📄 loginevents.java
字号:
}
request.setAttribute("_LOGIN_PASSED_", "TRUE");
// make sure the autoUserLogin is set to the same and that the client cookie has the correct userLoginId
return autoLoginSet(request, response);
}
public static void doBasicLogin(GenericValue userLogin, HttpServletRequest request) {
HttpSession session = request.getSession();
session.setAttribute("userLogin", userLogin);
// let the visit know who the user is
VisitHandler.setUserLogin(session, userLogin, false);
loginToSession(userLogin, request);
}
/**
* An HTTP WebEvent handler that logs out a userLogin by clearing the session.
*
* @param request The HTTP request object for the current JSP or Servlet request.
* @param response The HTTP response object for the current JSP or Servlet request.
* @return Return a boolean which specifies whether or not the calling Servlet or
* JSP should generate its own content. This allows an event to override the default content.
*/
public static String logout(HttpServletRequest request, HttpServletResponse response) {
// invalidate the security group list cache
GenericValue userLogin = (GenericValue) request.getSession().getAttribute("userLogin");
// log out from all other sessions too; do this here so that it is only done when a user explicitly logs out
logoutFromAllSessions(userLogin);
doBasicLogout(userLogin, request);
if (request.getAttribute("_AUTO_LOGIN_LOGOUT_") == null) {
return autoLoginCheck(request, response);
}
return "success";
}
public static void doBasicLogout(GenericValue userLogin, HttpServletRequest request) {
HttpSession session = request.getSession();
Security security = (Security) request.getAttribute("security");
if (security != null && userLogin != null) {
Security.userLoginSecurityGroupByUserLoginId.remove(userLogin.getString("userLoginId"));
}
// this is a setting we don't want to lose, although it would be good to have a more general solution here...
String currCatalog = (String) session.getAttribute("CURRENT_CATALOG_ID");
// also make sure the delegatorName is preserved, especially so that a new Visit can be created
String delegatorName = (String) session.getAttribute("delegatorName");
// also save the shopping cart if we have one
// DON'T save the cart, causes too many problems: security issues with things done in cart to easy to miss, especially bad on public systems; was put in here because of the "not me" link for auto-login stuff, but that is a small problem compared to what it causes
//ShoppingCart shoppingCart = (ShoppingCart) session.getAttribute("shoppingCart");
session.invalidate();
session = request.getSession(true);
if (currCatalog != null) session.setAttribute("CURRENT_CATALOG_ID", currCatalog);
if (delegatorName != null) session.setAttribute("delegatorName", delegatorName);
// DON'T save the cart, causes too many problems: if (shoppingCart != null) session.setAttribute("shoppingCart", new WebShoppingCart(shoppingCart, session));
}
/**
* The user forgot his/her password. This will either call showPasswordHint or emailPassword.
*
* @param request The HTTPRequest object for the current request
* @param response The HTTPResponse object for the current request
* @return String specifying the exit status of this event
*/
public static String forgotPassword(HttpServletRequest request, HttpServletResponse response) {
if ((UtilValidate.isNotEmpty(request.getParameter("GET_PASSWORD_HINT"))) || (UtilValidate.isNotEmpty(request.getParameter("GET_PASSWORD_HINT.x")))) {
return showPasswordHint(request, response);
} else {
return emailPassword(request, response);
}
}
/** Show the password hint for the userLoginId specified in the request object.
*@param request The HTTPRequest object for the current request
*@param response The HTTPResponse object for the current request
*@return String specifying the exit status of this event
*/
public static String showPasswordHint(HttpServletRequest request, HttpServletResponse response) {
GenericDelegator delegator = (GenericDelegator) request.getAttribute("delegator");
String userLoginId = request.getParameter("USERNAME");
if ((userLoginId != null) && ("true".equals(UtilProperties.getPropertyValue("security.properties", "username.lowercase")))) {
userLoginId = userLoginId.toLowerCase();
}
if (!UtilValidate.isNotEmpty(userLoginId)) {
// the password was incomplete
request.setAttribute("_ERROR_MESSAGE_", "<li>The Username was empty, please re-enter.");
return "error";
}
GenericValue supposedUserLogin = null;
try {
supposedUserLogin = delegator.findByPrimaryKey("UserLogin", UtilMisc.toMap("userLoginId", userLoginId));
} catch (GenericEntityException gee) {
Debug.logWarning(gee, "", module);
}
if (supposedUserLogin == null) {
// the Username was not found
request.setAttribute("_ERROR_MESSAGE_", "<li>The Username was not found, please re-enter.");
return "error";
}
String passwordHint = supposedUserLogin.getString("passwordHint");
if (!UtilValidate.isNotEmpty(passwordHint)) {
// the Username was not found
request.setAttribute("_ERROR_MESSAGE_", "<li>No password hint was specified, try having the password emailed instead.");
return "error";
}
request.setAttribute("_EVENT_MESSAGE_", "The Password Hint is: " + passwordHint);
return "success";
}
/**
* Email the password for the userLoginId specified in the request object.
