use of com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordValidationResult in project ArachneCentralAPI by OHDSI.
the class BaseAuthenticationController method resetPassword.
@ApiOperation("Reset password for specified e-mail.")
@RequestMapping(value = "/api/v1/auth/reset-password", method = RequestMethod.POST)
public JsonResult resetPassword(Principal principal, HttpServletRequest request, @RequestBody @Valid ResetPasswordDTO resetPasswordDTO, BindingResult binding) throws PasswordValidationException, UserNotFoundException, NotExistException, NoSuchFieldException, IOException, SolrServerException, IllegalAccessException {
if (principal != null) {
String token = request.getHeader(tokenHeader);
tokenUtils.addInvalidateToken(token);
}
JsonResult result;
if (binding.hasErrors()) {
result = super.setValidationErrors(binding);
} else {
String email = resetPasswordDTO.getEmail();
String token = resetPasswordDTO.getToken();
String newPassword = resetPasswordDTO.getPassword();
final ArachnePasswordData passwordData = new ArachnePasswordData(new Password(newPassword));
final ArachnePasswordValidationResult validationResult = passwordValidator.validate(passwordData);
if (!validationResult.isValid()) {
throw new PasswordValidationException(passwordValidator.getMessages(validationResult));
}
if (passwordResetService.canReset(email, token)) {
IUser user = userService.getByUnverifiedEmailInAnyTenant(email);
user.setPassword(newPassword);
userService.resetPassword(user);
result = new JsonResult<>(JsonResult.ErrorCode.NO_ERROR);
} else {
result = new JsonResult<>(JsonResult.ErrorCode.VALIDATION_ERROR);
result.setErrorMessage("Token expired. Please, request new reset password link.");
}
}
return result;
}
use of com.odysseusinc.arachne.portal.security.passwordvalidator.ArachnePasswordValidationResult in project ArachneCentralAPI by OHDSI.
the class BaseUserServiceImpl method validatePassword.
private void validatePassword(String username, String firstName, String lastName, String middleName, String password) throws PasswordValidationException {
ArachnePasswordData passwordData = new ArachnePasswordData(new Password(password));
passwordData.setUsername(username);
passwordData.setFirstName(firstName);
passwordData.setLastName(lastName);
passwordData.setMiddleName(middleName);
final ArachnePasswordValidationResult result = passwordValidator.validate(passwordData);
if (!result.isValid()) {
throw new PasswordValidationException(passwordValidator.getMessages(result));
}
}
Aggregations