diff --git a/src/dev/peerat/backend/Main.java b/src/dev/peerat/backend/Main.java index c98b5de..685596a 100644 --- a/src/dev/peerat/backend/Main.java +++ b/src/dev/peerat/backend/Main.java @@ -98,7 +98,7 @@ public class Main{ register(new Login(repo, router)). register(new ProfileSettings(repo)). register(new ChangePassword(repo)). - register(new ForgotPassword()). + register(new ForgotPassword(router, repo, mail)). register(new DynamicLogs(repo, router.getLogger())). diff --git a/src/dev/peerat/backend/repository/DatabaseQuery.java b/src/dev/peerat/backend/repository/DatabaseQuery.java index b0ba59f..63d1144 100644 --- a/src/dev/peerat/backend/repository/DatabaseQuery.java +++ b/src/dev/peerat/backend/repository/DatabaseQuery.java @@ -69,6 +69,7 @@ public enum DatabaseQuery { // PLAYERS GET_PLAYER_SIMPLE("SELECT pseudo, email, firstname, lastname, description FROM players WHERE id_player = ?"), + GET_PLAYER_EMAIL("SELECT id_player FROM players WHERE email = ?"), GET_PLAYER_PSEUDO("SELECT * FROM players WHERE pseudo = ?"), GET_PLAYER_DETAILS("SELECT p.*, g.*\r\n" + "FROM players p\r\n" diff --git a/src/dev/peerat/backend/repository/DatabaseRepository.java b/src/dev/peerat/backend/repository/DatabaseRepository.java index c7a89c8..6414b06 100644 --- a/src/dev/peerat/backend/repository/DatabaseRepository.java +++ b/src/dev/peerat/backend/repository/DatabaseRepository.java @@ -219,6 +219,20 @@ public class DatabaseRepository { return null; } + public int getPlayerId(String email){ + try { + PreparedStatement completionsStmt = DatabaseQuery.GET_PLAYER_EMAIL.prepare(this.con); + completionsStmt.setString(1, email); + ResultSet result = completionsStmt.executeQuery(); + if (result.next()) { + return result.getInt("id_player"); + } + } catch (SQLException e) { + e.printStackTrace(); + } + return -1; + } + public boolean updatePseudo(int id, Player player, String pseudo){ try{ PreparedStatement statment = DatabaseQuery.GET_PLAYER_PSEUDO.prepare(this.con); diff --git a/src/dev/peerat/backend/routes/users/ForgotPassword.java b/src/dev/peerat/backend/routes/users/ForgotPassword.java index fd25fcc..e42f7db 100644 --- a/src/dev/peerat/backend/routes/users/ForgotPassword.java +++ b/src/dev/peerat/backend/routes/users/ForgotPassword.java @@ -1,14 +1,35 @@ package dev.peerat.backend.routes.users; +import java.util.HashMap; +import java.util.Map; +import java.util.Random; import java.util.regex.Matcher; +import org.json.simple.JSONObject; + +import dev.peerat.backend.model.PeerAtUser; +import dev.peerat.backend.repository.DatabaseRepository; +import dev.peerat.backend.utils.FormResponse; +import dev.peerat.backend.utils.Mail; import dev.peerat.framework.Context; import dev.peerat.framework.HttpReader; import dev.peerat.framework.HttpWriter; -import dev.peerat.framework.Response; import dev.peerat.framework.Route; +import dev.peerat.framework.Router; -public class ForgotPassword implements Response{ +public class ForgotPassword extends FormResponse{ + + private Router router; + private DatabaseRepository repo; + private Mail mail; + private Map codes; + + public ForgotPassword(Router router, DatabaseRepository repo, Mail mail){ + this.router = router; + this.repo = repo; + this.mail = mail; + this.codes = new HashMap<>(); + } @Route(path = "^/user/fpw$") public void exec(Matcher matcher, Context context, HttpReader reader, HttpWriter writer) throws Exception { @@ -17,9 +38,53 @@ public class ForgotPassword implements Response{ return; } + JSONObject json = json(reader); + if(!areValids("email")){ + context.response(400); + return; + } + String email = (String) json.get("email"); + + int player = repo.getPlayerId(email); + if(player < 0){ + context.response(400); + return; + } + + if(areValids("code","password")){ + Integer checkCode = codes.get(email); + if(checkCode == null){ + context.response(400); + return; + } + + int code = ((Long)json.get("code")).intValue(); + String password = (String)json.get("password"); + + if(code == checkCode.intValue()){ + codes.remove(email); + + repo.updatePassword(player, password); + context.response(200, + "Access-Control-Expose-Headers: Authorization", + "Authorization: Bearer " + this.router.createAuthUser(new PeerAtUser(player))); + }else{ + context.response(400); + } + }else{ + int code = codeGenerator(); + codes.put(email, code); + mail.send(email, "Forgot your Peer @ Code password ?", "Your check code is "+code+" !"); + context.response(200); + } + } + + private int codeGenerator(){ + int min = 1000; + int max = 9999; + return new Random().nextInt((max-min)) + min; + } - - }