忘记密码
通过邮箱来做忘记密码功能
controller:
@RequestMapping(value = "/getpwd")
public String getpwd() {
return "/getpwd";
}
@RequestMapping(value = "/getpwd", method = RequestMethod.POST)
public String getpwd(String email,Model model, HttpServletRequest request) {
User u = userService.findByEmail(email);
if (u != null) {
PasswordUserHelper helper = new PasswordUserHelper();
helper.setAccountId(u.getId());
helper.setGenerateTime(new Date());
passwordUserHelperService.save(helper);
String serverName = request.getServerName();
int remotePort = request.getServerPort();
String domian = serverName.substring(serverName.indexOf(".") + 1);
if (serverName.split("\\" + ".").length < 3) {
domian = serverName;
}
String basePath = domian + (remotePort == 80 ? "" : (":" + remotePort))
+ request.getContextPath();
request.setAttribute("basePath", basePath);
System.out.println(request.getAttribute("basePath"));
Object[] parameters = { u.getName(), helper.getId(), request.getAttribute("basePath")};
String to = email;
String subject = i18n("fetch.password.subject");
String content = i18n("fetch.password.body", parameters, null);
sendMailToFetchPassword(to, subject, content);
model.addAttribute("uuid", helper.getId());
} else {
model.addAttribute("errorMessage","errorMessage");
return "/getpwd";
}
return "/getpwd_wait";
}
@ResponseBody
@RequestMapping(value = "/regetpwd")
public void reSendFetchPasswordMail(String uuid, HttpServletRequest request) {
PasswordUserHelper helper = passwordUserHelperService.findById(uuid);
if(helper !=null){
User u = userService.findById(helper.getAccountId());
String serverName = request.getServerName();
int remotePort = request.getServerPort();
String domian = serverName.substring(serverName.indexOf(".") + 1);
if (serverName.split("\\" + ".").length < 3) {
domian = serverName;
}
String basePath = domian + (remotePort == 80 ? "" : (":" + remotePort))
+ request.getContextPath();
request.setAttribute("basePath", basePath);
Object[] parameters = {u.getName(), helper.getId(), request.getAttribute("basePath")};
String to = u.getEmail();
String subject = i18n("fetch.password.subject");
String content = i18n("fetch.password.body", parameters, null);
sendMailToFetchPassword(to, subject, content);
}
}
@RequestMapping(value = "/fetchpassword",params={"id"})
public String fetchpassword(String id,ModelMap model) {
model.addAttribute("uuid", id);
return "/fetchpassword";
}
@RequestMapping(value = "/fetchpassword",params={"uuid"},method=RequestMethod.POST)
public String changepassword(String uuid,ModelMap model,String password,HttpServletRequest request) {
PasswordUserHelper helper = passwordUserHelperService.findById(uuid);
if(helper !=null){
User u = userService.findById(helper.getAccountId());
password = CommonUtils.getMD5(password);
u.setPassword(password);
userService.update(u);
String serverName = request.getServerName();
int remotePort = request.getServerPort();
String domian = serverName.substring(serverName.indexOf(".") + 1);
if (serverName.split("\\" + ".").length < 3) {
domian = serverName;
}
String basePath = domian + (remotePort == 80 ? "" : (":" + remotePort))
+ request.getContextPath();
model.addAttribute("basePath",basePath );
}
return "/fetchpassword_success";
}
protected String i18n(String message) {
return messageSource.getMessage(message, null, null);
}
protected String i18n(String message,Object[] prams,Locale locale) {
return messageSource.getMessage(message, prams, locale);
}
private void sendMailToFetchPassword(String to,String subject,String content){
final String _to = to;
final String _subject = subject;
final String _content = content;
new Thread(new Runnable() {
@Override
public void run() {
try {
mailService.sendHtmlMail(_to, _subject, _content);
} catch (MessagingException e) {
String msg = String.format("Error when send mail to %s[fetch passwod]", _to);
