Search in sources :

Example 1 with ArachnePasswordValidationResult

use of com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordValidationResult in project ArachneCentralAPI by OHDSI.

the class BaseAuthenticationController method resetPassword.

@ApiOperation("Reset password for specified e-mail.")
@RequestMapping(value = "/api/v1/auth/reset-password", method = RequestMethod.POST)
public JsonResult resetPassword(Principal principal, HttpServletRequest request, @RequestBody @Valid ResetPasswordDTO resetPasswordDTO, BindingResult binding) throws PasswordValidationException, UserNotFoundException, NotExistException, NoSuchFieldException, IOException, SolrServerException, IllegalAccessException {
    if (principal != null) {
        String token = request.getHeader(tokenHeader);
        tokenUtils.addInvalidateToken(token);
    }
    JsonResult result;
    if (binding.hasErrors()) {
        result = super.setValidationErrors(binding);
    } else {
        String email = resetPasswordDTO.getEmail();
        String token = resetPasswordDTO.getToken();
        String newPassword = resetPasswordDTO.getPassword();
        final ArachnePasswordData passwordData = new ArachnePasswordData(new Password(newPassword));
        final ArachnePasswordValidationResult validationResult = passwordValidator.validate(passwordData);
        if (!validationResult.isValid()) {
            throw new PasswordValidationException(passwordValidator.getMessages(validationResult));
        }
        if (passwordResetService.canReset(email, token)) {
            IUser user = userService.getByUnverifiedEmailInAnyTenant(email);
            user.setPassword(newPassword);
            userService.resetPassword(user);
            result = new JsonResult<>(JsonResult.ErrorCode.NO_ERROR);
        } else {
            result = new JsonResult<>(JsonResult.ErrorCode.VALIDATION_ERROR);
            result.setErrorMessage("Token expired. Please, request new reset password link.");
        }
    }
    return result;
}
Also used : ArachnePasswordData(com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordData) PasswordValidationException(com.odysseusinc.arachne.portal.exception.PasswordValidationException) IUser(com.odysseusinc.arachne.portal.model.IUser) ArachnePasswordValidationResult(com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordValidationResult) JsonResult(com.odysseusinc.arachne.commons.api.v1.dto.util.JsonResult) Password(edu.vt.middleware.password.Password) ApiOperation(io.swagger.annotations.ApiOperation) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 2 with ArachnePasswordValidationResult

use of com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordValidationResult in project ArachneCentralAPI by OHDSI.

the class BaseUserServiceImpl method validatePassword.

private void validatePassword(String username, String firstName, String lastName, String middleName, String password) throws PasswordValidationException {
    ArachnePasswordData passwordData = new ArachnePasswordData(new Password(password));
    passwordData.setUsername(username);
    passwordData.setFirstName(firstName);
    passwordData.setLastName(lastName);
    passwordData.setMiddleName(middleName);
    final ArachnePasswordValidationResult result = passwordValidator.validate(passwordData);
    if (!result.isValid()) {
        throw new PasswordValidationException(passwordValidator.getMessages(result));
    }
}
Also used : ArachnePasswordData(com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordData) PasswordValidationException(com.odysseusinc.arachne.portal.exception.PasswordValidationException) ArachnePasswordValidationResult(com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordValidationResult) Password(edu.vt.middleware.password.Password)

Aggregations

PasswordValidationException (com.odysseusinc.arachne.portal.exception.PasswordValidationException)2 ArachnePasswordData (com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordData)2 ArachnePasswordValidationResult (com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordValidationResult)2 Password (edu.vt.middleware.password.Password)2 JsonResult (com.odysseusinc.arachne.commons.api.v1.dto.util.JsonResult)1 IUser (com.odysseusinc.arachne.portal.model.IUser)1 ApiOperation (io.swagger.annotations.ApiOperation)1 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)1