001
014
015 package com.liferay.portlet.login.action;
016
017 import com.liferay.portal.NoSuchUserException;
018 import com.liferay.portal.RequiredReminderQueryException;
019 import com.liferay.portal.SendPasswordException;
020 import com.liferay.portal.UserActiveException;
021 import com.liferay.portal.UserEmailAddressException;
022 import com.liferay.portal.UserReminderQueryException;
023 import com.liferay.portal.kernel.captcha.CaptchaException;
024 import com.liferay.portal.kernel.captcha.CaptchaTextException;
025 import com.liferay.portal.kernel.captcha.CaptchaUtil;
026 import com.liferay.portal.kernel.language.LanguageUtil;
027 import com.liferay.portal.kernel.servlet.SessionErrors;
028 import com.liferay.portal.kernel.util.ParamUtil;
029 import com.liferay.portal.kernel.util.Validator;
030 import com.liferay.portal.model.Company;
031 import com.liferay.portal.model.User;
032 import com.liferay.portal.security.auth.PrincipalException;
033 import com.liferay.portal.service.UserLocalServiceUtil;
034 import com.liferay.portal.struts.PortletAction;
035 import com.liferay.portal.theme.ThemeDisplay;
036 import com.liferay.portal.util.PortalUtil;
037 import com.liferay.portal.util.PropsValues;
038 import com.liferay.portal.util.WebKeys;
039 import com.liferay.portlet.login.util.LoginUtil;
040
041 import javax.portlet.ActionRequest;
042 import javax.portlet.ActionResponse;
043 import javax.portlet.PortletConfig;
044 import javax.portlet.PortletPreferences;
045 import javax.portlet.PortletSession;
046 import javax.portlet.RenderRequest;
047 import javax.portlet.RenderResponse;
048
049 import org.apache.struts.action.ActionForm;
050 import org.apache.struts.action.ActionForward;
051 import org.apache.struts.action.ActionMapping;
052
053
057 public class ForgotPasswordAction extends PortletAction {
058
059 @Override
060 public void processAction(
061 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
062 ActionRequest actionRequest, ActionResponse actionResponse)
063 throws Exception {
064
065 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
066 WebKeys.THEME_DISPLAY);
067
068 Company company = themeDisplay.getCompany();
069
070 if (!company.isSendPassword() && !company.isSendPasswordResetLink()) {
071 throw new PrincipalException();
072 }
073
074 try {
075 if (PropsValues.USERS_REMINDER_QUERIES_ENABLED) {
076 checkReminderQueries(actionRequest, actionResponse);
077 }
078 else {
079 checkCaptcha(actionRequest);
080
081 sendPassword(actionRequest, actionResponse);
082 }
083 }
084 catch (Exception e) {
085 if (e instanceof CaptchaTextException ||
086 e instanceof NoSuchUserException ||
087 e instanceof RequiredReminderQueryException ||
088 e instanceof SendPasswordException ||
089 e instanceof UserActiveException ||
090 e instanceof UserEmailAddressException ||
091 e instanceof UserReminderQueryException) {
092
093 SessionErrors.add(actionRequest, e.getClass());
094 }
095 else {
096 PortalUtil.sendError(e, actionRequest, actionResponse);
097 }
098 }
099 }
100
101 @Override
102 public ActionForward render(
103 ActionMapping mapping, ActionForm form, PortletConfig portletConfig,
104 RenderRequest renderRequest, RenderResponse renderResponse)
105 throws Exception {
106
107 ThemeDisplay themeDisplay = (ThemeDisplay)renderRequest.getAttribute(
108 WebKeys.THEME_DISPLAY);
109
110 Company company = themeDisplay.getCompany();
111
112 if (!company.isSendPassword() && !company.isSendPasswordResetLink()) {
113 return mapping.findForward("portlet.login.login");
114 }
115
116 renderResponse.setTitle(themeDisplay.translate("forgot-password"));
117
118 return mapping.findForward("portlet.login.forgot_password");
119 }
120
121 protected void checkCaptcha(ActionRequest actionRequest)
122 throws CaptchaException {
123
124 if (PropsValues.CAPTCHA_CHECK_PORTAL_SEND_PASSWORD) {
125 CaptchaUtil.check(actionRequest);
126 }
127 }
128
129 protected void checkReminderQueries(
130 ActionRequest actionRequest, ActionResponse actionResponse)
131 throws Exception {
132
133 PortletSession portletSession = actionRequest.getPortletSession();
134
135 int step = ParamUtil.getInteger(actionRequest, "step");
136
137 if (step == 1) {
