忘记密码

通过邮箱来做忘记密码功能

controller：

@RequestMapping(value = "/getpwd")    public String getpwd() {        return "/getpwd";    }        @RequestMapping(value = "/getpwd", method = RequestMethod.POST)    public String getpwd(String email,Model model, HttpServletRequest request) {        User u = userService.findByEmail(email);                if (u != null) {            PasswordUserHelper helper = new PasswordUserHelper();            helper.setAccountId(u.getId());            helper.setGenerateTime(new Date());            passwordUserHelperService.save(helper);                        String serverName = request.getServerName();            int remotePort = request.getServerPort();            String domian = serverName.substring(serverName.indexOf(".") + 1);            if (serverName.split("\\" + ".").length < 3) {                domian = serverName;            }            String basePath = domian + (remotePort == 80 ? "" : (":" + remotePort))                    + request.getContextPath();            request.setAttribute("basePath", basePath);                        System.out.println(request.getAttribute("basePath"));            Object[] parameters = { u.getName(), helper.getId(), request.getAttribute("basePath")};            String to = email;            String subject = i18n("fetch.password.subject");            String content = i18n("fetch.password.body", parameters, null);            sendMailToFetchPassword(to, subject, content);            model.addAttribute("uuid", helper.getId());        } else {            model.addAttribute("errorMessage","errorMessage");            return "/getpwd";        }        return "/getpwd_wait";    }        @ResponseBody    @RequestMapping(value = "/regetpwd")    public void reSendFetchPasswordMail(String uuid, HttpServletRequest request) {    PasswordUserHelper helper = passwordUserHelperService.findById(uuid);        if(helper !=null){            User u = userService.findById(helper.getAccountId());            String serverName = request.getServerName();            int remotePort = request.getServerPort();            String domian = serverName.substring(serverName.indexOf(".") + 1);            if (serverName.split("\\" + ".").length < 3) {                domian = serverName;            }            String basePath = domian + (remotePort == 80 ? "" : (":" + remotePort))                    + request.getContextPath();            request.setAttribute("basePath", basePath);            Object[] parameters = {u.getName(), helper.getId(), request.getAttribute("basePath")};            String to = u.getEmail();            String subject = i18n("fetch.password.subject");            String content = i18n("fetch.password.body", parameters, null);            sendMailToFetchPassword(to, subject, content);        }    }        @RequestMapping(value = "/fetchpassword",params={"id"})    public String fetchpassword(String id,ModelMap model) {    model.addAttribute("uuid", id);        return "/fetchpassword";    }        @RequestMapping(value = "/fetchpassword",params={"uuid"},method=RequestMethod.POST)    public String changepassword(String uuid,ModelMap model,String password,HttpServletRequest request) {    PasswordUserHelper helper = passwordUserHelperService.findById(uuid);    if(helper !=null){            User u = userService.findById(helper.getAccountId());                        password = CommonUtils.getMD5(password);            u.setPassword(password);            userService.update(u);                        String serverName = request.getServerName();            int remotePort = request.getServerPort();            String domian = serverName.substring(serverName.indexOf(".") + 1);            if (serverName.split("\\" + ".").length < 3) {                domian = serverName;            }            String basePath = domian + (remotePort == 80 ? "" : (":" + remotePort))                    + request.getContextPath();                        model.addAttribute("basePath",basePath );                    }            return "/fetchpassword_success";    }        protected String i18n(String message) {        return messageSource.getMessage(message, null, null);    }        protected String i18n(String message,Object[] prams,Locale locale) {        return messageSource.getMessage(message, prams, locale);    }        private void sendMailToFetchPassword(String to,String subject,String content){        final String _to = to;        final String _subject = subject;        final String _content = content;        new Thread(new Runnable() {            @Override            public void run() {                try {                    mailService.sendHtmlMail(_to, _subject, _content);                } catch (MessagingException e) {                    String msg = String.format("Error when send mail to %s[fetch passwod]", _to);                    LOGGER.error(msg, e);                }            }        }).start();    }

