login
+ String np = URLEncoder.encode(TEST_PASSWORD + "v1", "UTF-8");
+ String error = executeBasicWebInteraction(cookie, path, "pword1=" + np + "&pword2=" + np);
+ assertNotNull(error);
+
+ // cert login
+ cookie = cookieWithCertificateLogin(u);
+ error = executeBasicWebInteraction(cookie, path, "pword1=" + np + "&pword2=" + np);
+ assertNull(error);
+
+ cookie = login(u.getEmail(), TEST_PASSWORD);
+ loginCertificate = null;
+ }
}