Examples with InvalidTokenException - org.motechproject.security.exception.InvalidTokenException

Example 1 with InvalidTokenException

use of org.motechproject.security.exception.InvalidTokenException in project motech by motech.

the class PasswordRecoveryServiceImpl method resetPassword.

@Override
@Transactional
public void resetPassword(String token, String password, String passwordConfirmation) throws InvalidTokenException {
    if (!password.equals(passwordConfirmation)) {
        throw new IllegalArgumentException("Password and confirmation do not match");
    }
    PasswordRecovery recovery = findForToken(token);
    if (!validateRecovery(recovery)) {
        throw new InvalidTokenException();
    }
    MotechUser user = motechUsersDao.findByUserName(recovery.getUsername());
    if (user == null) {
        throw new InvalidTokenException("This user has been deleted");
    }
    String encodedPassword = passwordEncoder.encodePassword(password);
    user.setPassword(encodedPassword);
    motechUsersDao.update(user);
    passwordRecoveriesDataService.delete(recovery);
}

Also used : InvalidTokenException(org.motechproject.security.exception.InvalidTokenException) MotechUser(org.motechproject.security.domain.MotechUser) PasswordRecovery(org.motechproject.security.domain.PasswordRecovery) Transactional(org.springframework.transaction.annotation.Transactional)

Example 2 with InvalidTokenException

use of org.motechproject.security.exception.InvalidTokenException in project motech by motech.

the class ResetControllerTest method testResetInvalidToken.

@Test
public void testResetInvalidToken() throws Exception {
    ResetViewData expected = getResetViewData(true, true, asList("server.reset.invalidToken"), getResetForm(TOKEN, PASSWORD, PASSWORD));
    doThrow(new InvalidTokenException()).when(recoveryService).resetPassword(TOKEN, PASSWORD, PASSWORD);
    controller.perform(post("/forgotreset").locale(Locale.ENGLISH).body(new ObjectMapper().writeValueAsBytes(getResetForm(TOKEN, PASSWORD, PASSWORD))).contentType(MediaType.APPLICATION_JSON)).andExpect(status().isOk()).andExpect(content().string(new ObjectMapper().writeValueAsString(expected)));
    verify(recoveryService).resetPassword(TOKEN, PASSWORD, PASSWORD);
}

Also used : InvalidTokenException(org.motechproject.security.exception.InvalidTokenException) ResetViewData(org.motechproject.server.web.dto.ResetViewData) ObjectMapper(org.codehaus.jackson.map.ObjectMapper) Test(org.junit.Test)

Example 3 with InvalidTokenException

use of org.motechproject.security.exception.InvalidTokenException in project motech by motech.

the class ResetController method reset.

@RequestMapping(value = "/forgotreset", method = RequestMethod.POST)
@ResponseBody
public ResetViewData reset(@RequestBody ResetForm form, final HttpServletRequest request) {
    ResetViewData viewData = new ResetViewData();
    viewData.setResetForm(form);
    viewData.setPageLang(cookieLocaleResolver.resolveLocale(request));
    viewData.setInvalidToken(false);
    List<String> errors = resetFormValidator.validate(form);
    if (!errors.isEmpty()) {
        viewData.setResetSucceed(false);
        viewData.setErrors(errors);
        return viewData;
    } else {
        try {
            recoveryService.resetPassword(form.getToken(), form.getPassword(), form.getPasswordConfirmation());
        } catch (InvalidTokenException e) {
            LOGGER.debug("Reset with invalid token attempted", e);
            errors.add("server.reset.invalidToken");
            viewData.setInvalidToken(true);
        } catch (RuntimeException e) {
            LOGGER.error("Error while reseting passsword", e);
            errors.add("server.reset.error");
        }
        viewData.setResetSucceed(true);
        viewData.setErrors(errors);
    }
    return viewData;
}

Also used : InvalidTokenException(org.motechproject.security.exception.InvalidTokenException) ResetViewData(org.motechproject.server.web.dto.ResetViewData) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Aggregations

InvalidTokenException (org.motechproject.security.exception.InvalidTokenException)3 ResetViewData (org.motechproject.server.web.dto.ResetViewData)2 ObjectMapper (org.codehaus.jackson.map.ObjectMapper)1 Test (org.junit.Test)1 MotechUser (org.motechproject.security.domain.MotechUser)1 PasswordRecovery (org.motechproject.security.domain.PasswordRecovery)1 Transactional (org.springframework.transaction.annotation.Transactional)1 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)1 ResponseBody (org.springframework.web.bind.annotation.ResponseBody)1