Search in sources :

Example 1 with OpenClinicaJdbcService

use of org.akaza.openclinica.web.filter.OpenClinicaJdbcService in project OpenClinica by OpenClinica.

the class RequestPasswordServlet method confirmPassword.

/**
 * @param request
 * @param response
 */
private void confirmPassword() throws Exception {
    Validator v = new Validator(request);
    FormProcessor fp = new FormProcessor(request);
    v.addValidation("name", Validator.NO_BLANKS);
    v.addValidation("email", Validator.IS_A_EMAIL);
    v.addValidation("passwdChallengeQuestion", Validator.NO_BLANKS);
    v.addValidation("passwdChallengeAnswer", Validator.NO_BLANKS);
    errors = v.validate();
    // user bean from web
    UserAccountBean ubForm = new UserAccountBean();
    // form
    ubForm.setName(fp.getString("name"));
    ubForm.setEmail(fp.getString("email"));
    ubForm.setPasswdChallengeQuestion(fp.getString("passwdChallengeQuestion"));
    ubForm.setPasswdChallengeAnswer(fp.getString("passwdChallengeAnswer"));
    sm = new SessionManager(null, ubForm.getName(), SpringServletAccess.getApplicationContext(context));
    UserAccountDAO uDAO = new UserAccountDAO(sm.getDataSource());
    // see whether this user in the DB
    UserAccountBean ubDB = (UserAccountBean) uDAO.findByUserName(ubForm.getName());
    UserAccountBean updater = ubDB;
    request.setAttribute("userBean1", ubForm);
    if (!errors.isEmpty()) {
        logger.info("after processing form,has errors");
        request.setAttribute("formMessages", errors);
        forwardPage(Page.REQUEST_PWD);
    } else {
        logger.info("after processing form,no errors");
        // whether this user's email is in the DB
        if (ubDB.getEmail() != null && ubDB.getEmail().equalsIgnoreCase(ubForm.getEmail())) {
            logger.info("ubDB.getPasswdChallengeQuestion()" + ubDB.getPasswdChallengeQuestion());
            logger.info("ubForm.getPasswdChallengeQuestion()" + ubForm.getPasswdChallengeQuestion());
            logger.info("ubDB.getPasswdChallengeAnswer()" + ubDB.getPasswdChallengeAnswer());
            logger.info("ubForm.getPasswdChallengeAnswer()" + ubForm.getPasswdChallengeAnswer());
            // if this user's password challenge can be verified
            if (ubDB.getPasswdChallengeQuestion().equals(ubForm.getPasswdChallengeQuestion()) && ubDB.getPasswdChallengeAnswer().equalsIgnoreCase(ubForm.getPasswdChallengeAnswer())) {
                SecurityManager sm = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
                String newPass = sm.genPassword();
                OpenClinicaJdbcService ocService = ((OpenClinicaJdbcService) SpringServletAccess.getApplicationContext(context).getBean("ocUserDetailsService"));
                String newDigestPass = sm.encrytPassword(newPass, ocService.loadUserByUsername(ubForm.getName()));
                ubDB.setPasswd(newDigestPass);
                // passwdtimestamp should be null ,fix
                // PrepareStatementFactory
                Calendar cal = Calendar.getInstance();
                // Date date = local_df.parse("01/01/1900");
                // cal.setTime(date);
                // ubDB.setPasswdTimestamp(cal.getTime());
                ubDB.setPasswdTimestamp(null);
                ubDB.setUpdater(updater);
                ubDB.setLastVisitDate(new Date());
                logger.info("user bean to be updated:" + ubDB.getId() + ubDB.getName() + ubDB.getActiveStudyId());
                uDAO.update(ubDB);
                sendPassword(newPass, ubDB);
            } else {
                addPageMessage(respage.getString("your_password_not_verified_try_again"));
                forwardPage(Page.REQUEST_PWD);
            }
        } else {
            addPageMessage(respage.getString("your_email_address_not_found_try_again"));
            forwardPage(Page.REQUEST_PWD);
        }
    }
}
Also used : SecurityManager(org.akaza.openclinica.core.SecurityManager) FormProcessor(org.akaza.openclinica.control.form.FormProcessor) SessionManager(org.akaza.openclinica.core.SessionManager) Calendar(java.util.Calendar) UserAccountBean(org.akaza.openclinica.bean.login.UserAccountBean) UserAccountDAO(org.akaza.openclinica.dao.login.UserAccountDAO) Validator(org.akaza.openclinica.control.form.Validator) OpenClinicaJdbcService(org.akaza.openclinica.web.filter.OpenClinicaJdbcService) Date(java.util.Date)

Aggregations

Calendar (java.util.Calendar)1 Date (java.util.Date)1 UserAccountBean (org.akaza.openclinica.bean.login.UserAccountBean)1 FormProcessor (org.akaza.openclinica.control.form.FormProcessor)1 Validator (org.akaza.openclinica.control.form.Validator)1 SecurityManager (org.akaza.openclinica.core.SecurityManager)1 SessionManager (org.akaza.openclinica.core.SessionManager)1 UserAccountDAO (org.akaza.openclinica.dao.login.UserAccountDAO)1 OpenClinicaJdbcService (org.akaza.openclinica.web.filter.OpenClinicaJdbcService)1