Add some boilerplate to the password reset.

2024-03-08 14:07:47 +00:00 · 2021-08-07 17:01:11 -05:00
parent 8d09ac39f2
commit 5a1f97abca
3 changed files with 9 additions and 3 deletions
--- a/currentmonitor/lantern-service-currentmonitor/src/main/java/com/lanternsoftware/currentmonitor/servlet/ResetPasswordServlet.java
+++ b/currentmonitor/lantern-service-currentmonitor/src/main/java/com/lanternsoftware/currentmonitor/servlet/ResetPasswordServlet.java
@@ -62,7 +62,7 @@ public class ResetPasswordServlet extends FreemarkerServlet {
        } else {
            DaoEntity payload = getRequestZipBson(_req);
            String email = DaoSerializer.getString(payload, "email");
-            if (NullUtils.isNotEmpty(email)) {
+            if (EmailValidator.getInstance().isValid(email)) {
                String key = Globals.dao.addPasswordResetKey(email);
                Email from = new Email("info@lanternsoftware.com");
                String subject = "Password Reset - Lantern Power Monitor";
@@ -79,9 +79,11 @@ public class ResetPasswordServlet extends FreemarkerServlet {
                    zipBsonResponse(_resp, new DaoEntity("success", response.getStatusCode() == 200));
                } catch (IOException ex) {
                    LOG.error("Failed to send password reset email", ex);
-                    zipBsonResponse(_resp, new DaoEntity("success", false));
+                    _resp.setStatus(500);
                }
            }
+            else
+                _resp.setStatus(400);
        }
    }
 }