java web Implementation forget password (retrieve password) function and code
(I) general idea
(II) partial screenshots
(III) some codes
(I) general idea:
1. Enter the name, email address and verification code on the password recovery page, and click the [submit] button after entry. At this time, send an email with the encrypted link.
2. Click the link in the email, decrypt and judge whether the link is valid, and then go to the password modification page after verification.
3. Enter the new password in the modification page, click [modify] to modify the password, and the operation is completed.
(II) partial screenshots:
(III) some codes:
Code 1 (corresponding to the general idea 1 above): the key here is to generate encrypted links, and the link parameters need to be passed in the browser by get mode, and cannot support "+", "/", and other special characters.
//Add expiration time, link fails after 24 hours long endTimes = System.currentTimeMillis()+1*24*3600*1000; String para = personname+";"+email+";"+endTimes; //Encrypt first, then url transcode. The order cannot be modified by lifq 20150317 String encode = UrlUtil.getURLEncoderString(DesUtil.encrypt(para)); content = EmailUtil.replace(content, "", "http://localhost:8080/test/toSetPayrollPwd2.do?vc="+encode);
Code 2 (corresponding to the general idea 2 above): the key here is to get the parameter vc and decrypt it.
/** * Retrieve password step 2 * * @return String * @author lifq * @date 2015-3-17 10:24:09 am*/ public String toSetPayrollPwd2(){ String vc = context.getParameter("vc"); if(null!=vc){ try { //Direct des decoding here String decode = DesUtil.decrypt(vc); List list = EmailUtil.parseContent(decode, ";"); if(null!=list && list.size()>0){ String personname = (String)list.get(0); String email = (String)list.get(1); long entimes = Long.parseLong((String)list.get(2)); long curtime = System.currentTimeMillis(); if(entimes<=curtime){ context.setRequestAttribute("errorMsg", "The current link has expired. Please try again Go to reset password link!"); }else{ context.setRequestAttribute("personname", personname); context.setRequestAttribute("email", email); context.setRequestAttribute("vc", UrlUtil.getURLEncoderString(vc)); } } } catch (Exception e) { e.printStackTrace(); context.setRequestAttribute("errorMsg", "Invalid link!"); } } return RETURN_SUCCESS; }
The above part involves the util class of URL encryption and decryption and the util class of DES encryption and decryption. The code in the previous article is as follows:
1.Implementation of DES encryption and decryption algorithm in java
2.java implementation of url transcoding and decoding