use of org.akaza.openclinica.web.filter.OpenClinicaJdbcService in project OpenClinica by OpenClinica.
the class RequestPasswordServlet method confirmPassword.
/**
* @param request
* @param response
*/
private void confirmPassword() throws Exception {
Validator v = new Validator(request);
FormProcessor fp = new FormProcessor(request);
v.addValidation("name", Validator.NO_BLANKS);
v.addValidation("email", Validator.IS_A_EMAIL);
v.addValidation("passwdChallengeQuestion", Validator.NO_BLANKS);
v.addValidation("passwdChallengeAnswer", Validator.NO_BLANKS);
errors = v.validate();
// user bean from web
UserAccountBean ubForm = new UserAccountBean();
// form
ubForm.setName(fp.getString("name"));
ubForm.setEmail(fp.getString("email"));
ubForm.setPasswdChallengeQuestion(fp.getString("passwdChallengeQuestion"));
ubForm.setPasswdChallengeAnswer(fp.getString("passwdChallengeAnswer"));
sm = new SessionManager(null, ubForm.getName(), SpringServletAccess.getApplicationContext(context));
UserAccountDAO uDAO = new UserAccountDAO(sm.getDataSource());
// see whether this user in the DB
UserAccountBean ubDB = (UserAccountBean) uDAO.findByUserName(ubForm.getName());
UserAccountBean updater = ubDB;
request.setAttribute("userBean1", ubForm);
if (!errors.isEmpty()) {
logger.info("after processing form,has errors");
request.setAttribute("formMessages", errors);
forwardPage(Page.REQUEST_PWD);
} else {
logger.info("after processing form,no errors");
// whether this user's email is in the DB
if (ubDB.getEmail() != null && ubDB.getEmail().equalsIgnoreCase(ubForm.getEmail())) {
logger.info("ubDB.getPasswdChallengeQuestion()" + ubDB.getPasswdChallengeQuestion());
logger.info("ubForm.getPasswdChallengeQuestion()" + ubForm.getPasswdChallengeQuestion());
logger.info("ubDB.getPasswdChallengeAnswer()" + ubDB.getPasswdChallengeAnswer());
logger.info("ubForm.getPasswdChallengeAnswer()" + ubForm.getPasswdChallengeAnswer());
// if this user's password challenge can be verified
if (ubDB.getPasswdChallengeQuestion().equals(ubForm.getPasswdChallengeQuestion()) && ubDB.getPasswdChallengeAnswer().equalsIgnoreCase(ubForm.getPasswdChallengeAnswer())) {
SecurityManager sm = ((SecurityManager) SpringServletAccess.getApplicationContext(context).getBean("securityManager"));
String newPass = sm.genPassword();
OpenClinicaJdbcService ocService = ((OpenClinicaJdbcService) SpringServletAccess.getApplicationContext(context).getBean("ocUserDetailsService"));
String newDigestPass = sm.encrytPassword(newPass, ocService.loadUserByUsername(ubForm.getName()));
ubDB.setPasswd(newDigestPass);
// passwdtimestamp should be null ,fix
// PrepareStatementFactory
Calendar cal = Calendar.getInstance();
// Date date = local_df.parse("01/01/1900");
// cal.setTime(date);
// ubDB.setPasswdTimestamp(cal.getTime());
ubDB.setPasswdTimestamp(null);
ubDB.setUpdater(updater);
ubDB.setLastVisitDate(new Date());
logger.info("user bean to be updated:" + ubDB.getId() + ubDB.getName() + ubDB.getActiveStudyId());
uDAO.update(ubDB);
sendPassword(newPass, ubDB);
} else {
addPageMessage(respage.getString("your_password_not_verified_try_again"));
forwardPage(Page.REQUEST_PWD);
}
} else {
addPageMessage(respage.getString("your_email_address_not_found_try_again"));
forwardPage(Page.REQUEST_PWD);
}
}
}
Aggregations