From 223597fa155da2e42d24b5a54bed41a63f3cfef4 Mon Sep 17 00:00:00 2001
From: Sofia Baltzi <>
Date: Thu, 12 Oct 2017 09:59:36 +0000
Subject: [PATCH] Fic errors! It works!

---
 .../usermanagement/ForgotPasswordServlet.java | 32 ++++++++++++++-----
 .../usermanagement/RemindUsernameServlet.java | 16 +++++++---
 .../usermanagement/ResetPasswordServlet.java  | 31 +++++++++++++++---
 src/main/webapp/remindUsername.jsp            |  2 +-
 src/main/webapp/resetPassword.jsp             |  5 +--
 src/main/webapp/verify.jsp                    |  1 +
 6 files changed, 68 insertions(+), 19 deletions(-)

diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/ForgotPasswordServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/ForgotPasswordServlet.java
index c677a13..06a420a 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/ForgotPasswordServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/ForgotPasswordServlet.java
@@ -8,6 +8,7 @@ import org.apache.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.context.support.SpringBeanAutowiringSupport;
 
+import javax.servlet.RequestDispatcher;
 import javax.servlet.ServletConfig;
 import javax.servlet.ServletException;
 import javax.servlet.http.HttpServlet;
@@ -46,8 +47,6 @@ public class ForgotPasswordServlet extends HttpServlet {
 
         String formEmail = request.getParameter("email");
 
-        logger.debug("I am in do post for " + formEmail);
-        
         if (formEmail == null) {
             request.getSession().setAttribute("message", "Error reading email.");
             response.sendRedirect("./forgotPassword.jsp");
@@ -56,7 +55,6 @@ public class ForgotPasswordServlet extends HttpServlet {
         try {
 
             String username = ldapActions.getUsername(formEmail);
-
             if (username == null) {
                 request.getSession().setAttribute("message", "User does not exist.");
                 response.sendRedirect("./forgotPassword.jsp");
@@ -67,8 +65,6 @@ public class ForgotPasswordServlet extends HttpServlet {
 
                 Timestamp timestamp = new Timestamp(creationDate.getTime());
 
-                //logger.info("verificationCode = " + verificationCode);
-
                 if (!verificationActions.verificationEntryExists(username)) {
                     verificationActions.addVerificationEntry(username, verificationCode.toString(), timestamp);
 
@@ -82,15 +78,13 @@ public class ForgotPasswordServlet extends HttpServlet {
                         "password, you will need to submit this verification code in order to verify that the\n" +
                         "request was legitimate.\n" +
                         "\n" +
-                        "The verification code is" + verificationCode.toString() + "\n Thank you";
+                        "The verification code is " + verificationCode.toString() + "\n Thank you";
 
                 String verificationCodeSubject = "Your OpenAIRE password reset request";
 
                 emailSender.sendEmail(formEmail, verificationCodeSubject, verificationCodeMsg);
-
             }
 
-
         } catch (LDAPException ldape) {
             //TODO create error page
             request.getSession().setAttribute("message", "Error sending email.");
@@ -98,6 +92,28 @@ public class ForgotPasswordServlet extends HttpServlet {
         }
 
         response.setContentType("text/html");
+//        try {
+////            request.getSession().setAttribute("email", formEmail);
+////            request.getSession().setAttribute("username", ldapActions.getUsername(formEmail));
+////            request.setAttribute("email", formEmail);
+//            request.setAttribute("username", ldapActions.getUsername(formEmail));
+//            RequestDispatcher rd = request.getRequestDispatcher("./verify.jsp");
+//            rd.forward(request, response);
+////            RequestDispatcher rd = request.getRequestDispatcher("ForgotPasswordServlet");
+////            rd.forward(request, response);
+////
+////            logger.info("Stelnwwww");
+////
+//        } catch (LDAPException e) {
+//            e.printStackTrace();
+//            logger.info("LDAP error" + e);
+//            request.getSession().setAttribute("message", "Error getting username.");
+//            response.sendRedirect("./forgotPassword.jsp");
+//        } catch (ServletException ex) {
+//            ex.printStackTrace();
+//            logger.info("Dispacher error" + ex);
+//        }
+
         response.sendRedirect("./verify.jsp");
     }
 
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/RemindUsernameServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/RemindUsernameServlet.java
index c0d3869..f937a43 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/RemindUsernameServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/RemindUsernameServlet.java
@@ -1,6 +1,7 @@
 package eu.dnetlib.openaire.usermanagement;
 
 import com.unboundid.ldap.sdk.LDAPException;
+import eu.dnetlib.openaire.user.utils.EmailSender;
 import eu.dnetlib.openaire.user.utils.LDAPActions;
 import org.apache.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -29,7 +30,8 @@ public class RemindUsernameServlet extends HttpServlet {
     @Autowired
     private LDAPActions ldapActions;
 
-    //private EmailActions emailActions;
+    @Autowired
+    private EmailSender emailSender;
 
     private Logger logger = Logger.getLogger(RemindUsernameServlet.class);
 
@@ -44,15 +46,21 @@ public class RemindUsernameServlet extends HttpServlet {
 
         try{
             String username = ldapActions.getUsername(formEmail);
-            if ( username != null && !username.isEmpty()) {
-                //emailActions.sendUsernameReminder(formEmail);
+            if (username != null && !username.isEmpty()) {
+
+                String verificationCodeMsg = "Hello,\n" +
+                        "\n" + "A username reminder has been requested for your OpenAIRE account.\n" +
+                        " Your username is "+ username + ". Thank you. ";
+
+                String verificationCodeSubject = "Your OpenAIRE username";
+
+                emailSender.sendEmail(formEmail, verificationCodeSubject, verificationCodeMsg);
 
