added option to change password in settings

Erudika · Aug 14, 2017 · a540447 · a540447
1 parent cf679d1
commit a540447
Show file tree

Hide file tree

Showing 5 changed files with 46 additions and 3 deletions.
diff --git a/src/main/java/com/erudika/scoold/controllers/SettingsController.java b/src/main/java/com/erudika/scoold/controllers/SettingsController.java
@@ -17,6 +17,10 @@
  */
 package com.erudika.scoold.controllers;
 
+import com.erudika.para.core.Sysprop;
+import com.erudika.para.core.User;
+import com.erudika.para.utils.Config;
+import com.erudika.para.utils.Utils;
 import static com.erudika.scoold.ScooldServer.HOMEPAGE;
 import static com.erudika.scoold.ScooldServer.MAX_FAV_TAGS;
 import static com.erudika.scoold.ScooldServer.settingslink;
@@ -66,6 +70,7 @@ public String get(HttpServletRequest req, Model model) {
 	@PostMapping
     public String post(@RequestParam(required = false) String tags, @RequestParam(required = false) String latlng,
 			@RequestParam(required = false) String replyEmailsOn, @RequestParam(required = false) String commentEmailsOn,
+			@RequestParam(required = false) String oldpassword, @RequestParam(required = false) String newpassword,
 			HttpServletRequest req) {
 		if (utils.isAuthenticated(req)) {
 			Profile authUser = utils.getAuthUser(req);
@@ -84,6 +89,10 @@ public String post(@RequestParam(required = false) String tags, @RequestParam(re
 			authUser.setReplyEmailsEnabled(Boolean.valueOf(replyEmailsOn));
 			authUser.setCommentEmailsEnabled(Boolean.valueOf(commentEmailsOn));
 			authUser.update();
+
+			if (resetPasswordAndUpdate(authUser.getUser(), oldpassword, newpassword)) {
+				return "redirect:" + settingslink + "?passChanged=true";
+			}
 		}
 		return "redirect:" + settingslink;
 	}
@@ -96,4 +105,18 @@ public String deleteAccount(HttpServletRequest req, HttpServletResponse res) {
 		}
 		return "redirect:" + signinlink + "?code=4&success=true";
 	}
+
+	private boolean resetPasswordAndUpdate(User u, String pass, String newpass) {
+		if (u != null && !StringUtils.isBlank(pass) && !StringUtils.isBlank(newpass)) {
+			Sysprop s = utils.getParaClient().read(u.getEmail());
+			if (s != null && Utils.bcryptMatches(pass, (String) s.getProperty(Config._PASSWORD))) {
+				String hashed = Utils.bcrypt(newpass);
+				s.addProperty(Config._PASSWORD, hashed);
+				u.setPassword(hashed);
+				utils.getParaClient().update(s);
+				return true;
+			}
+		}
+		return false;
+	}
 }
diff --git a/src/main/resources/lang_bg.properties b/src/main/resources/lang_bg.properties
@@ -146,6 +146,8 @@ points = \u0442\u043e\u0447\u043a\u0438
 learnmore = \u041d\u0430\u0443\u0447\u0435\u0442\u0435 \u043f\u043e\u0432\u0435\u0447\u0435
 posts = \u041f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438
 created = \u0421\u044a\u0437\u0434\u0430\u0434\u0435\u043d\u0430
+password = \u041f\u0430\u0440\u043e\u043b\u0430
+newpassword = \u041d\u043e\u0432\u0430 \u043f\u0430\u0440\u043e\u043b\u0430
 
 humantime.s = \u043f\u0440\u0435\u0434\u0438 {0} \u0441\u0435\u043a\u0443\u043d\u0434\u0438
 humantime.m = \u043f\u0440\u0435\u0434\u0438 {0} \u043c\u0438\u043d\u0443\u0442\u0438

diff --git a/src/main/resources/lang_en.properties b/src/main/resources/lang_en.properties
@@ -146,6 +146,8 @@ points = points
 learnmore = Learn more
 posts = Posts
 created = Created
+password = Password
+newpassword = New password
 
 humantime.s = {0} seconds ago
 humantime.m = {0} minutes ago

diff --git a/src/main/resources/templates/settings.vm b/src/main/resources/templates/settings.vm
@@ -39,6 +39,22 @@
 				<input type="hidden" name="tags" class="ac-hidden" value="$!authUser.favtagsString">
 			</div>
 
+			#if($authUser.user.identityProvider == "generic")
+				<h4>$!lang.get('password')
+					#if($request.getParameter("passChanged"))
+						<small class="green-text"><i class="fa fa-check"></i></small>
+					#end
+				</h4>
+				<div class="row">
+					<div class="col m3">
+						<input type="password" name="oldpassword" value="" minlength="6" placeholder="$!lang.get('password')" required>
+					</div>
+					<div class="col m3">
+						<input type="password" name="newpassword" value="" minlength="6" placeholder="$!lang.get('newpassword')" required>
+					</div>
+				</div>
+			#end
+
 			<h4>$!lang.get('settings.notifications')</h4>
 			<p class="mvl grey-text text-darken-2">$!lang.get('signup.form.email'): <tt>$!authUser.user.email</tt></p>
 			<div class="mbm">

diff --git a/src/main/resources/templates/signin.vm b/src/main/resources/templates/signin.vm
@@ -25,7 +25,7 @@
 								#getmessagebox("red white-text" $error.get("email"))
 							</div>
 							<div class="mvm">
-								<input id="passw" type="password" name="passw" value="" minlength="6" placeholder="Password" required>
+								<input id="passw" type="password" name="passw" value="" minlength="6" placeholder="$!lang.get('password')" required>
 							</div>
 							<button type="submit" class="btn">$!lang.get('signup.title')</button>
 						</form>
@@ -66,7 +66,7 @@
 									<input id="email" type="email" value="" placeholder="Email" required>
 								</div>
 								<div class="mvm">
-									<input id="passw" type="password" value="" minlength="6" placeholder="Password" required>
+									<input id="passw" type="password" value="" minlength="6" placeholder="$!lang.get('password')" required>
 								</div>
 								<input type="hidden" name="provider" value="password">
 								<input type="hidden" name="access_token" value="">
@@ -86,7 +86,7 @@
 									<input id="username" type="text" value="" placeholder="Username" required>
 								</div>
 								<div class="mvm">
-									<input id="password" type="password" value="" placeholder="Password" required>
+									<input id="password" type="password" value="" placeholder="$!lang.get('password')" required>
 								</div>
 								<input type="hidden" name="provider" value="ldap">
 								<input type="hidden" name="access_token" value="">