package org.xmx0632.deliciousfruit.api.v1;
import javax.validation.Validator;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.ResponseBody;
import org.xmx0632.deliciousfruit.api.v1.helper.PasswordHelper;
import org.xmx0632.deliciousfruit.entity.UserAccount;
import org.xmx0632.deliciousfruit.service.ResetPasswordService;
import org.xmx0632.deliciousfruit.service.UserAccountService;
/**
* 重置用户密码
*
* @author xmx0632
*/
@Controller
@RequestMapping(value = "/resetPwd")
public class UserAccountResetPasswordController {
private static Logger log = LoggerFactory
.getLogger(UserAccountResetPasswordController.class);
@Autowired
private UserAccountService userAccountService;
@Autowired
private ResetPasswordService resetPasswordService;
@Autowired
private Validator validator;
@RequestMapping(value = "/init", method = RequestMethod.GET)
public String resetPwd(@RequestParam String username,
@RequestParam String email, @RequestParam Long ts,
@RequestParam String enkey, Model model) {
// 验证参数是否合法
boolean isValidRequest = resetPasswordService.isValidRequest(username,
email, ts, enkey);
log.debug("username:{}, email:{}, ts:{}, enkey:{}, isValidRequest?{}",
username, email, ts, enkey, isValidRequest);
if (!isValidRequest) {
log.info(
"invalid reset password request detected. username:{}, email:{}, ts:{}, enkey:{}, isValidRequest?{}",
username, email, ts, enkey, isValidRequest);
return "error/403";
}
// 显示新密码框
UserAccount userAccount = userAccountService.findByUsername(username);
log.debug("userAccount:{}", userAccount);
model.addAttribute("userAccount", userAccount);
return "account/resetPwd";
}
@RequestMapping(value = "/reset", method = RequestMethod.POST)
@ResponseBody
public String reset(@RequestParam String username, @RequestParam Long id,
@RequestParam String plainPassword, Model model) {
UserAccount ua = userAccountService.getUserAccount(id);
if (ua != null && ua.getUsername().equals(username)) {
if (StringUtils.isNotBlank(plainPassword)) {
log.debug("username:{} reset password success", username);
String encodedPassword = PasswordHelper.md5(plainPassword);
ua.setPassword(encodedPassword);
userAccountService.saveUserAccount(ua);
return "密码重置成功.";
} else {
return "密码不能为空";
}
} else {
return "bad request";
}
}
}