use of org.sagebionetworks.bridge.services.AuthenticationService.ChannelType in project BridgeServer2 by Sage-Bionetworks.
the class AccountWorkflowService method resetPassword.
/**
* Use a supplied password reset token to change the password on an account. If the supplied
* token is not valid, this method throws an exception. If the token is valid but the account
* does not exist, an exception is also thrown (this would be unusual).
*/
public void resetPassword(PasswordReset passwordReset) {
checkNotNull(passwordReset);
// This pathway is unusual as the token may have been sent via email or phone, so test for both.
CacheKey emailCacheKey = CacheKey.passwordResetForEmail(passwordReset.getSptoken(), passwordReset.getAppId());
CacheKey phoneCacheKey = CacheKey.passwordResetForPhone(passwordReset.getSptoken(), passwordReset.getAppId());
String email = cacheProvider.getObject(emailCacheKey, String.class);
Phone phone = cacheProvider.getObject(phoneCacheKey, Phone.class);
if (email == null && phone == null) {
throw new BadRequestException(PASSWORD_RESET_TOKEN_EXPIRED);
}
cacheProvider.removeObject(emailCacheKey);
cacheProvider.removeObject(phoneCacheKey);
App app = appService.getApp(passwordReset.getAppId());
ChannelType channelType = null;
AccountId accountId = null;
if (email != null) {
accountId = AccountId.forEmail(app.getIdentifier(), email);
channelType = ChannelType.EMAIL;
} else if (phone != null) {
accountId = AccountId.forPhone(app.getIdentifier(), phone);
channelType = ChannelType.PHONE;
} else {
throw new BridgeServiceException("Could not reset password");
}
Account account = accountService.getAccount(accountId).orElseThrow(() -> new EntityNotFoundException(Account.class));
accountService.changePassword(account, channelType, passwordReset.getPassword());
}
Aggregations