*
* @param request The HTTPRequest object for the current request
* @param response The HTTPResponse object for the current request
* @return String specifying the exit status of this event
*/
public static String emailPassword(HttpServletRequest request, HttpServletResponse response) {
GenericDelegator delegator = (GenericDelegator) request.getAttribute("delegator");
LocalDispatcher dispatcher = (LocalDispatcher) request.getAttribute("dispatcher");
String productStoreId = ProductStoreWorker.getProductStoreId(request);
Map subjectData = new HashMap();
subjectData.put("productStoreId", productStoreId);
boolean useEncryption = "true".equals(UtilProperties.getPropertyValue("security.properties", "password.encrypt"));
String userLoginId = request.getParameter("USERNAME");
subjectData.put("userLoginId", userLoginId);
if ((userLoginId != null) && ("true".equals(UtilProperties.getPropertyValue("security.properties", "username.lowercase")))) {
userLoginId = userLoginId.toLowerCase();
}
if (!UtilValidate.isNotEmpty(userLoginId)) {
// the password was incomplete
request.setAttribute("_ERROR_MESSAGE_", "<li>The Username was empty, please re-enter.");
return "error";
}
GenericValue supposedUserLogin = null;
String passwordToSend = null;
try {
supposedUserLogin = delegator.findByPrimaryKey("UserLogin", UtilMisc.toMap("userLoginId", userLoginId));
if (supposedUserLogin == null) {
// the Username was not found
request.setAttribute("_ERROR_MESSAGE_", "<li>The Username was not found, please re-enter.");
return "error";
}
if (useEncryption) {
// password encrypted, can't send, generate new password and email to user
double randNum = Math.random();
// multiply by 100,000 to usually make a 5 digit number
passwordToSend = "auto" + ((long) (randNum * 100000));
supposedUserLogin.set("currentPassword", HashEncrypt.getHash(passwordToSend));
supposedUserLogin.set("passwordHint", "Auto-Generated Password");
} else {
passwordToSend = supposedUserLogin.getString("currentPassword");
}
} catch (GenericEntityException e) {
Debug.logWarning(e, "", module);
request.setAttribute("_ERROR_MESSAGE_", "<li>Error accessing password: " + e.toString());
return "error";
}
if (supposedUserLogin == null) {
// the Username was not found
request.setAttribute("_ERROR_MESSAGE_", "<li>A user with the username \"" + userLoginId + "\" was not found, please re-enter.");
return "error";
}
StringBuffer emails = new StringBuffer();
GenericValue party = null;
try {
party = supposedUserLogin.getRelatedOne("Party");
} catch (GenericEntityException e) {
Debug.logWarning(e, "", module);
party = null;
}
if (party != null) {
Iterator emailIter = UtilMisc.toIterator(ContactHelper.getContactMechByPurpose(party, "PRIMARY_EMAIL", false));
while (emailIter != null && emailIter.hasNext()) {
GenericValue email = (GenericValue) emailIter.next();
emails.append(emails.length() > 0 ? "," : "").append(email.getString("infoString"));
}
}
if (!UtilValidate.isNotEmpty(emails.toString())) {
// the Username was not found
request.setAttribute("_ERROR_MESSAGE_", "<li>No Primary Email Address has been set, please contact customer service.");
return "error";
}
// get the ProductStore email settings
GenericValue productStoreEmail = null;
try {
productStoreEmail = delegator.findByPrimaryKey("ProductStoreEmailSetting", UtilMisc.toMap("productStoreId", productStoreId, "emailType", "PRDS_PWD_RETRIEVE"));
} catch (GenericEntityException e) {
Debug.logError(e, "Problem getting ProductStoreEmailSetting", module);
}
if (productStoreEmail == null) {
request.setAttribute("_ERROR_MESSAGE_", "<li>Problems with configuration; please contact customer service.");
return "error";
}
// need OFBIZ_HOME for processing
String ofbizHome = System.getProperty("ofbiz.home");
// set the needed variables in new context
Map templateData = new HashMap();
templateData.put("useEncryption", new Boolean(useEncryption));
templateData.put("password", UtilFormatOut.checkNull(passwordToSend));
// prepare the parsed subject
String subjectString = productStoreEmail.getString("subject");
subjectString = FlexibleStringExpander.expandString(subjectString, subjectData);
Map serviceContext = new HashMap();
serviceContext.put("templateName", ofbizHome + productStoreEmail.get("templatePath"));
serviceContext.put("templateData", templateData);
serviceContext.put("subject", subjectString);
serviceContext.put("sendFrom", productStoreEmail.get("fromAddress"));
serviceContext.put("sendCc", productStoreEmail.get("ccAddress"));
serviceContext.put("sendBcc", productStoreEmail.get("ccAddress"));
serviceContext.put("contentType", productStoreEmail.get("contentType"));
serviceContext.put("sendTo", emails.toString());
try {
Map result = dispatcher.runSync("sendGenericNotificationEmail", serviceContext);
if (ModelService.RESPOND_ERROR.equals((String) result.get(ModelService.RESPONSE_MESSAGE))) {
request.setAttribute("_ERROR_MESSAGE_", "Error occurred: unable to email password. Please try again later or contact customer service. (error was: " + result.get(ModelService.ERROR_MESSAGE) + ")");
return "error";
}
} catch (GenericServiceException e) {
Debug.logWarning(e, "", module);
request.setAttribute("_ERROR_MESSAGE_", "Error occurred: unable to email password. Please try again later or contact customer service.");
return "error";
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -