PFS/pfs-intra
4
0
Fork 0
Code Issues 32 Pull Requests Actions Packages Projects 2 Releases Wiki Activity

fix reset password view
Some checks failed
Builder / Build-Project (push) Failing after 2m22s
Details

Browse Source
This commit is contained in:
alex 2024-10-22 22:30:08 -04:00
parent 292825d1a8
commit 3ddacfc771
2 changed files with 13 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
src/main/java/com/primefactorsolutions/service/AccountService.java
View File

@ -6,8 +6,6 @@ import com.auth0.jwt.exceptions.JWTCreationException;
import com.auth0.jwt.exceptions.JWTVerificationException;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.auth0.jwt.interfaces.JWTVerifier;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.primefactorsolutions.model.Employee;
import lombok.extern.slf4j.Slf4j;
import org.apache.commons.lang3.StringUtils;
@ -16,14 +14,12 @@ import org.springframework.stereotype.Service;
import java.time.Instant;
import java.time.temporal.ChronoUnit;
import java.util.Map;
@Service
@Slf4j
public class AccountService {
private final EmailService emailService;
private final EmployeeService employeeService;
private final ObjectMapper objectMapper = new ObjectMapper();
private final String secret;
public AccountService(final EmailService emailService, final EmployeeService employeeService,
@ -56,14 +52,16 @@ public class AccountService {
.build();
decodedJWT = verifier.verify(token);
final Map<String, ?> payload = (Map<String, ?>) objectMapper.readValue(decodedJWT.getPayload(), Map.class);
final Instant expiry = decodedJWT.getExpiresAtAsInstant();
final String claim = decodedJWT.getClaim("username").asString();
if (Instant.parse((String) payload.get("expire")).isBefore(Instant.now())
|| !username.equals(payload.get("username"))) {
log.warn("token invalid {} {} {}", username, payload.get("username"), payload.get("expire"));
if (expiry.isBefore(Instant.now())
|| !username.equals(claim)) {
log.warn("token invalid {} {} {}", username, claim, expiry);
return;
}
} catch (JWTVerificationException | JsonProcessingException e) {
} catch (JWTVerificationException e) {
log.warn("error updating password", e);
return;
}
@ -79,6 +77,8 @@ public class AccountService {
}
employeeService.updatePassword(employee, newPassword);
log.info("updated password for {}", username);
}
private String createResetPasswordLink(final String username) {
@ -88,10 +88,10 @@ public class AccountService {
Algorithm algorithm = Algorithm.HMAC512(secret);
token = JWT.create()
.withIssuer("pfs")
.withPayload(objectMapper.writeValueAsString(Map.of("username", username,
"expire", Instant.now().plus(1, ChronoUnit.HOURS).toString())))
.withClaim("username", username)
.withExpiresAt(Instant.now().plus(1, ChronoUnit.HOURS))
.sign(algorithm);
} catch (JWTCreationException | JsonProcessingException e) {
} catch (JWTCreationException e) {
throw new RuntimeException(e);
}

2
src/main/java/com/primefactorsolutions/service/EmployeeService.java
View File

@ -18,7 +18,7 @@ import java.util.Collections;
@Service
@AllArgsConstructor
public class EmployeeService {
private static final String USERPASSWORD = "userpassword";
private static final String USERPASSWORD = "userPassword";
private static final String OBJECTCLASS = "objectclass";
private static final String ORGANIZATIONAL_PERSON = "organizationalPerson";
private static final String INET_ORG_PERSON = "inetOrgPerson";