@Override public PasswordValidationResult validate( CredentialsInfo credentialsInfo ) { boolean match; UserCredentials userCredentials = userService.getUserCredentialsByUsername( credentialsInfo.getUsername() ); List<String> previousPasswords = userCredentials.getPreviousPasswords(); for ( String encodedPassword : previousPasswords ) { match = passwordEncoder.matches( credentialsInfo.getPassword(), encodedPassword ); if ( match ) { return new PasswordValidationResult( String.format( "Password must not be one of the previous %d passwords", HISTORY_LIMIT ), "password_history_validation", false ); } } if ( previousPasswords.size() == HISTORY_LIMIT ) { userCredentials.getPreviousPasswords().remove( 0 ); userService.updateUserCredentials( userCredentials ); } return new PasswordValidationResult( true ); }
@Override public boolean restore( UserCredentials credentials, String token, String newPassword, RestoreType restoreType ) { if ( credentials == null || token == null || newPassword == null || !canRestore( credentials, token, restoreType ) ) { return false; } credentials.setRestoreToken( null ); credentials.setRestoreExpiry( null ); credentials.setInvitation( false ); userService.encodeAndSetPassword( credentials, newPassword ); userService.updateUserCredentials( credentials ); return true; }
@Override public String[] initRestore( UserCredentials credentials, RestoreOptions restoreOptions ) { String token = restoreOptions.getTokenPrefix() + CodeGenerator.generateCode( RESTORE_TOKEN_LENGTH ); String hashedToken = passwordManager.encode( token ); RestoreType restoreType = restoreOptions.getRestoreType(); Date expiry = new Cal().now().add( restoreType.getExpiryIntervalType(), restoreType.getExpiryIntervalCount() ).time(); credentials.setRestoreToken( hashedToken ); credentials.setRestoreExpiry( expiry ); userService.updateUserCredentials( credentials ); return new String[]{ token }; }