lucasvbr/Cards-Rush
1
0
Fork 0
mirror of https://github.com/kmitresse/Cards-Rush.git synced 2026-05-13 17:11:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

feet: dev-web - update reset password and token generation

Browse Source
This commit is contained in:
kmitresse
2024-03-23 09:49:21 +01:00
parent c37fcfc8ca
commit f9622ec272
7 changed files with 40 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files
S2/DevWeb/Projet/src/main/java/uppa/project/pojo/RecoveryPasswordToken.java
+1
View File
@@ -50,6 +50,7 @@ public class RecoveryPasswordToken {
public RecoveryPasswordToken(String token, User user) {
this.token = token;
this.user = user;
this.expiresAt = new Date(new Date().getTime() + 600000);
}
/**
S2/DevWeb/Projet/src/main/java/uppa/project/servlet/ForgottenPasswordServlet.java
+10 -9
View File
@@ -23,6 +23,9 @@ import uppa.project.pojo.User;
import java.util.Properties;
import javax.mail.*;
import javax.mail.internet.*;
import uppa.project.provider.DotenvProvider;
import io.github.cdimascio.dotenv.Dotenv;
@WebServlet(name = "forgottenPasswordServlet", value = "/forgotten-password")
public class ForgottenPasswordServlet extends HttpServlet {
@@ -64,14 +67,11 @@ public class ForgottenPasswordServlet extends HttpServlet {
* @param token
*/
public void sendRecoveryEmail(String email, String token) {
String host = "smtp.gmail.com";
String port = "587";
//TODO: Set up environment variables
// String username = System.getenv("MAIL_USERNAME");
// String password = System.getenv("MAIL_PASSWORD");
String username = "kmitresse@gmail.com";
String password = "xwos ujwf cesq ocyt";
Dotenv dotEnv = DotenvProvider.getInstance();
String host = dotEnv.get("MAIL_HOST");
String port = dotEnv.get("MAIL_PORT");
String username = dotEnv.get("MAIL_USERNAME");
String password = dotEnv.get("MAIL_PASSWORD");
Properties props = new Properties();
props.put("mail.smtp.auth", "true");
@@ -87,6 +87,7 @@ public class ForgottenPasswordServlet extends HttpServlet {
});
try {
String tomcatHost = dotEnv.get("TOMCAT_HOST");
// Création du message
Message message = new MimeMessage(session);
message.setFrom(new InternetAddress(username));
@@ -94,7 +95,7 @@ public class ForgottenPasswordServlet extends HttpServlet {
message.setSubject("Réinitialisation de votre mot de passe");
message.setText("Bonjour,\n\n" +
"Vous avez demandé la réinitialisation de votre mot de passe.\n" +
"Pour cela, veuillez cliquer sur le lien suivant : http://localhost:8088/project_war_exploded/reset-password?token=" + token + "\n\n" +
"Pour cela, veuillez cliquer sur le lien suivant : http://localhost:"+tomcatHost+"/project_war_exploded/reset-password?token=" + token + "\n\n" +
"Cordialement,\n" +
"L'équipe CardRush");
// Envoi du message
S2/DevWeb/Projet/src/main/java/uppa/project/servlet/ResetPasswordServlet.java
+10 -6
View File
@@ -19,9 +19,13 @@ public class ResetPasswordServlet extends HttpServlet {
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException, ServletException {
RecoveryPasswordToken recoveryPasswordToken = findRecoveryToken(request.getParameter("token"));
if (recoveryPasswordToken == null) {
response.sendRedirect(request.getContextPath() + "/error?code=404");
RecoveryPasswordToken token = findRecoveryToken(request.getParameter("token"));
if (token == null) {
response.sendRedirect(request.getContextPath() + "/forgotten-password?error=invalid-token");
return;
}
if (token.getExpirationDate().compareTo(new java.util.Date()) > 0){
response.sendRedirect(request.getContextPath() + "/forgotten-password?error=expired-token");
return;
}
request.getRequestDispatcher("/WEB-INF/views/reset-password.jsp").forward(request, response);
@@ -44,7 +48,7 @@ public class ResetPasswordServlet extends HttpServlet {
System.out.println(!newPassword.equals(confirmPassword));
if (!newPassword.equals(confirmPassword)) {
