public Mono<UserDto> resetPassword(Mono<ResetPasswordForm> resetPasswordForm) { return resetPasswordForm.map(form -> { log.debug("Resetting password ..."); JWTClaimsSet claims = greenTokenService.parseToken(form.getCode(), GreenTokenService.FORGOT_PASSWORD_AUDIENCE); String email = claims.getSubject(); return Tuples.of(email, claims, form.getNewPassword()); }) .flatMap(tuple -> Mono.zip( findUserByEmail(tuple.getT1()), Mono.just(tuple.getT2()), Mono.just(tuple.getT3())) ) .map(this::resetPassword) .flatMap(userRepository::save) .map(AbstractMongoUser::toUserDto); }
"com.naturalprogrammer.spring.alreadyVerified").go(); JWTClaimsSet claims = greenTokenService.parseToken(verificationCode, GreenTokenService.VERIFY_AUDIENCE, user.getCredentialsUpdatedMillis());
JWTClaimsSet claims = greenTokenService.parseToken(form.getCode(), GreenTokenService.FORGOT_PASSWORD_AUDIENCE);
protected U validateChangeEmail(Tuple2<U, MultiValueMap<String, String>> tuple) { U user = tuple.getT1(); String code = tuple.getT2().getFirst("code"); LexUtils.validate(StringUtils.isNotBlank(code), "com.naturalprogrammer.spring.blank", "code").go(); LexUtils.validate(StringUtils.isNotBlank(user.getNewEmail()), "com.naturalprogrammer.spring.blank.newEmail").go(); JWTClaimsSet claims = greenTokenService.parseToken(code, GreenTokenService.CHANGE_EMAIL_AUDIENCE, user.getCredentialsUpdatedMillis()); LecUtils.ensureAuthority( claims.getSubject().equals(user.getId().toString()) && claims.getClaim("newEmail").equals(user.getNewEmail()), "com.naturalprogrammer.spring.wrong.changeEmailCode"); return user; }
public U verifyUser(Tuple2<U, MultiValueMap<String,String>> tuple) { log.debug("Verifying user ..."); U user = tuple.getT1(); String verificationCode = tuple.getT2().getFirst("code"); LexUtils.validate(StringUtils.isNotBlank(verificationCode), "com.naturalprogrammer.spring.blank", "code").go(); // ensure that he is unverified LexUtils.validate(user.hasRole(UserUtils.Role.UNVERIFIED), "com.naturalprogrammer.spring.alreadyVerified").go(); JWTClaimsSet claims = greenTokenService.parseToken( verificationCode, GreenTokenService.VERIFY_AUDIENCE, user.getCredentialsUpdatedMillis()); LecUtils.ensureAuthority( claims.getSubject().equals(user.getId().toString()) && claims.getClaim("email").equals(user.getEmail()), "com.naturalprogrammer.spring.wrong.verificationCode"); user.getRoles().remove(UserUtils.Role.UNVERIFIED); // make him verified user.setCredentialsUpdatedMillis(System.currentTimeMillis()); return user; }
"com.naturalprogrammer.spring.blank.newEmail").go(); JWTClaimsSet claims = greenTokenService.parseToken(changeEmailCode, GreenTokenService.CHANGE_EMAIL_AUDIENCE, user.getCredentialsUpdatedMillis());