Interface ResetPasswordManager
-
@Role @Unstable public interface ResetPasswordManager
Component dedicated to handle the reset password operation. This component is designed to handle a reset password in 3 steps: 1. a request is performed for doing a reset password for a given user: a verification code is transmitted to the user by a side way (e.g. email) 2. the user certifies her identity by sending back the verification code 3. the user specify a new password which is updated internally.- Since:
- 13.1RC1
- Version:
- $Id: 86ba962be429e594555d3f1c23cfe7299fa48af9 $
-
-
Method Summary
All Methods Instance Methods Abstract Methods Modifier and Type Method Description ResetPasswordRequestResponse
checkVerificationCode(UserReference userReference, String verificationCode)
Check if the given verification code is correct for the user reference.ResetPasswordRequestResponse
requestResetPassword(UserReference userReference)
Perform a reset password request and return the information to send to the user.void
resetPassword(UserReference userReference, String newPassword)
Reset the password of the given user with the given new password.void
sendResetPasswordEmailRequest(ResetPasswordRequestResponse requestResponse)
SendResetPasswordRequestResponse
information by email to the user.
-
-
-
Method Detail
-
requestResetPassword
ResetPasswordRequestResponse requestResetPassword(UserReference userReference) throws ResetPasswordException
Perform a reset password request and return the information to send to the user. Note that the implementation of this method might have some side effect like modifying the user information.- Parameters:
userReference
- the reference of the user for which to reset the password.- Returns:
- the needed information to send to the user for confirming her identity.
- Throws:
ResetPasswordException
- if any problem occurs.
-
sendResetPasswordEmailRequest
void sendResetPasswordEmailRequest(ResetPasswordRequestResponse requestResponse) throws ResetPasswordException
SendResetPasswordRequestResponse
information by email to the user.- Parameters:
requestResponse
- the reset password information to send to the user to confirm her identity.- Throws:
ResetPasswordException
- in case of problem for sending the email.
-
checkVerificationCode
ResetPasswordRequestResponse checkVerificationCode(UserReference userReference, String verificationCode) throws ResetPasswordException
Check if the given verification code is correct for the user reference. This method throws theResetPasswordException
if the verification code is not correct. The verification code must be reset at each check, even if the validation is not correct, to ensure that an attacker cannot bruteforce it.- Parameters:
userReference
- the reference for which to check the verification code.verificationCode
- the code to check.- Returns:
- the information about the user and the up-to-date verification code.
- Throws:
ResetPasswordException
- if the verification code is wrong or cannot be validated.
-
resetPassword
void resetPassword(UserReference userReference, String newPassword) throws ResetPasswordException
Reset the password of the given user with the given new password. Note that this method should always be called after the verification code has been checked out.- Parameters:
userReference
- the reference of the user for which to reset the password.newPassword
- the new password to set.- Throws:
ResetPasswordException
- in case of problem when modifying the password.
-
-