class LoginController {
CryptoService cryptoService
MailService mailService
def index = {
render(view:'login')
}
def login = {
if (params.userid && params.password) {
def user = Account.findByUseridAndStatus(params.userid, "active")
String calcPassword = cryptoService.sha1(params.password.getBytes())
if (user != null && user.password == calcPassword) {
session.account = user
user.lastLogin = new Date()
user.save()
flash.message = "Welcome ${user.userid}"
if (session.returnController) {
redirect(controller:session.returnController, action:session.returnAction)
} else {
redirect(controller:'entries', action:'recent')
}
} else {
flash.message = "Invalid username or password. Please try again."
}
}
}
def forgottenPassword = {
if (params.userid) {
def account = Account.findByUserid(params.userid)
if (account && account.email) {
def PW_POOL = "23456789ABCDEFGHJKLMNPQRSTUVWXYZ"
def genPw = ""
8.times {
genPw += PW_POOL[new Random().nextInt(PW_POOL.size() -1)]
}
account.password = cryptoService.sha1(genPw.getBytes())
def msg = """
groovyblogs.org Password Reset
Hi ${account.userid}, we've reset your password to: ${genPw}.
You need to type in the letters in upper case.
Once you've logged on you can change it to something you prefer
by going into the "My Blogs" tab.
Glen Smith - groovyblogs.org
"""
mailService.send(account.email, msg, "groovyblogs.org Password Reset")
flash.message = "A new password has been generated and emailed to your account"
redirect(controller: 'login')
} else {
flash.message = "Could not locate your account."
}
}
}
def logout = {
session.account = null
flash.message = "You have successfully logged out"
redirect(controller: 'entries', action:'recent')
}
}