From 5a1f97abcaf68a59789188bed4c6b13d55850601 Mon Sep 17 00:00:00 2001
From: MarkBryanMilligan <markbryanmilligan@gmail.com>
Date: Sat, 7 Aug 2021 17:01:11 -0500
Subject: [PATCH] Add some boilerplate to the password reset.

---
 .../dataaccess/currentmonitor/MongoCurrentMonitorDao.java   | 5 ++++-
 .../datamodel/currentmonitor/BreakerGroupEnergy.java        | 1 +
 .../currentmonitor/servlet/ResetPasswordServlet.java        | 6 ++++--
 3 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/currentmonitor/lantern-dataaccess-currentmonitor/src/main/java/com/lanternsoftware/dataaccess/currentmonitor/MongoCurrentMonitorDao.java b/currentmonitor/lantern-dataaccess-currentmonitor/src/main/java/com/lanternsoftware/dataaccess/currentmonitor/MongoCurrentMonitorDao.java
index 02a14e0..b0d26f9 100644
--- a/currentmonitor/lantern-dataaccess-currentmonitor/src/main/java/com/lanternsoftware/dataaccess/currentmonitor/MongoCurrentMonitorDao.java
+++ b/currentmonitor/lantern-dataaccess-currentmonitor/src/main/java/com/lanternsoftware/dataaccess/currentmonitor/MongoCurrentMonitorDao.java
@@ -174,6 +174,8 @@ public class MongoCurrentMonitorDao implements CurrentMonitorDao {
 		Date start = DateUtils.getMidnightBefore(_start, tz);
 		Date monthStart = DateUtils.getStartOfMonth(_start, tz);
 		BreakerGroup root = CollectionUtils.getFirst(config.getBreakerGroups());
+		if (root == null)
+			return;
 		proxy.delete(BreakerGroupSummary.class, new DaoQuery("_id", BreakerGroupEnergy.toId(_accountId, root.getId(), EnergyBlockViewMode.MONTH, monthStart)));
 		while (start.before(_end)) {
 			Date dayEnd = DateUtils.getMidnightAfter(start, tz);
@@ -335,7 +337,7 @@ public class MongoCurrentMonitorDao implements CurrentMonitorDao {
 
 	@Override
 	public String addPasswordResetKey(String _email) {
-		String key = aes.encryptToBase64(_email);
+		String key = aes.encryptToUrlSafeBase64(_email);
 		proxy.saveEntity("password_reset", new DaoEntity("_id", key));
 		return key;
 	}
@@ -356,6 +358,7 @@ public class MongoCurrentMonitorDao implements CurrentMonitorDao {
 		Account acct = getAccountByUsername(aes.decryptFromBase64ToString(_key));
 		acct.setPassword(_password);
 		putAccount(acct);
+		proxy.delete("password_reset", new DaoQuery("_id", _key));
 		return true;
 	}
 
diff --git a/currentmonitor/lantern-datamodel-currentmonitor/src/main/java/com/lanternsoftware/datamodel/currentmonitor/BreakerGroupEnergy.java b/currentmonitor/lantern-datamodel-currentmonitor/src/main/java/com/lanternsoftware/datamodel/currentmonitor/BreakerGroupEnergy.java
index 32e650f..9d101ac 100644
--- a/currentmonitor/lantern-datamodel-currentmonitor/src/main/java/com/lanternsoftware/datamodel/currentmonitor/BreakerGroupEnergy.java
+++ b/currentmonitor/lantern-datamodel-currentmonitor/src/main/java/com/lanternsoftware/datamodel/currentmonitor/BreakerGroupEnergy.java
@@ -412,6 +412,7 @@ public class BreakerGroupEnergy {
 						_energyBlocks.put(block.getStart().getTime(), b);
 					} else
 						b.addJoules(block.getJoules());
+					b.addCharge(block.getCharge());
 				}
 			}
 		}
diff --git a/currentmonitor/lantern-service-currentmonitor/src/main/java/com/lanternsoftware/currentmonitor/servlet/ResetPasswordServlet.java b/currentmonitor/lantern-service-currentmonitor/src/main/java/com/lanternsoftware/currentmonitor/servlet/ResetPasswordServlet.java
index 5ce9250..32f521b 100644
--- a/currentmonitor/lantern-service-currentmonitor/src/main/java/com/lanternsoftware/currentmonitor/servlet/ResetPasswordServlet.java
+++ b/currentmonitor/lantern-service-currentmonitor/src/main/java/com/lanternsoftware/currentmonitor/servlet/ResetPasswordServlet.java
@@ -62,7 +62,7 @@ public class ResetPasswordServlet extends FreemarkerServlet {
         } else {
             DaoEntity payload = getRequestZipBson(_req);
             String email = DaoSerializer.getString(payload, "email");
-            if (NullUtils.isNotEmpty(email)) {
+            if (EmailValidator.getInstance().isValid(email)) {
                 String key = Globals.dao.addPasswordResetKey(email);
                 Email from = new Email("info@lanternsoftware.com");
                 String subject = "Password Reset - Lantern Power Monitor";
@@ -79,9 +79,11 @@ public class ResetPasswordServlet extends FreemarkerServlet {
                     zipBsonResponse(_resp, new DaoEntity("success", response.getStatusCode() == 200));
                 } catch (IOException ex) {
                     LOG.error("Failed to send password reset email", ex);
-                    zipBsonResponse(_resp, new DaoEntity("success", false));
+                    _resp.setStatus(500);
                 }
             }
+            else
+                _resp.setStatus(400);
         }
     }
 }