Mercurial Hosting > nabble
comparison src/nabble/view/web/user/ResetPassword.java @ 0:7ecd1a4ef557
add content
author | Franklin Schmidt <fschmidt@gmail.com> |
---|---|
date | Thu, 21 Mar 2019 19:15:52 -0600 |
parents | |
children | 18cf4872fd7f |
comparison
equal
deleted
inserted
replaced
-1:000000000000 | 0:7ecd1a4ef557 |
---|---|
1 | |
2 package nabble.view.web.user; | |
3 | |
4 import fschmidt.db.DbDatabase; | |
5 import fschmidt.util.java.HtmlUtils; | |
6 import fschmidt.util.servlet.ServletUtils; | |
7 import nabble.model.Db; | |
8 import nabble.model.ModelException; | |
9 import nabble.model.User; | |
10 import nabble.view.lib.Jtp; | |
11 import nabble.view.lib.Shared; | |
12 import nabble.view.lib.help.Help; | |
13 | |
14 import javax.servlet.ServletException; | |
15 import javax.servlet.http.HttpServlet; | |
16 import javax.servlet.http.HttpServletRequest; | |
17 import javax.servlet.http.HttpServletResponse; | |
18 import java.io.IOException; | |
19 import java.io.PrintWriter; | |
20 | |
21 | |
22 public final class ResetPassword extends HttpServlet { | |
23 | |
24 protected void service(HttpServletRequest request,HttpServletResponse response) | |
25 throws ServletException, IOException | |
26 { | |
27 PrintWriter out = response.getWriter(); | |
28 if ( Jtp.getUser(request,response) != null ) { | |
29 Jtp.logout(request,response); | |
30 } | |
31 String email = request.getParameter("email"); | |
32 String resetcode = request.getParameter("q"); | |
33 if ( email==null || resetcode==null || resetcode.trim().length()==0 ) { | |
34 Jtp.login("This password reset link is not valid.",request,response); | |
35 return; | |
36 } | |
37 User user = Jtp.getSiteNotNull(request).getUserFromEmail(email); | |
38 if ( ! (user!=null && user.isRegistered() && user.checkResetcode(resetcode)) ) { | |
39 Jtp.login("This password reset link is no longer valid.",request,response); | |
40 return; | |
41 } | |
42 String password1 = null; | |
43 String password2 = null; | |
44 String errorMsg = null; | |
45 | |
46 if ("save".equals(request.getParameter("action")) && "POST".equals(request.getMethod())) { | |
47 password1 = request.getParameter("password1"); | |
48 password2 = request.getParameter("password2"); | |
49 if (!password1.equals(password2) ) { | |
50 errorMsg = "The password fields don't match."; | |
51 } else if (password1.trim().length() == 0) { | |
52 errorMsg = "Your password must contain valid alphanumeric characters."; | |
53 } else { | |
54 DbDatabase db = user.getSite().getDb(); | |
55 db.beginTransaction(); | |
56 try { | |
57 User u = user.getGoodCopy(); | |
58 u.setPassword(password1); | |
59 u.update(); | |
60 db.commitTransaction(); | |
61 String pwd = u.getPasscookie(); | |
62 Jtp.doLogin(request,response,u,false); | |
63 | |
64 StringBuffer js = new StringBuffer(); | |
65 js.append("if (parent.nabbleinfo) {"); | |
66 js.append("Nabble.setCookie('username','").append(HtmlUtils.javascriptStringEncode(HtmlUtils.urlEncode(u.getName()))).append("');"); | |
67 js.append("Nabble.setCookie('password','").append(HtmlUtils.javascriptStringEncode(HtmlUtils.urlEncode(pwd))).append("');"); | |
68 js.append("}"); | |
69 | |
70 Shared.javascriptRedirect(request,response, "/template/NamlServlet.jtp?macro=user_profile", js.toString()); | |
71 return; | |
72 } catch(ModelException e) { | |
73 errorMsg = e.getMessage(); | |
74 } finally { | |
75 db.endTransaction(); | |
76 } | |
77 } | |
78 } | |
79 | |
80 out.print( "\n<html>\n <head>\n " ); | |
81 Shared.title(request,response,"Reset Password"); | |
82 out.print( "\n </head>\n <body>\n " ); | |
83 Shared.minHeaderGlobal(request, response); | |
84 out.print( "\n " ); | |
85 Shared.profileHeading(request,out,user,"Reset Password"); | |
86 out.print( "\n " ); | |
87 Shared.errorMessage(request,response,errorMsg, "Please re-enter the information and click on \"Update Information\"."); | |
88 out.print( "\n <style>\n div.field-title {\n margin-top: 0;\n }\n </style>\n <form method=post action=\"ResetPassword.jtp\">\n <input type=hidden name=\"action\" value=\"save\">\n <input type=hidden name=\"email\" value=\"" ); | |
89 out.print( (Jtp.hideNull(email)) ); | |
90 out.print( "\">\n <input type=hidden name=\"q\" value=\"" ); | |
91 out.print( (Jtp.hideNull(resetcode)) ); | |
92 out.print( "\">\n \n <div class=\"field-box light-border-color\">\n <div class=\"second-font field-title\">Your Email</div>\n <div class=\"weak-color\">" ); | |
93 out.print( (user.getEmail()) ); | |
94 out.print( "</div>\n </div>\n\n <div class=\"field-box light-border-color\">\n <div class=\"second-font field-title\">Your User Name</div>\n <div class=\"weak-color\">" ); | |
95 out.print( (user.getNameHtml()) ); | |
96 out.print( "</div>\n </div>\n\n <div class=\"field-box light-border-color\">\n <div class=\"second-font field-title\">Change Password</div>\n <div class=\"weak-color\">Nabble encrypts your password (<a href=\"" ); | |
97 out.print( (Help.password.url(request)) ); | |
98 out.print( "\">?</a>)</div> \n <table style=\"margin: .4em 0\" class=\"shaded-bg-color\">\n <tr valign=\"top\">\n <td class=\"form-label\" style=\"padding-top:.6em\">Password: </td>\n <td><input type=\"password\" name=\"password1\" size=\"25\" value=\"" ); | |
99 out.print( (Jtp.hideNull(password1)) ); | |
100 out.print( "\"/></td>\n </tr>\n <tr>\n <td class=\"form-label\">Confirm Password: </td>\n <td><input type=\"password\" name=\"password2\" size=\"25\" value=\"" ); | |
101 out.print( (Jtp.hideNull(password2)) ); | |
102 out.print( "\"/></td>\n </tr>\n </table>\n </div>\n\n <div class=\"field-box light-border-color\" style=\"padding-top:0\">\n <input type=submit value=\"Update Password\" />\n or <a href=\"/template/NamlServlet.jtp?macro=user_profile\">Cancel</a>\n </div>\n </form>\n\n " ); | |
103 Shared.footer(request,response); | |
104 out.print( "\n " ); | |
105 Shared.analytics(request,response); | |
106 out.print( "\n </body>\n</html>\n" ); | |
107 | |
108 } | |
109 } | |
110 |