Skip to content

Commit 97aff8c

Browse files
car031car031
committed
disable psw recovery ticket once used for first time
1 parent 2a6ffa6 commit 97aff8c

File tree

1 file changed

+11
-13
lines changed

1 file changed

+11
-13
lines changed

logicaldoc-webapp/src/main/java/com/logicaldoc/web/PswRecovery.java

Lines changed: 11 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ public class PswRecovery extends HttpServlet {
4646

4747
private static final long serialVersionUID = 9088160958327454062L;
4848

49-
private static final Logger log = LoggerFactory.getLogger(PswRecovery.class);
49+
protected static Logger log = LoggerFactory.getLogger(PswRecovery.class);
5050

5151
/**
5252
* Constructor of the object.
@@ -85,20 +85,23 @@ public void doGet(HttpServletRequest request, HttpServletResponse response) thro
8585

8686
log.debug("Recover password for ticket with ticketId={}", ticketId);
8787

88-
TicketDAO ticketDao = Context.get(TicketDAO.class);
88+
TicketDAO ticketDao = Context.get().getBean(TicketDAO.class);
8989
Ticket ticket = ticketDao.findByTicketId(ticketId);
9090

9191
if ((ticket != null) && ticket.getType() == Ticket.PSW_RECOVERY) {
92-
9392
if (ticket.isTicketExpired()) {
9493
response.getWriter().println("Request has exprired");
9594
return;
95+
} else {
96+
ticket.setCount(ticket.getCount() + 1);
97+
ticket.setEnabled(0);
98+
ticketDao.store(ticket);
9699
}
97100

98-
UserDAO userDao = Context.get(UserDAO.class);
101+
UserDAO userDao = Context.get().getBean(UserDAO.class);
99102
User user = userDao.findById(Long.parseLong(userId));
100103

101-
sendEmail(request, response, tenant, ticket, user);
104+
sendEmail(request, response, tenant, user);
102105
}
103106
} catch (Exception e) {
104107
log.error(e.getMessage(), e);
@@ -115,8 +118,8 @@ private void writeResponse(HttpServletResponse response, String message) {
115118
}
116119
}
117120

118-
private void sendEmail(HttpServletRequest request, HttpServletResponse response, String tenant, Ticket ticket,
119-
User user) throws IOException, PersistenceException, MessagingException, NoSuchAlgorithmException,
121+
private void sendEmail(HttpServletRequest request, HttpServletResponse response, String tenant, User user)
122+
throws IOException, PersistenceException, MessagingException, NoSuchAlgorithmException,
120123
AutomationException {
121124

122125
EMail email = new EMail();
@@ -137,7 +140,7 @@ private void sendEmail(HttpServletRequest request, HttpServletResponse response,
137140
user.setPasswordChanged(new Date());
138141
user.setPasswordExpired(1);
139142

140-
UserDAO userDao = Context.get(UserDAO.class);
143+
UserDAO userDao = Context.get().getBean(UserDAO.class);
141144
userDao.store(user);
142145

143146
Locale locale = user.getLocale();
@@ -162,11 +165,6 @@ private void sendEmail(HttpServletRequest request, HttpServletResponse response,
162165
sender.send(email, "psw.rec1", dictionary);
163166

164167
response.getWriter().println(String.format("A message was sent to %s", user.getEmail()));
165-
166-
ticket.setCount(ticket.getCount() + 1);
167-
168-
TicketDAO ticketDao = Context.get(TicketDAO.class);
169-
ticketDao.store(ticket);
170168
}
171169

172170
/**

0 commit comments

Comments
 (0)