System.out.println("ici");
response.sendRedirect(request.getContextPath() + "/reset-password?error=1&token=" + recoveryPasswordToken.getToken());
response.sendRedirect(request.getContextPath() + "/reset-password?error=matching-password&token=" + recoveryPasswordToken.getToken());
return;
}
user.setPassword(newPassword);
@@ -52,9 +56,9 @@ public class ResetPasswordServlet extends HttpServlet {
try {
daoJpaUser = new DAO_JPA_User();
daoJpaUser.update(user);
response.sendRedirect(request.getContextPath() + "/login?success=password-modified");
response.sendRedirect(request.getContextPath() + "/login?success=password-reseted");
} catch (DAOException e) {
response.sendRedirect(request.getContextPath() + "/reset-password?error=2");
response.sendRedirect(request.getContextPath() + "/reset-password?error=1");
}
}
S2/DevWeb/Projet/src/main/webapp/WEB-INF/static/js/forgotten-password.js
+14
View File
@@ -24,3 +24,17 @@ forgottenPasswordForm.addEventListener("submit", (event) => {
});
window.onload = function (){
const urlParams = new URLSearchParams(window.location.search);
let error = null;
if (urlParams.has('error')) {
error = urlParams.get('error');
}
console.log(error);
if (error != null && error === "expired-token") {
window.alert("Lien expiré, veuillez recommencer la procédure de récupération de mot de passe.");
}
if (error != null && error === "invalid-token") {
window.alert("Lien invalide, veuillez recommencer la procédure de récupération de mot de passe.");
}
}
S2/DevWeb/Projet/src/main/webapp/WEB-INF/static/js/reset-password.js
+1 -2
View File
@@ -27,7 +27,6 @@ ResetPasswordForm.addEventListener("submit", function (event) {
}).catch(error => {
console.error("Error:", error);
});
});
S2/DevWeb/Projet/src/main/webapp/WEB-INF/views/forgotten-password.jsp
+2 -1
View File
@@ -19,11 +19,12 @@
<input type="email" id="email" name="email" required>
<button type="submit">Send</button>
</form>
<%if(request.getParameter("error") != null){%>
<%if(request.getParameter("error") != null && request.getParameter("error").equals("1")){%>
<p>L'adresse mail insérée est incorrecte</p>
<%} else if (request.getParameter("success") != null) {%>
<p>Un email vous a été envoyé</p>
<%}%>
</main>
</body>
<script><%@include file="../static/js/forgotten-password.js"%></script>
</html>
S2/DevWeb/Projet/src/main/webapp/WEB-INF/views/reset-password.jsp
+2 -23
View File
@@ -11,28 +11,10 @@
<%@ page contentType="text/html;charset=UTF-8" language="java" %>
<html>
<head>
<title>Recovery password</title>
<title>Récupération du mot de passe</title>
</head>
<body>
<main>
<%
DAO_JPA_RecoveryPasswordToken dao = null;
RecoveryPasswordToken[] token;
try {
dao = new DAO_JPA_RecoveryPasswordToken();
token = dao.findByField("token",request.getParameter("token"));
} catch (DAOException e) {
throw new RuntimeException(e);
}
if (token.length == 0 || token[0] == null || token[0].getExpirationDate()== null) {%>
<p> Lien invalide </p>
<%
} else if (token[0].getExpirationDate().compareTo(new java.util.Date()) >0){
%>
<p> Lien expiré </p>
<%
} else {
%>
<jsp:include page="../components/navbar.jsp"/>
<h1>Récupération du mot de passe</h1>
<form id="resetPasswordForm" action="reset-password" method="post">
@@ -40,15 +22,12 @@
<input type="password" id="newPassword" name="newPassword" required>
<label for="confirmPassword">Confirmer le mot de passe</label>
<input type="password" id="confirmPassword" name="confirmPassword" required>
<% if (request.getParameter("error") != null && request.getParameter("error").equals("1")) {%>
<% if (request.getParameter("error") != null && request.getParameter("error").equals("matching-password")) {%>
<p>Les mots de passe ne correspondent pas</p>
<% } %>
<input type="hidden" name="token" value="${param.token}">
<input type="submit" value="Valider">
</form>
<%
}
%>
</main>
</body>
</html>