PasswordRecoveryService¶
-
public interface
PasswordRecoveryService
¶ Service that defines APIs to manage password recovery
Methods¶
oneTimeTokenOpenId¶
-
String
oneTimeTokenOpenId
(String email)¶ Creates an one time token for OpenId for the user with the given email address and sends a recovery email
Parameters: - email – address of the user
Throws: - UserNotFoundException – when no user for the given email exists
- NonAdminUserException – when the user for the given email is not an admin (don’t have Admin role)
Returns: the recovery token that can be used for resetting the password
oneTimeTokenOpenId¶
-
String
oneTimeTokenOpenId
(String email, boolean notify)¶ Creates an one time token for OpenId for the user with the given email address, with an optional email notification.
Parameters: - email – address of the user
- notify – about the recovery
Throws: - UserNotFoundException – when no user with the given email exists
- NonAdminUserException – when the user for the given email is not an admin (don’t have Admin role)
Returns: the recovery token that can be used for resetting the password
oneTimeTokenOpenId¶
-
String
oneTimeTokenOpenId
(String email, DateTime expiration, boolean notify)¶ Creates an one time token for OpenId for the user with the given email address, with an optional email notification. The recovery will expire on the given date.
Parameters: - email – address of the user
- expiration – date of recovery, it shouldn’t be a past date
- notify – about the recovery
Throws: - UserNotFoundException – when no user with the given email exists
- NonAdminUserException – when the user for the given email is not an admin (don’t have Admin role)
Returns: the recovery token that can be used for resetting the password
passwordRecoveryRequest¶
-
String
passwordRecoveryRequest
(String email)¶ Creates password recovery for the user with the given email address and sends a recovery email
Parameters: - email – address of the user
Throws: - UserNotFoundException – when no user for the given email exists
Returns: the recovery token that can be used for resetting the password
passwordRecoveryRequest¶
-
String
passwordRecoveryRequest
(String email, boolean notify)¶ Creates password recovery for the user with the given email address, with an optional email notification.
Parameters: - email – address of the user
- notify – about the recovery
Throws: - UserNotFoundException – when no user for the given email exists
Returns: the recovery token that can be used for resetting the password
passwordRecoveryRequest¶
-
String
passwordRecoveryRequest
(String email, DateTime expiration)¶ Creates password recovery for the user with the given email address and sends a recovery email. The recovery will expire on the given date.
Parameters: - email – address of the user
- expiration – date of recovery, it shouldn’t be a past date
Throws: - UserNotFoundException – when no user for the given email exists
Returns: the recovery token that can be used for resetting the password
passwordRecoveryRequest¶
-
String
passwordRecoveryRequest
(String email, DateTime expiration, boolean notify)¶ Creates password recovery for the user with the given email address, with an optional email notification. The recovery will expire on the given date.
Parameters: - email – address of the user
- expiration – date of recovery, it shouldn’t be a past date
- notify – about the recovery
Throws: - UserNotFoundException – when no user for the given email exists
Returns: the recovery token that can be used for resetting the password
resetPassword¶
-
void
resetPassword
(String token, String password, String passwordConfirmation)¶ Sets new password for user from token
Parameters: - token – for
org.motechproject.security.domain.PasswordRecovery
- password – to be set for user
- passwordConfirmation – to check is password is correct
Throws: - InvalidTokenException – when
org.motechproject.security.domain.PasswordRecovery
as a null, recovery is already expired or when user for name from token doesn’t exists
- token – for
validateToken¶
-
boolean
validateToken
(String token)¶ Checks if there’s a not expired
org.motechproject.security.domain.PasswordRecovery
for given tokenParameters: - token – to validate
Returns: true if recovery exists, otherwise false
validateTokenAndLoginUser¶
-
void
validateTokenAndLoginUser
(String token, HttpServletRequest request, HttpServletResponse response)¶ Creates new openId Token for user from token as long as there’s a
org.motechproject.security.domain.PasswordRecovery
for that token and redirect to home page. If there’s no such recovery then redirect to login pageParameters: - token – for password recovery
- request – for session
- response – for session
Throws: - IOException – when response cannot redirect to given URL (home or login page)