/*Checks the incoming password reset request.
* Returns true if the password has been reset and the user received an email with his new password.
* Returns false if something went wrong, no password was reset, no mail was sent.*/
public Boolean checkResetRequestConfirmation(String token_id)
{
Boolean didReset = false;
TokenService tokenService = new TokenService();
Token token = tokenService.getByID(token_id); //Throws NoRecordException
if (token != null)
{
//give the user a new password
Customer customer = token.customer;
customer.password = CryptographyModel.encryptPassword(Util.randomString(10));
new CustomerService().updateCustomer(customer);
//send the user an email with his new password
new EmailModel().sendPasswordResetCompletedEmail(customer);
didReset = true;
//remove the token from the database so the user can't reset his password again with the same url later
if (tokenService.deleteToken(token))
{
//success
}
}
return(didReset);
}
/*Signs in the user if credentials are correct.*/
public Customer signIn(String loginName, String password)
{
Customer customer = null;
try
{
CustomerService customerService = new CustomerService();
customer = customerService.getByEmail(loginName); //Throws NoRecordException || DALException
if (CryptographyModel.decryptPassword(customer.password).Equals(password))
{
if (customer.isVerified)
{
//update user's number_of_visits
customer.numberOfVisits++;
customerService.updateCustomer(customer);
}
else
{
//user has not verified his email yet
customer = null;
}
}
else
{
//incorrect password
customer = null;
}
}
catch (NoRecordException)
{
customer = null;
}
return(customer);
}
/*Returns the status code of the attempted login.*/
public LoginStatusCode getLoginStatus(String loginName, String password)
{
try
{
Customer customer = new CustomerService().getByEmail(loginName); //Throws NoRecordException || DALException
if (CryptographyModel.decryptPassword(customer.password).Equals(password))
{
if (customer.isVerified)
{
//successfully logged in
return(LoginStatusCode.SUCCESFUL);
}
else
{
//user has not yet verified his email address
return(LoginStatusCode.NOTVERIFIED);
}
}
else
{
//incorrect password
return(LoginStatusCode.WRONGPASSWORD);
}
}
catch (NoRecordException)
{
//No user was found
return(LoginStatusCode.WRONGLOGIN);
}
}
/*Send the user an email with his new password.*/
public void sendPasswordResetCompletedEmail(Customer customer)
{
getSmtpClient().Send("*****@*****.**", customer.email, "Your Taboelaert Raesa password has been reset", "Dear " + customer.name + ",\n\n" +
"Your Taboelaert Raesa password has been reset to '" + CryptographyModel.decryptPassword(customer.password) + "'.\n\n" +
"For security reasons, we ask you to change this password the next time you log in." +
"\n\nRegards,\nThe Taboelaert Raesa team.");
}
