dcsimg
CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 8 of 8

Thread: Forgot password send mail to the registered user java

  1. #1
    Join Date
    Oct 2019
    Posts
    9

    Forgot password send mail to the registered user java

    I am trying to create a link on clicking forgot password. Once the user entered their mail id and clicks the button, the user should check their mail for the reset password link in which the link is accessible of the specified time, Later the link will expire. Please help me with this. Twice I checked for reset password link and both the links are different. I am trying to achieve something like this.

    Someone, probably you, made a password recovery request from Big Moose Saloon account. Please use the following URL to complete the password recovery. You will be sent to a page asking your email address and the new password. https://coderanch.com/forums/user/re...b4ced1ba172cf5

    Someone, probably you, made a password recovery request from Big Moose Saloon account. Please use the following URL to complete the password recovery. You will be sent to a page asking your email address and the new password. https://coderanch.com/forums/user/re...93e2ab6216ce48
    How will i do this? Please help me.

  2. #2
    Arjay's Avatar
    Arjay is offline Moderator / EX MS MVP Power Poster
    Join Date
    Aug 2004
    Posts
    13,173

    Re: Forgot password send mail to the registered user java

    Typically, you'll generate a link with a key. You can use a GUID for the key, and before you send the email, you'll want to store the key along with the key expiration date. You can store this in the user table or in another table with a foreign key to the user table.

    When the user click to reset the password, you check if there is an existing link and whether it has expired before sending email. If the key has not expired you can resend the email using the same key. Or, if expired you can generate a new key, store it and send a new email.

    When the user clicks on the link in the email, prompt to enter a new password, store it and then remove the key amd expiration date.

  3. #3
    Join Date
    Oct 2019
    Posts
    9

    Re: Forgot password send mail to the registered user java

    Can you please suggest me an example and this is my user table valuesid | Email | userName | password | reg_date . What else should i add in user table?

  4. #4
    Join Date
    Oct 2019
    Posts
    9

    Re: Forgot password send mail to the registered user java

    I have added the code as per you tole me to.
    Code:
    UUID tokenId=java.util.UUID.randomUUID();
                String path="http://localhost/PasswordResetServlet?tokenId='"+tokenId+"'";
                String link = "<a href = ""+path+""></a>";
                message.setText(msg+link);
    I had created the table with following fields.
    Code:
    CREATE TABLE userpwd ( confirmation_token varchar(200),Email VARCHAR(254), 
    reg_date TIMESTAMP DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP);
    Now i have insert the generated tokedid along with the mailid right?
    Last edited by VictorN; November 28th, 2019 at 07:18 AM. Reason: Added CODE tags

  5. #5
    VictorN's Avatar
    VictorN is offline Super Moderator Power Poster
    Join Date
    Jan 2003
    Location
    Hanover Germany
    Posts
    19,562

    Re: Forgot password send mail to the registered user java

    Please, use CODE tags (not QUOTE) while posting code or scrip
    Victor Nijegorodov

  6. #6
    Arjay's Avatar
    Arjay is offline Moderator / EX MS MVP Power Poster
    Join Date
    Aug 2004
    Posts
    13,173

    Re: Forgot password send mail to the registered user java

    Use this table:
    Code:
    CREATE TABLE PasswordReset
    (
      Id INT IDENTITY(1,1) NOT NULL,
      UserId INT  NOT NULL,
      CreatedDate DATETIME NOT NULL,
      UpdatedDate DATETIME NOT NULL,
      ResetToken UNIQUEIDENTIFIER NOT NULL 
      ExpirationDate DATETIME NOT NULL,
      ResetStatus Id NOT NULL
    )
    Comments:
    1) The UserId is a foreign key to the user table with 1..many relationship.
    2)ResetToken is the UUID you generate.
    3) Use the native UUID db type (UNIQUEIDENTIFIER) instead of VARCHAR.
    4) Create a unique constraint of the composite key of UserId and ResetToken.
    5) ResetStatusId is an FK to ResetStatus table (which you'll need to create) with the values of:
    Created 1
    Sent 2
    Pending 3
    Received 4
    Completed 5

    Note: the above is roughly SQL SERVER create table syntax.

    Lastly, it is very valuable to learn SQL best practices when learning how to program. Proper sql design helps to prevent garbage data from getting into the database. Then, as a programmer, you don't have to deal with it. For example, that is why I used the SQL data type of UNIQUEIDENTIFIER (UUID) for ResetToken instead of VARCHAR because the database with only accept a valid UUID. If you used a VARCHAR here the db would accept any string and you would have to constantly check and convert it into a UUID in your program. A good rule of thumb for db design is to use native types whenever possible.
    Last edited by Arjay; November 28th, 2019 at 11:46 AM.

  7. #7
    Join Date
    Oct 2019
    Posts
    9

    Re: Forgot password send mail to the registered user java

    Code:
    Connection con = null;
           PreparedStatement preparedStatementFetch = null;
           PreparedStatement preparedStatementInsert = null; 
     
           Session session = Session.getInstance(props,new javax.mail.Authenticator()
           {
               protected PasswordAuthentication getPasswordAuthentication()
               {
                   return new PasswordAuthentication(user,pass); 
               }
           });
     
           try {
     
               System.out.println("hai");
               con = DBConnection.createConnection(); //establishing connection
               String query = "SELECT * FROM Users where email=?"; //Insert user details into the table 'USERS'
                
                preparedStatementFetch = con.prepareStatement(query); //Making use of prepared statements here to insert bunch of data
                System.out.println("hai"+preparedStatementFetch);
               // preparedStatementFetch.setString(1,email); 
                ResultSet rs=preparedStatementFetch.executeQuery();
                System.out.println("hai" + rs);
                if(!rs.next()){// no mathcing record found corresponding to given email
                      preparedStatementInsert=con.prepareStatement("insert into userpwd (confirmation_token,Email) values (?,?)");
                      System.out.println("hai");
                      }
               MimeMessage message = new MimeMessage(session);
               message.setFrom(new InternetAddress(user,"no-reply@abc.com"));
               message.addRecipient(Message.RecipientType.TO,new InternetAddress(to));
               message.setSubject(sub);
               UUID tokenId=java.util.UUID.randomUUID();
               String path="http://localhost/RegisterServlet?tokenId='"+tokenId+"'";
               String link = "<a href = ""+path+""></a>";
               message.setText(msg+link);
             
               Transport.send(message);
           }
    The above code is how i am trying to insert the token_id and email in database. But i don't know how will retrieve the email address on button click from ForgotPasswordDao.java in Sendmail.java. So that the token and email will be inserted in the separate table.
    Code:
     System.out.println("hai"+preparedStatementFetch);
    Prints haicom.mysql.jdbc.JDBC4PreparedStatement@5b933bbc: SELECT * FROM userpwd where email=** NOT SPECIFIED **

  8. #8
    Arjay's Avatar
    Arjay is offline Moderator / EX MS MVP Power Poster
    Join Date
    Aug 2004
    Posts
    13,173

    Re: Forgot password send mail to the registered user java

    The link that was sent to the user contains the ResetToken UUID. When the user clicks on the link, you will have the token in the request and you use it to extract the user's record (and corresponding email).

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  


Windows Mobile Development Center


Click Here to Expand Forum to Full Width




On-Demand Webinars (sponsored)