LOGGER.error(msg, e);
}
}
}).start();
}
PasswordUserHelper这个类很重要,为了安全,不透露ID的:
@Entity
@Table(name = "passwordUserhelper")
public class PasswordUserHelper extends BasicEntity implements Serializable{
public String getId() {
return id;
}
public void setId(String id) {
this.id = id;
}
public Date getGenerateTime() {
return generateTime;
}
public void setGenerateTime(Date generateTime) {
this.generateTime = generateTime;
}
public Long getAccountId() {
return accountId;
}
public void setAccountId(Long accountId) {
this.accountId = accountId;
}
private static final long serialVersionUID = 1L;
@Id
@GenericGenerator(name="idGenerator", strategy="uuid")
@GeneratedValue(generator="idGenerator")
private String id;
private Long accountId;
private Date generateTime;
}
service:
@Service
public class MailServiceImpl implements MailService{
private static final Logger LOGGER = LoggerFactory.getLogger(MailServiceImpl.class);
@Autowired
private JavaMailSender mailSender;
@Override
public void sendHtmlMail(String to, String subject, String htmlContent) throws MessagingException {
MimeMessage message = mailSender.createMimeMessage();
// use the true flag to indicate you need a multipart message
MimeMessageHelper helper = new MimeMessageHelper(message, true, "UTF-8");
helper.setTo(to);
helper.setSubject(subject);
// use the true flag to indicate the text included is HTML
helper.setText(htmlContent, true);
mailSender.send(message);
}
public void sendMail(final String to,final String subject,final String body){
Runnable r = new Runnable() {
@Override
public void run() {
try {
sendHtmlMail(to, subject, body);
} catch (MessagingException e) {
LOGGER.error(String.format("Error when send mail to %s", to),e);
}
}
};
new Thread(r).start();
}
}
@Service
public class PasswordUserHelperServiceImpl implements PasswordUserHelperService{
@Autowired
private PasswordUserHelperDao passwordUserHelperDao;
@Autowired
private UserDao userDao;
@Transactional
@Override
public void save(PasswordUserHelper entity) {
passwordUserHelperDao.save(entity);
}
@Transactional
@Override
public void delete(String id) {
passwordUserHelperDao.delete(id);
}
@Transactional
@Override
public void update(PasswordUserHelper t) {
passwordUserHelperDao.update(t);
}
@Override
public PasswordUserHelper findById(String id) {
return passwordUserHelperDao.findById(id);
}
@SuppressWarnings("deprecation")
@Transactional(noRollbackFor=TimeoutException.class)
@Override
public User fetchPassword(String uuid, String password) throws NoSuchAlgorithmException, UnsupportedEncodingException, ItemNotFoundException {
User user= null;
Date now = new Date();
PasswordUserHelper helper = findById(uuid);
if(helper==null){
throw new ItemNotFoundException();
}
Long dis = now.getTime() - helper.getGenerateTime().getTime();
if(dis - 30 * 60 * 1000 > 0){
delete(uuid);
try {
throw new TimeoutException();
} catch (TimeoutException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
user = userDao.findById(helper.getAccountId());
if(user != null){
PassAndSalt passAndSalt = PasswordEncoder.saltEncode(password);
user.setPassword(passAndSalt.getSalt());
//user.setSalt(passAndSalt.getSalt());
userDao.update(user);
delete(uuid);
}
return user;
}
}
还有个很重要的配置,邮箱配置:
<bean id="mailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl">
<property name="host" value="xxx" />
<property name="port" value="xxx" />
<property name="username" value="xxx" />
<property name="password" value="xxx" />
<property name="javaMailProperties">
<props>
<!-- Use SMTP transport protocol -->
<prop key="mail.transport.protocol">smtp</prop>
<!-- Use SMTP-AUTH to authenticate to SMTP server -->
<prop key="mail.smtp.auth">true</prop>
<!-- Use TLS to encrypt communication with SMTP server -->
<prop key="mail.smtp.starttls.enable">true</prop>
<prop key="mail.debug">false</prop>
</props>
</property>
</bean>
具体参照svn