/* ==================================================================
* Created [2009-4-27 下午11:32:55] by Jon.King
* ==================================================================
* TSS
* ==================================================================
* mailTo:jinpujun@hotmail.com
* Copyright (c) Jon.King, 2009-2012
* ==================================================================
*/
package com.jinhe.tss.um.servlet;
import java.io.IOException;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import com.jinhe.tss.core.Global;
import com.jinhe.tss.core.exception.BusinessException;
import com.jinhe.tss.core.util.EasyUtils;
import com.jinhe.tss.core.util.InfoEncoder;
import com.jinhe.tss.core.web.dispaly.SuccessMessageEncoder;
import com.jinhe.tss.core.web.dispaly.XmlPrintWriter;
import com.jinhe.tss.um.entity.User;
import com.jinhe.tss.um.service.IUserService;
/**
* <p> ResetPasswordServlet.java </p>
* <p>
* 修改密码Servlet。<br>
* 规则:<br>
* 1、先验证旧密码是否正确(和主用户组密码),不相等则抛出异常结束修改密码流程;<br>
* 2、修改主用户组里用户密码。(LoginName + Password MD5加密)<br>
* </p>
*
* request.getParameter("type")
* 1、verify: 修改密码。需要正确输入旧密码
* 2、reset :根据密码提示重置密码。只需UserID不为空且对应的用户存在
*/
public class ResetPasswordServlet extends HttpServlet {
private static final long serialVersionUID = -740569423483772472L;
IUserService service = (IUserService) Global.getContext().getBean("UserService");
protected void doGet(HttpServletRequest request,
HttpServletResponse response) throws ServletException, IOException {
doPost(request, response);
}
protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
response.setContentType("text/html;charset=GBK");
String userId = request.getParameter("userId");
String password = request.getParameter("password");
String newPassword = request.getParameter("newPassword");
if(EasyUtils.isNullOrEmpty(userId)) {
throw new BusinessException("修改密码时用户ID不能为空");
}
Long id = Long.valueOf(userId);
User user = service.getUserById(id);
if(user == null) {
throw new BusinessException("修改密码时找不到用户ID为" + id + "用户,可能已被删除,请联系管理员");
}
String verifyOrReset = request.getParameter("type");
if( !"reset".equals(verifyOrReset) ) {
String oldPassword = InfoEncoder.string2MD5(user.getLoginName() + "_" + password);
if(!user.getPassword().equals(oldPassword)){
throw new BusinessException("旧密码输入不正确");
}
}
// 更新密码
user.setPassword(InfoEncoder.string2MD5(user.getLoginName() + "_" + (newPassword == null ? password : newPassword)));
service.updateUser(user);
SuccessMessageEncoder encoder = new SuccessMessageEncoder("设置新密码成功!");
encoder.print(new XmlPrintWriter(response.getWriter()));
}
}