dhis2-devs team mailing list archive
-
dhis2-devs team
-
Mailing list archive
-
Message #27515
[Branch ~dhis2-devs-core/dhis2/trunk] Rev 13702: SecurityService, account restore fix
------------------------------------------------------------
revno: 13702
committer: Lars Helge Øverland <larshelge@xxxxxxxxx>
branch nick: dhis2
timestamp: Mon 2014-01-13 16:44:28 +0100
message:
SecurityService, account restore fix
modified:
dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsRestoreTokenValidAction.java
--
lp:dhis2
https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk
Your team DHIS 2 developers is subscribed to branch lp:dhis2.
To unsubscribe from this branch go to https://code.launchpad.net/~dhis2-devs-core/dhis2/trunk/+edit-subscription
=== modified file 'dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsRestoreTokenValidAction.java'
--- dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsRestoreTokenValidAction.java 2013-08-23 16:05:01 +0000
+++ dhis-2/dhis-web/dhis-web-commons/src/main/java/org/hisp/dhis/useraccount/action/IsRestoreTokenValidAction.java 2014-01-13 15:44:28 +0000
@@ -29,6 +29,8 @@
*/
import org.hisp.dhis.security.SecurityService;
+import org.hisp.dhis.user.UserCredentials;
+import org.hisp.dhis.user.UserService;
import org.springframework.beans.factory.annotation.Autowired;
import com.opensymphony.xwork2.Action;
@@ -41,6 +43,9 @@
{
@Autowired
private SecurityService securityService;
+
+ @Autowired
+ private UserService userService;
// -------------------------------------------------------------------------
// Input
@@ -76,7 +81,14 @@
public String execute()
{
- boolean verified = securityService.verifyToken( username, token );
+ UserCredentials credentials = userService.getUserCredentialsByUsername( username );
+
+ if ( credentials == null )
+ {
+ return ERROR;
+ }
+
+ boolean verified = securityService.verifyToken( credentials, token );
return verified ? SUCCESS : ERROR;
}