Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- if (action.equals("forgotPassword")) {
- String email = request.getParameter("forgotemail");
- String question = request.getParameter("forgotquestionNo");
- String answer = request.getParameter("forgotanswer");
- String UserQuestion;
- String UserAnswer;
- String forgotmessage = "";
- String saltedAndHashedPassword;
- User user = UserDB.select(email);
- if (user != null) {
- UserQuestion = user.getQuestionNo();
- UserAnswer = user.getAnswer();
- if (question.equals(UserQuestion) && answer.equals(UserAnswer)) {
- String FullName = user.getFullName();
- String salt = user.getSalt();
- int length = 8;
- String chars = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
- + "abcdefghijklmnopqrstuvwxyz"
- + "0123456789";
- String generatedString = new Random().ints(length, 0, chars.length())
- .mapToObj(i -> "" + chars.charAt(i))
- .collect(Collectors.joining());
- try {
- salt = user.getSalt();
- saltedAndHashedPassword = PasswordUtil.hashAndSaltPassword(generatedString, salt);
- user.setPassword(saltedAndHashedPassword);
- UserDB.updatePassword(email, saltedAndHashedPassword);
- } catch (NoSuchAlgorithmException ex) {
- Logger.getLogger(membershipServlet.class.getName()).log(Level.SEVERE, null, ex);
- } catch (SQLException ex) {
- Logger.getLogger(membershipServlet.class.getName()).log(Level.SEVERE, null, ex);
- } catch (ClassNotFoundException ex) {
- Logger.getLogger(membershipServlet.class.getName()).log(Level.SEVERE, null, ex);
- }
- // send email to user
- String to = email;
- String from = "email_list@murach.com";
- String subject = "Password Reset";
- String body = "Dear " + FullName + ",\n\n"
- + "Here is your new password: \n"
- + generatedString + "\n"
- + "Have a great day and thanks again!\n\n"
- + "Mini-Twitter\n"
- + "Gordon Zhong & Dominic Vu";
- boolean isBodyHTML = false;
- try {
- MailUtilGmail.sendMail(to, from, subject, body, isBodyHTML);
- } catch (MessagingException e) {
- String errorMessage
- = e.getMessage();
- request.setAttribute("errorMessage", errorMessage);
- this.log(" ");
- }
- forgotmessage = "Email Sent!";
- request.setAttribute("forgotmessage", forgotmessage);
- url = "/login.jsp";
- } else {
- forgotmessage = "Information Incorrect";
- request.setAttribute("forgotmessage", forgotmessage);
- url = "/forgotpassword.jsp";
- }
- } else {
- forgotmessage = "Information Incorrect";
- request.setAttribute("forgotmessage", forgotmessage);
- url = "/forgotpassword.jsp";
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement