venice-dynamo-rewrite/venice-data/util/password_recovery.js
2003-05-20 03:25:31 +00:00

63 lines
3.0 KiB
JavaScript

// The contents of this file are subject to the Mozilla Public License Version 1.1
// (the "License"); you may not use this file except in compliance with the License.
// You may obtain a copy of the License at <http://www.mozilla.org/MPL/>.
//
// Software distributed under the License is distributed on an "AS IS" basis, WITHOUT
// WARRANTY OF ANY KIND, either express or implied. See the License for the specific
// language governing rights and limitations under the License.
//
// The Original Code is the Venice Web Communities System.
//
// The Initial Developer of the Original Code is Eric J. Bowersox <erbo@silcom.com>,
// for Silverwrist Design Studios. Portions created by Eric J. Bowersox are
// Copyright (C) 2002 Eric J. Bowersox/Silverwrist Design Studios. All Rights Reserved.
//
// Contributor(s):
importPackage(java.util);
importClass(Packages.com.silverwrist.dynamo.UserInfoNamespace);
importPackage(Packages.com.silverwrist.dynamo.iface);
importPackage(Packages.com.silverwrist.dynamo.mail);
importClass(Packages.com.silverwrist.venice.VeniceNamespaces);
importPackage(Packages.com.silverwrist.venice.content);
importPackage(Packages.com.silverwrist.venice.session);
req = bsf.lookupBean("request"); // get request
req_help = bsf.lookupBean("request_help"); // get request
uid = req_help.getParameterString("uid");
auth = req_help.getParameterString("auth");
if ((uid==null) || (auth==null))
dynamo.scriptReturn(new ErrorBox(null,"Invalid parameters."));
user = vlib.lookupUser(req,cast.toInteger(uid));
if (user==null)
dynamo.scriptReturn(new ErrorBox(null,"User account not found."));
if (!(user.authenticate(VeniceNamespaces.SESSION_CONTROL_NAMESPACE,"password.recovery","",auth.toString())))
dynamo.scriptReturn(new ErrorBox(null,"Invalid password recovery request."));
// clear the old password recovery data
user.clearAuthenticationData(user,VeniceNamespaces.SESSION_CONTROL_NAMESPACE,"password.recovery");
// generate a new password and set it for the user
newpass = vlib.randomPassword();
user.setAuthenticationData(user,UserInfoNamespace.NAMESPACE,UserInfoNamespace.AUTH_DEFAULT,"",newpass);
// E-mail the user with a new password.
mailprov = cast.queryMailMessageProvider(req);
msg = mailprov.createSystemMessage(req);
msg.addRecipient(MailMessage.RECIP_TO,user.getEMailAddress());
globals = vcast.getGlobalPropertiesStore(req);
msg.setSubject(globals.getObject(VeniceNamespaces.MAIL_MESSAGES_NAMESPACE,
"password.change.message.title").toString());
blocks = vcast.getGlobalBlocksStore(req);
msg.setText(blocks.getObject(VeniceNamespaces.MAIL_MESSAGES_NAMESPACE,"password.change.message").toString());
msg.setVariable("username",user.getName());
msg.setVariable("password",newpass);
msg.send();
// Now pass back a "password changed" page.
vlib.setLocation(req,"top.js.vs"); // lie so we can get the "Log In" link up top
view = new VelocityView("Your Password Has Been Changed","password_changed.vm");
dynamo.scriptOutput(view);