Examples with ResetPasswordToken site.model.ResetPasswordToken used on opensource projects

Search in sources :

Example 1 with ResetPasswordToken

use of site.model.ResetPasswordToken in project jprime by bgjug.

the class ResetPasswordService method createNewToken.

public String createNewToken(User user) {
    String tokenId = getNewTokenId();
    ResetPasswordToken resetPassToken = new ResetPasswordToken(user, tokenId);
    String tokenShaHex = Sha512DigestUtils.shaHex(resetPassToken.getTokenId());
    resetPassToken.setTokenId(tokenShaHex);
    resetPassRepository.save(resetPassToken);
    return tokenId;
}
Also used : ResetPasswordToken(site.model.ResetPasswordToken)

Example 2 with ResetPasswordToken

use of site.model.ResetPasswordToken in project jprime by bgjug.

the class ResetPasswordService method setTokenToUsed.

public void setTokenToUsed(String tokenId) {
    String tokenShaHex = Sha512DigestUtils.shaHex(tokenId);
    ResetPasswordToken resetPasswordToken = resetPassRepository.findByTokenId(tokenShaHex);
    User owner = resetPasswordToken.getOwner();
    List<ResetPasswordToken> tokens = resetPassRepository.findAllByOwner(owner);
    for (ResetPasswordToken token : tokens) {
        token.setUsed(true);
    }
    resetPassRepository.saveAll(tokens);
}
Also used : User(site.model.User) ResetPasswordToken(site.model.ResetPasswordToken)

Example 3 with ResetPasswordToken

use of site.model.ResetPasswordToken in project jprime by bgjug.

the class ResetPasswordService method checkTokenValidity.

/**
 * @param tokenId
 * @return User owning the token if tokenId is valid, return NULL if tokenId
 *         is not valid
 */
public User checkTokenValidity(String tokenId) {
    String tokenShaHex = Sha512DigestUtils.shaHex(tokenId);
    ResetPasswordToken resetPasswordToken = resetPassRepository.findByTokenId(tokenShaHex);
    if (resetPasswordToken == null) {
        logger.debug("ResetPasswordToken id=" + tokenId + " , ShaHex: " + tokenShaHex + " NOT found. This could be an attacker brute forcing the token!");
        return null;
    }
    User owner = resetPasswordToken.getOwner();
    if (resetPasswordToken.isUsed()) {
        logger.debug("ResetPassworToken for user: " + owner + " with Id=" + tokenId + ", ShaHex: " + tokenShaHex + " is aleady used.");
        return null;
    }
    DateTime createdDate = resetPasswordToken.getCreatedDate();
    DateTime deadline = createdDate.plusHours(TOKEN_DURATION_IN_HOURS);
    if (deadline.isBeforeNow()) {
        logger.debug("ResetPassworToken for user: " + owner + " with Id=" + tokenId + ", ShaHex: " + tokenShaHex + "  is expired.");
        return null;
    }
    return owner;
}
Also used : User(site.model.User) ResetPasswordToken(site.model.ResetPasswordToken) DateTime(org.joda.time.DateTime)

Aggregations

ResetPasswordToken (site.model.ResetPasswordToken)3 User (site.model.User)2 DateTime (org.joda.time.DateTime)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial