mirror of
https://github.com/Athou/commafeed.git
synced 2026-03-21 21:37:29 +00:00
recover password (wip)
This commit is contained in:
Athou
@@ -28,6 +28,7 @@ import com.commafeed.backend.model.ApplicationSettings;
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.backend.model.UserSettings;
|
||||
import com.commafeed.backend.services.ApplicationSettingsService;
|
||||
import com.commafeed.backend.services.MailService;
|
||||
import com.commafeed.frontend.CommaFeedSession;
|
||||
import com.commafeed.frontend.utils.WicketUtils;
|
||||
import com.google.api.client.util.Maps;
|
||||
@@ -61,6 +62,9 @@ public abstract class BasePage extends WebPage {
|
||||
|
||||
@Inject
|
||||
protected UserRoleDAO userRoleDAO;
|
||||
|
||||
@Inject
|
||||
MailService mailService;
|
||||
|
||||
@Inject
|
||||
ApplicationSettingsService applicationSettingsService;
|
||||
|
||||
@@ -0,0 +1,22 @@
|
||||
<html xmlns:wicket="http://wicket.apache.org">
|
||||
<body>
|
||||
<wicket:extend>
|
||||
<div class="container">
|
||||
<div class="text-center">
|
||||
<img src="images/logo_2.png" />
|
||||
<div wicket:id="feedback"></div>
|
||||
<form wicket:id="form">
|
||||
Password:
|
||||
<input type="password" wicket:id="password" />
|
||||
<br />
|
||||
Password:
|
||||
<input type="password" wicket:id="confirm" />
|
||||
<br />
|
||||
<input type="submit" class="btn btn-primary" value="Submit" />
|
||||
<input type="button" class="btn" wicket:id="cancel" value="Home page" />
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</wicket:extend>
|
||||
</body>
|
||||
</html>
|
||||
@@ -0,0 +1,80 @@
|
||||
package com.commafeed.frontend.pages;
|
||||
|
||||
import java.util.Calendar;
|
||||
|
||||
import javax.inject.Inject;
|
||||
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
import org.apache.commons.lang3.time.DateUtils;
|
||||
import org.apache.wicket.markup.html.form.Form;
|
||||
import org.apache.wicket.markup.html.form.PasswordTextField;
|
||||
import org.apache.wicket.markup.html.link.BookmarkablePageLink;
|
||||
import org.apache.wicket.model.IModel;
|
||||
import org.apache.wicket.model.Model;
|
||||
import org.apache.wicket.request.mapper.parameter.PageParameters;
|
||||
import org.apache.wicket.validation.validator.StringValidator;
|
||||
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.backend.services.PasswordEncryptionService;
|
||||
import com.commafeed.backend.services.UserService;
|
||||
import com.commafeed.frontend.pages.components.BootstrapFeedbackPanel;
|
||||
import com.commafeed.frontend.utils.exception.DisplayException;
|
||||
|
||||
@SuppressWarnings("serial")
|
||||
public class PasswordRecoveryCallbackPage extends BasePage {
|
||||
|
||||
public static final String PARAM_EMAIL = "email";
|
||||
public static final String PARAM_TOKEN = "token";
|
||||
|
||||
@Inject
|
||||
PasswordEncryptionService encryptionService;
|
||||
|
||||
@Inject
|
||||
UserService userService;
|
||||
|
||||
public PasswordRecoveryCallbackPage(PageParameters params) {
|
||||
String email = params.get(PARAM_EMAIL).toString();
|
||||
String token = params.get(PARAM_TOKEN).toString();
|
||||
|
||||
final User user = userDAO.findByEmail(email);
|
||||
if (user == null) {
|
||||
throw new DisplayException("email not found");
|
||||
}
|
||||
if (user.getRecoverPasswordToken() == null
|
||||
|| !user.getRecoverPasswordToken().equals(token)) {
|
||||
throw new DisplayException("invalid token");
|
||||
}
|
||||
if (user.getRecoverPasswordTokenDate().before(
|
||||
DateUtils.addDays(Calendar.getInstance().getTime(), -2))) {
|
||||
throw new DisplayException("token expired");
|
||||
}
|
||||
|
||||
final IModel<String> password = new Model<String>();
|
||||
final IModel<String> confirm = new Model<String>();
|
||||
add(new BootstrapFeedbackPanel("feedback"));
|
||||
Form<Void> form = new Form<Void>("form") {
|
||||
@Override
|
||||
protected void onSubmit() {
|
||||
String passwd = password.getObject();
|
||||
if (StringUtils.equals(passwd, confirm.getObject())) {
|
||||
byte[] password = encryptionService.getEncryptedPassword(
|
||||
passwd, user.getSalt());
|
||||
user.setPassword(password);
|
||||
user.setApiKey(userService.generateApiKey(user));
|
||||
userDAO.update(user);
|
||||
info("Password saved.");
|
||||
} else {
|
||||
error("Password do not match");
|
||||
}
|
||||
}
|
||||
};
|
||||
add(form);
|
||||
form.add(new PasswordTextField("password", password).setResetPassword(
|
||||
true).add(StringValidator.minimumLength(6)));
|
||||
form.add(new PasswordTextField("confirm", confirm).setResetPassword(
|
||||
true).add(StringValidator.minimumLength(6)));
|
||||
|
||||
form.add(new BookmarkablePageLink<Void>("cancel", HomePage.class));
