use of org.hisp.dhis.user.PasswordValidationResult in project dhis2-core by dhis2.
the class AccountController method restoreAccount.
@PostMapping("/restore")
@ResponseBody
public WebMessage restoreAccount(@RequestParam String token, @RequestParam String password) {
String[] idAndRestoreToken = securityService.decodeEncodedTokens(token);
String idToken = idAndRestoreToken[0];
User user = userService.getUserByIdToken(idToken);
if (user == null || idAndRestoreToken.length < 2) {
return conflict("Account recovery failed");
}
String restoreToken = idAndRestoreToken[1];
if (!systemSettingManager.accountRecoveryEnabled()) {
return conflict("Account recovery is not enabled");
}
if (!ValidationUtils.passwordIsValid(password)) {
return badRequest("Password is not specified or invalid");
}
if (password.trim().equals(user.getUsername())) {
return badRequest("Password cannot be equal to username");
}
CredentialsInfo credentialsInfo = new CredentialsInfo(user.getUsername(), password, user.getEmail() != null ? user.getEmail() : "", false);
PasswordValidationResult result = passwordValidationService.validate(credentialsInfo);
if (!result.isValid()) {
return badRequest(result.getErrorMessage());
}
boolean restoreSuccess = securityService.restore(user, restoreToken, password, RestoreType.RECOVER_PASSWORD);
if (!restoreSuccess) {
return badRequest("Account could not be restored");
}
log.info("Account restored for user: " + user.getUsername());
return ok("Account restored");
}
use of org.hisp.dhis.user.PasswordValidationResult in project dhis2-core by dhis2.
the class MeController method updatePassword.
private void updatePassword(User currentUser, String password) throws WebMessageException {
if (!StringUtils.isEmpty(password)) {
CredentialsInfo credentialsInfo = new CredentialsInfo(currentUser.getUsername(), password, currentUser.getEmail(), false);
PasswordValidationResult result = passwordValidationService.validate(credentialsInfo);
if (result.isValid()) {
userService.encodeAndSetPassword(currentUser, password);
} else {
throw new WebMessageException(conflict(result.getErrorMessage()));
}
}
}
Aggregations