138 checkCaptcha(actionRequest);
139
140 portletSession.removeAttribute(
141 WebKeys.FORGOT_PASSWORD_REMINDER_ATTEMPTS);
142 portletSession.removeAttribute(
143 WebKeys.FORGOT_PASSWORD_REMINDER_USER_EMAIL_ADDRESS);
144 }
145
146 User user = getUser(actionRequest);
147
148 portletSession.setAttribute(
149 WebKeys.FORGOT_PASSWORD_REMINDER_USER_EMAIL_ADDRESS,
150 user.getEmailAddress());
151
152 actionRequest.setAttribute(WebKeys.FORGOT_PASSWORD_REMINDER_USER, user);
153
154 if (step == 2) {
155 Integer reminderAttempts = (Integer)portletSession.getAttribute(
156 WebKeys.FORGOT_PASSWORD_REMINDER_ATTEMPTS);
157
158 if (reminderAttempts == null) {
159 reminderAttempts = 0;
160 }
161 else if (reminderAttempts > 2) {
162 checkCaptcha(actionRequest);
163 }
164
165 reminderAttempts++;
166
167 portletSession.setAttribute(
168 WebKeys.FORGOT_PASSWORD_REMINDER_ATTEMPTS, reminderAttempts);
169
170 sendPassword(actionRequest, actionResponse);
171 }
172 }
173
174 protected User getUser(ActionRequest actionRequest) throws Exception {
175 PortletSession portletSession = actionRequest.getPortletSession();
176
177 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
178 WebKeys.THEME_DISPLAY);
179
180 String sessionEmailAddress = (String)portletSession.getAttribute(
181 WebKeys.FORGOT_PASSWORD_REMINDER_USER_EMAIL_ADDRESS);
182
183 User user = null;
184
185 if (Validator.isNotNull(sessionEmailAddress)) {
186 user = UserLocalServiceUtil.getUserByEmailAddress(
187 themeDisplay.getCompanyId(), sessionEmailAddress);
188 }
189 else {
190 long userId = ParamUtil.getLong(actionRequest, "userId");
191 String screenName = ParamUtil.getString(
192 actionRequest, "screenName");
193 String emailAddress = ParamUtil.getString(
194 actionRequest, "emailAddress");
195
196 if (Validator.isNotNull(emailAddress)) {
197 user = UserLocalServiceUtil.getUserByEmailAddress(
198 themeDisplay.getCompanyId(), emailAddress);
199 }
200 else if (Validator.isNotNull(screenName)) {
201 user = UserLocalServiceUtil.getUserByScreenName(
202 themeDisplay.getCompanyId(), screenName);
203 }
204 else if (userId > 0) {
205 user = UserLocalServiceUtil.getUserById(userId);
206 }
207 else {
208 throw new NoSuchUserException();
209 }
210 }
211
212 if (!user.isActive()) {
213 throw new UserActiveException();
214 }
215
216 return user;
217 }
218
219 @Override
220 protected boolean isCheckMethodOnProcessAction() {
221 return _CHECK_METHOD_ON_PROCESS_ACTION;
222 }
223
224 protected void sendPassword(
225 ActionRequest actionRequest, ActionResponse actionResponse)
226 throws Exception {
227
228 ThemeDisplay themeDisplay = (ThemeDisplay)actionRequest.getAttribute(
229 WebKeys.THEME_DISPLAY);
230
231 Company company = themeDisplay.getCompany();
232
233 User user = getUser(actionRequest);
234
235 if (PropsValues.USERS_REMINDER_QUERIES_ENABLED) {
236 if (PropsValues.USERS_REMINDER_QUERIES_REQUIRED &&
237 !user.hasReminderQuery()) {
238
239 throw new RequiredReminderQueryException(
240 "No reminder query or answer is defined for user " +
241 user.getUserId());
242 }
243
244 String answer = ParamUtil.getString(actionRequest, "answer");
245
246 if (!user.getReminderQueryAnswer().equals(answer)) {
247 throw new UserReminderQueryException();
248 }
249 }
250
251 PortletPreferences preferences = actionRequest.getPreferences();
252
253 String languageId = LanguageUtil.getLanguageId(actionRequest);
254
255 String emailFromName = preferences.getValue("emailFromName", null);
256 String emailFromAddress = preferences.getValue(
257 "emailFromAddress", null);
258 String emailToAddress = user.getEmailAddress();
259
260 String emailParam = "emailPasswordSent";
261
262 if (company.isSendPasswordResetLink()) {
263 emailParam = "emailPasswordReset";
264 }
265
266 String subject = preferences.getValue(
267 emailParam + "Subject_" + languageId, null);
268 String body = preferences.getValue(
269 emailParam + "Body_" + languageId, null);
270
271 LoginUtil.sendPassword(
272 actionRequest, emailFromName, emailFromAddress, emailToAddress,
273 subject, body);
274
275 sendRedirect(actionRequest, actionResponse);
276 }
277
278 private static final boolean _CHECK_METHOD_ON_PROCESS_ACTION = false;
279
280 }