             } else {
                 request.getSession().setAttribute("message", "User not found");
                 response.sendRedirect("./remindUsername.jsp");
             }
 
-
         } catch (LDAPException ldape) {
             //TODO create error page
             logger.error("Could not find user with email " + formEmail, ldape);
diff --git a/src/main/java/eu/dnetlib/openaire/usermanagement/ResetPasswordServlet.java b/src/main/java/eu/dnetlib/openaire/usermanagement/ResetPasswordServlet.java
index 2775842..c722191 100644
--- a/src/main/java/eu/dnetlib/openaire/usermanagement/ResetPasswordServlet.java
+++ b/src/main/java/eu/dnetlib/openaire/usermanagement/ResetPasswordServlet.java
@@ -2,6 +2,7 @@ package eu.dnetlib.openaire.usermanagement;
 
 import eu.dnetlib.openaire.user.utils.LDAPActions;
 import eu.dnetlib.openaire.user.utils.VerificationActions;
+import org.apache.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.web.context.support.SpringBeanAutowiringSupport;
 
@@ -30,17 +31,39 @@ public class ResetPasswordServlet extends HttpServlet {
     @Autowired
     private LDAPActions ldapActions;
 
+    private Logger logger = Logger.getLogger(ResetPasswordServlet.class);
+
     @Override
     protected void doPost(HttpServletRequest request, HttpServletResponse response) throws IOException {
         response.setContentType("text/html");
         PrintWriter printWriter = response.getWriter();
 
+        String username = request.getParameter("username");
         String password = request.getParameter("password");
-        String confirmPassword = request.getParameter("confirmPassword");
+        String confirmPassword = request.getParameter("password_conf");
 
-        if (password.equals(confirmPassword)) {
-            //TODO update ldap
-            //ldapActions.update()
+        //logger.info("username: " + username);
+        logger.info("password: " + password);
+        logger.info("confirmPassword: " + confirmPassword);
+
+        //String username = (String)request.getAttribute("username");
+
+        logger.info("username: " + username);
+
+        if (password.equals(confirmPassword) && username != null) {
+
+
+            logger.info("username: " + username);
+            try {
+
+                ldapActions.resetPassword(username, password);
+                logger.info("password reseted");
+
+            } catch (Exception e) {
+                e.printStackTrace();
+                request.getSession().setAttribute("message", "Error reseting password.");
+                response.sendRedirect("./verify.jsp");
+            }
         }
 
         response.sendRedirect("./success.jsp");
diff --git a/src/main/webapp/remindUsername.jsp b/src/main/webapp/remindUsername.jsp
index 27d9a8b..b6139f8 100644
--- a/src/main/webapp/remindUsername.jsp
+++ b/src/main/webapp/remindUsername.jsp
@@ -36,7 +36,7 @@
     </div>
     <div class=" uk-section  uk-margin-small-top tm-middle custom-main-content" id="tm-main">
       <div class="uk-container uk-container-small uk-margin-medium-top  uk-margin-small-bottom uk-text-center">
-        <h2 class="uk-h2 uk-margin-small-bottom">Forgot usernmame</h2>
+        <h2 class="uk-h2 uk-margin-small-bottom">Forgot usermame</h2>
         <div uk-grid="" class="uk-grid uk-grid-stack">
           <div class="tm-main uk-width-1-2@s uk-width-1-1@m  uk-width-1-1@l uk-row-first uk-first-column uk-align-center">
             <div class="uk-grid ">
diff --git a/src/main/webapp/resetPassword.jsp b/src/main/webapp/resetPassword.jsp
index 1807dd5..89cb875 100644
--- a/src/main/webapp/resetPassword.jsp
+++ b/src/main/webapp/resetPassword.jsp
@@ -47,7 +47,8 @@
                   <div class="uk-width-1-3@m uk-align-center">
                       <!-- REGISTER FORM -->
                       <div id="registerForm">
-                        <form target="changePassword" method="POST" role="form" class="m-t" id="register_form" >
+                        <form action="resetPassword" method="POST" role="form" class="m-t" id="register_form" >
+                          <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
                           <div class="alert alert-success" aria-hidden="true" style="display: none;"></div>
                           <div class="alert alert-danger" aria-hidden="true" style="display: none;"></div>
                             <div class="form-group">
@@ -58,7 +59,7 @@
                                 <input id="password_conf" name="password_conf" type="password" placeholder="Confirm password" class="form-control"></div>
                               <div class="uk-margin uk-grid-small uk-child-width-auto uk-grid uk-text-left uk-grid-stack" uk-grid="">
                               <div class="uk-width-1-1 uk-grid-margin uk-first-column">
-                                <button type="button" class="uk-button uk-button-primary" onclick="return validateForm();">Submit</button>
+                                <button type="submit" class="uk-button uk-button-primary" onclick="return validateForm();">Submit</button>
                               </div>
                             </div>
                         </form>
diff --git a/src/main/webapp/verify.jsp b/src/main/webapp/verify.jsp
index 04cd530..f5cae9d 100644
--- a/src/main/webapp/verify.jsp
+++ b/src/main/webapp/verify.jsp
@@ -49,6 +49,7 @@
                       <div id="registerForm">
                         <form action="verifyCode" method="POST" role="form" class="m-t" id="register_form">
                           <input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
+                          <%--<input type="hidden" name="username" value="${username}"/>--%>
                           <div class="alert alert-success" aria-hidden="true" style="display: none;"></div>
                           <div class="alert alert-danger" aria-hidden="true" style="display: none;"></div>
                             <div class="form-group">