Package com.broadleafcommerce.auth.user.service.password

Interface UserPasswordService<P extends PasswordToken,U extends User>

All Superinterfaces:
org.springframework.security.core.userdetails.UserDetailsPasswordService
All Known Implementing Classes:
DefaultUserPasswordService
public interface UserPasswordService<P extends PasswordToken,U extends User> extends org.springframework.security.core.userdetails.UserDetailsPasswordService
Author:
Chad Harchar (charchar)

  • Method Details

    • resetPassword

      boolean resetPassword(ResetPasswordForm resetPasswordForm, org.springframework.validation.BindingResult errors)
      From the provided ResetPasswordForm, attempt to reset the user's password. If a failure occurs, errors will be populated on BindingResult and `false` is returned. Otherwise, return `true`.
      Parameters:
      resetPasswordForm - The form to use to reset the user's password.
      errors - The object to hold any errors that might occur.
      Returns:
      Whether the provided ResetPasswordForm passed validation in order for the password to be reset.

    • changePassword

      boolean changePassword(ChangePasswordForm changePasswordForm, org.springframework.validation.BindingResult errors)
      From the provided ChangePasswordForm, attempt to change the user's password. If a failure occurs, errors will be populated on BindingResult and `false` is returned. Otherwise, return `true`.
      Parameters:
      changePasswordForm - The form to use to change the user's password.
      errors - The object to hold any errors that might occur.
      Returns:
      Whether the provided ChangePasswordForm passed validation in order for the password to be changed.

    • createResetPasswordToken

      boolean createResetPasswordToken(String clientId, String username) throws AccountLockedException
      Creates a reset password token for the specified user, if they exist.
      Parameters:
      clientId - The AuthorizedClient.getId() to verify against
      username - The username of the user for which to validate and create a token.
      Returns:
      true if token successfully created, else false.
      Throws:
      AccountLockedException - if user is locked and unable to reset their password

    • createTokenForUser

      @Deprecated boolean createTokenForUser(String clientId, String username) throws AccountLockedException
      Deprecated.
      Use createResetPasswordToken(java.lang.String, java.lang.String) instead.
      Creates a token for the specified user, if they exist.
      Parameters:
      clientId - The AuthorizedClient.getId() to verify against
      username - The username of the user for which to validate and create a token.
      Returns:
      true if token successfully created, else false.
      Throws:
      AccountLockedException - if user is locked and unable to reset their password

    • updatePasswordForUser

      U updatePasswordForUser(U user, String password, String clientId)
      Send a password change notification email and update the user's password.
      Parameters:
      user - The user who's password to update.
      password - The new password for the user.
      clientId - The clientId from the request.
      Returns:
      The updated user.