|
||||
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,19 @@
|
||||
<html xmlns:wicket="http://wicket.apache.org">
|
||||
<body>
|
||||
<wicket:extend>
|
||||
<div class="container">
|
||||
<div class="text-center">
|
||||
<img src="images/logo_2.png" />
|
||||
<div wicket:id="feedback"></div>
|
||||
<form wicket:id="form">
|
||||
Email:
|
||||
<input type="email" wicket:id="email" />
|
||||
<br />
|
||||
<input type="submit" class="btn btn-primary" value="Submit" />
|
||||
<input type="button" class="btn" wicket:id="cancel" value="Cancel" />
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
</wicket:extend>
|
||||
</body>
|
||||
</html>
|
||||
@@ -0,0 +1,71 @@
|
||||
package com.commafeed.frontend.pages;
|
||||
|
||||
import java.util.Calendar;
|
||||
import java.util.UUID;
|
||||
|
||||
import org.apache.commons.codec.digest.DigestUtils;
|
||||
import org.apache.wicket.extensions.validation.validator.RfcCompliantEmailAddressValidator;
|
||||
import org.apache.wicket.markup.html.form.Form;
|
||||
import org.apache.wicket.markup.html.form.RequiredTextField;
|
||||
import org.apache.wicket.markup.html.link.BookmarkablePageLink;
|
||||
import org.apache.wicket.model.IModel;
|
||||
import org.apache.wicket.model.Model;
|
||||
import org.slf4j.Logger;
|
||||
import org.slf4j.LoggerFactory;
|
||||
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.frontend.pages.components.BootstrapFeedbackPanel;
|
||||
|
||||
@SuppressWarnings("serial")
|
||||
public class PasswordRecoveryPage extends BasePage {
|
||||
|
||||
private static Logger log = LoggerFactory
|
||||
.getLogger(PasswordRecoveryPage.class);
|
||||
|
||||
public PasswordRecoveryPage() {
|
||||
|
||||
IModel<String> email = new Model<String>();
|
||||
add(new BootstrapFeedbackPanel("feedback"));
|
||||
Form<String> form = new Form<String>("form", email) {
|
||||
@Override
|
||||
protected void onSubmit() {
|
||||
super.onSubmit();
|
||||
User user = userDAO.findByEmail(getModelObject());
|
||||
if (user == null) {
|
||||
error("Email not found.");
|
||||
} else {
|
||||
try {
|
||||
user.setRecoverPasswordToken(DigestUtils.sha1Hex(UUID
|
||||
.randomUUID().toString()));
|
||||
user.setRecoverPasswordTokenDate(Calendar.getInstance()
|
||||
.getTime());
|
||||
userDAO.update(user);
|
||||
mailService.sendMail(user,
|
||||
"CommaFeed - Password recovery",
|
||||
buildEmailContent(user));
|
||||
info("Email sent.");
|
||||
} catch (Exception e) {
|
||||
log.error(e.getMessage(), e);
|
||||
error("Cannot send email, please contact the staff.");
|
||||
}
|
||||
|
||||
}
|
||||
}
|
||||
|
||||
};
|
||||
add(form);
|
||||
|
||||
form.add(new RequiredTextField<String>("email", email) {
|
||||
@Override
|
||||
protected String getInputType() {
|
||||
return "email";
|
||||
}
|
||||
}.add(RfcCompliantEmailAddressValidator.getInstance()));
|
||||
|
||||
form.add(new BookmarkablePageLink<Void>("cancel", HomePage.class));
|
||||
}
|
||||
|
||||
private String buildEmailContent(User user) {
|
||||
return "cc";
|
||||
}
|
||||
}
|
||||
@@ -24,6 +24,7 @@
|
||||
</p>
|
||||
<div>
|
||||
<input type="submit" class="btn btn-primary" value="Log in" />
|
||||
<a wicket:id="recover" class="pull-right">Forgot password?</a>
|
||||
</div>
|
||||
</form>
|
||||
</wicket:panel>
|
||||
|
||||
@@ -1,15 +1,36 @@
|
||||
package com.commafeed.frontend.pages.components;
|
||||
|
||||
import javax.inject.Inject;
|
||||
|
||||
import org.apache.commons.lang3.StringUtils;
|
||||
import org.apache.wicket.authroles.authentication.panel.SignInPanel;
|
||||
import org.apache.wicket.feedback.ContainerFeedbackMessageFilter;
|
||||
import org.apache.wicket.markup.html.form.Form;
|
||||
import org.apache.wicket.markup.html.link.BookmarkablePageLink;
|
||||
|
||||
import com.commafeed.backend.services.ApplicationSettingsService;
|
||||
import com.commafeed.frontend.pages.PasswordRecoveryPage;
|
||||
|
||||
@SuppressWarnings("serial")
|
||||
public class LoginPanel extends SignInPanel {
|
||||
|
||||
@Inject
|
||||
ApplicationSettingsService applicationSettingsService;
|
||||
|
||||
public LoginPanel(String id) {
|
||||
super(id);
|
||||
replace(new BootstrapFeedbackPanel("feedback",
|
||||
new ContainerFeedbackMessageFilter(this)));
|
||||
Form<?> form = (Form<?>) get("signInForm");
|
||||
form.add(new BookmarkablePageLink<Void>("recover",
|
||||
PasswordRecoveryPage.class){
|
||||
@Override
|
||||
protected void onConfigure() {
|
||||
super.onConfigure();
|
||||
String smtpHost = applicationSettingsService.get().getSmtpHost();
|
||||
setVisibilityAllowed(StringUtils.isNotBlank(smtpHost));
|
||||
}
|
||||
});
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user