Users can change their password

2025-12-17 08:39:06 +00:00 · 2018-04-27 20:39:14 -04:00
parent 3492e133e1
commit dc034d1437
6 changed files with 73 additions and 14 deletions
--- a/Server/src/main/java/net/simon987/server/Main.java
+++ b/Server/src/main/java/net/simon987/server/Main.java
@@ -99,7 +99,7 @@ public class Main {

            if (username != null && password != null) {
                if (GameServer.INSTANCE.getUserManager().validateUser(username, password)) {
-                    AlertMessage[] messages = {new AlertMessage("Logged in as " + username, AlertType.INFO)};
+                    AlertMessage[] messages = {new AlertMessage("Logged in as " + username, AlertType.SUCCESS)};
                    request.session().attribute("messages", messages);
                    request.session().attribute("username", username);

@@ -124,6 +124,40 @@ public class Main {
            return null;
        });

+        Spark.post("change_password", (request, response) -> {
+
+            String username = request.session().attribute("username");
+            String currentPassword = request.queryParams("password");
+            String newPassword = request.queryParams("new_password");
+            String newPasswordRepeat = request.queryParams("new_password_repeat");
+
+            if (newPassword.equals(newPasswordRepeat)) {
+
+                if (username != null && GameServer.INSTANCE.getUserManager().validateUser(username, currentPassword)) {
+
+                    try {
+                        GameServer.INSTANCE.getUserManager().changePassword(username, newPassword);
+                        AlertMessage[] messages = {new AlertMessage("Changed password", AlertType.SUCCESS)};
+                        request.session().attribute("messages", messages);
+                    } catch (RegistrationException e) {
+                        AlertMessage[] messages = {new AlertMessage(e.getMessage(), AlertType.DANGER)};
+                        request.session().attribute("messages", messages);
+                    }
+
+                } else {
+                    AlertMessage[] messages = {new AlertMessage("Invalid password", AlertType.DANGER)};
+                    request.session().attribute("messages", messages);
+                }
+            } else {
+                AlertMessage[] messages = {new AlertMessage("Passwords did not match", AlertType.DANGER)};
+                request.session().attribute("messages", messages);
+            }
+
+
+            response.redirect("/account");
+            return null;
+        });
+
        Spark.after((request, response) -> response.header("Content-Encoding", "gzip"));
    }

--- a/Server/src/main/java/net/simon987/server/user/UserManager.java
+++ b/Server/src/main/java/net/simon987/server/user/UserManager.java
@@ -76,4 +76,19 @@ public class UserManager {
        DBObject user = userCollection.findOne(where);
        return user != null && BCrypt.checkpw(password, (String) user.get("password"));
    }
+
+    public void changePassword(String username, String newPassword) throws RegistrationException {
+
+        if (newPassword.length() < 8 || newPassword.length() > 96) {
+            throw new RegistrationException("Password must be 8-96 characters");
+        }
+
+        User user = GameServer.INSTANCE.getGameUniverse().getUser(username);
+
+        String salt = BCrypt.gensalt();
+        String hashedPassword = BCrypt.hashpw(newPassword, salt);
+        user.setPassword(hashedPassword);
+
+        userCollection.save(user.mongoSerialise()); //Save new password immediately
+    }
 }