Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- function changePassword(email, oldPassword, newPassword) {
- var user = getUser(email);
- var oldPasswordDecrypted = decrypt(oldPassword)
- var newPasswordDecrypted = decrypt(newPassword)
- var existingPasswordDecrypted = decrypt(user.password)
- if (user === null || existingPasswordDecrypted !== oldPasswordDecrypted) {
- throw new EmailPasswordMissMatchException();
- }
- if (oldPasswordDecrypted === newPasswordDecrypted) {
- throw new PasswordAlreadyInUseException();
- }
- if (user.isAdmin) {
- changeAdminPassword(user, newPassword);
- } else {
- changeUserPassword(user, oldPassword, newPassword);
- }
- }
- function changeUserPassword(user, newPassword) {
- if (!user.isEnabled) {
- throw new UnsupporedOperationException();
- }
- try {
- user.password = newPassword;
- save(user);
- // clear the session when the user changes the password
- // so that he/she has to log in again
- clearSession(user);
- } catch (e) {
- throw new SomethingWentWrongException();
- }
- }
- function changeAdminPassword(user, oldPassword, newPassword) {
- var isError = false;
- try {
- user.password = newPassword;
- save(user);
- // clear the session when the user changes the password
- // so that he/she has to log in again
- clearSession(user);
- } catch (e) {
- isError = true;
- throw new SomethingWentWrongException();
- } finally {
- if (!isError) {
- sendPasswordChangeConfirmationEmails(user);
- }
- }
- }
- function sendPasswordChangeConfirmationEmails(user) {
- var emails = user.getEmails();
- var token = generatePasswordRevertToken(user.email, user.password);
- for (i = 0; i < emails.length; i++) {
- // Confirm with admin that he as in fact changed the password,
- // if he has not, give him option to reset the password using token
- sendConfirmationEmail(email[i], token);
- }
- }
Add Comment
Please, Sign In to add comment