PasswordUserHelper这个类很重要，为了安全，不透露ID的：

@Entity@Table(name = "passwordUserhelper")public class PasswordUserHelper extends BasicEntity implements Serializable{    public String getId() {        return id;    }    public void setId(String id) {        this.id = id;    }    public Date getGenerateTime() {        return generateTime;    }    public void setGenerateTime(Date generateTime) {        this.generateTime = generateTime;    }    public Long getAccountId() {        return accountId;    }    public void setAccountId(Long accountId) {        this.accountId = accountId;    }    private static final long serialVersionUID = 1L;        @Id    @GenericGenerator(name="idGenerator", strategy="uuid")    @GeneratedValue(generator="idGenerator")    private String id;    private Long accountId;    private Date generateTime;}

service：

@Servicepublic class MailServiceImpl implements MailService{    private static final Logger LOGGER = LoggerFactory.getLogger(MailServiceImpl.class);        @Autowired    private JavaMailSender mailSender;    @Override    public void sendHtmlMail(String to, String subject, String htmlContent) throws MessagingException {        MimeMessage message = mailSender.createMimeMessage();        // use the true flag to indicate you need a multipart message        MimeMessageHelper helper = new MimeMessageHelper(message, true, "UTF-8");        helper.setTo(to);        helper.setSubject(subject);        // use the true flag to indicate the text included is HTML        helper.setText(htmlContent, true);        mailSender.send(message);    }        public void sendMail(final String to,final String subject,final String body){        Runnable r = new Runnable() {            @Override            public void run() {                try {                    sendHtmlMail(to, subject, body);                } catch (MessagingException e) {                    LOGGER.error(String.format("Error when send mail to %s", to),e);                }            }        };                new Thread(r).start();    }}

@Servicepublic class PasswordUserHelperServiceImpl implements PasswordUserHelperService{    @Autowired    private PasswordUserHelperDao passwordUserHelperDao;        @Autowired    private UserDao userDao;        @Transactional    @Overridepublic void save(PasswordUserHelper entity) {    passwordUserHelperDao.save(entity);}    @Transactional    @Override    public void delete(String id) {    passwordUserHelperDao.delete(id);            }    @Transactional    @Override    public void update(PasswordUserHelper t) {    passwordUserHelperDao.update(t);            }    @Override    public PasswordUserHelper findById(String id) {        return passwordUserHelperDao.findById(id);    }    @SuppressWarnings("deprecation")@Transactional(noRollbackFor=TimeoutException.class)    @Override    public User fetchPassword(String uuid, String password) throws NoSuchAlgorithmException, UnsupportedEncodingException, ItemNotFoundException {    User user= null;        Date now = new Date();        PasswordUserHelper helper = findById(uuid);        if(helper==null){            throw new ItemNotFoundException();        }                Long dis = now.getTime() - helper.getGenerateTime().getTime();        if(dis - 30 * 60 * 1000 > 0){            delete(uuid);            try {throw new  TimeoutException();} catch (TimeoutException e) {// TODO Auto-generated catch blocke.printStackTrace();}        }                user = userDao.findById(helper.getAccountId());        if(user != null){            PassAndSalt passAndSalt = PasswordEncoder.saltEncode(password);            user.setPassword(passAndSalt.getSalt());            //user.setSalt(passAndSalt.getSalt());                        userDao.update(user);                        delete(uuid);        }                return user;    }}

还有个很重要的配置，邮箱配置：

<bean id="mailSender" class="org.springframework.mail.javamail.JavaMailSenderImpl">        <property name="host" value="xxx" />        <property name="port" value="xxx" />        <property name="username" value="xxx" />        <property name="password" value="xxx" />        <property name="javaMailProperties">            <props>                <!-- Use SMTP transport protocol -->                <prop key="mail.transport.protocol">smtp</prop>                <!-- Use SMTP-AUTH to authenticate to SMTP server -->                <prop key="mail.smtp.auth">true</prop>                <!-- Use TLS to encrypt communication with SMTP server -->                <prop key="mail.smtp.starttls.enable">true</prop>                <prop key="mail.debug">false</prop>            </props>        </property>    </bean>

具体参照svn