@RequestMapping(value = "/user/i_forget_password")
  @ResponseBody
  public Map forgetPass(HttpServletRequest request,String userName){
    Users users = userService.findUserByName(userName);
    Map map = new HashMap<String ,String >();
    String msg = "";
    if(users == null){       //用戶名不存在
      msg = "用戶名不存在,你不會忘記用戶名了吧?";
      map.put("msg",msg);
      return map;
    }
    try{
      String secretKey= UUID.randomUUID().toString(); //密鑰
      Timestamp outDate = new Timestamp(System.currentTimeMillis()+30*60*1000);//30分鐘后過期
      long date = outDate.getTime()/1000*1000;         //忽略毫秒數(shù)
      users.setValidataCode(secretKey);
      users.setRegisterDate(outDate);
      userService.update(users);  //保存到數(shù)據(jù)庫
      String key = users.getUserName()+"$"+date+"$"+secretKey;
      String digitalSignature = MD5.MD5Encode(key);         //數(shù)字簽名

      String emailTitle = "有方云密碼找回";
      String path = request.getContextPath();
      String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";
      String resetPassHref = basePath+"user/reset_password?sid="+digitalSignature+"&userName="+users.getUserName();
      String emailContent = "請勿回復(fù)本郵件.點擊下面的鏈接,重設(shè)密碼<br/><a href="+resetPassHref +" target='_BLANK'>點擊我重新設(shè)置密碼</a>" +
          "<br/>tips:本郵件超過30分鐘,鏈接將會失效，需要重新申請'找回密碼'"+key+"\t"+digitalSignature;
      System.out.print(resetPassHref);
      SendMail.getInstatnce().sendHtmlMail(emailTitle,emailContent,users.getEmail());
      msg = "操作成功,已經(jīng)發(fā)送找回密碼鏈接到您郵箱。請在30分鐘內(nèi)重置密碼";
      logInfo(request,userName,"申請找回密碼");
    }catch (Exception e){
      e.printStackTrace();
      msg="郵箱不存在？未知錯誤,聯(lián)系管理員吧。";
    }
    map.put("msg",msg);
    return map;
  }

找回鏈接已經(jīng)發(fā)到郵箱了。進入郵箱點開鏈接

以下為鏈接檢驗代碼，驗證通過跳轉(zhuǎn)到修改密碼界面,否則跳轉(zhuǎn)到失敗界面

@RequestMapping(value = "/user/reset_password",method = RequestMethod.GET)
  public ModelAndView checkResetLink(String sid,String userName){
    ModelAndView model = new ModelAndView("error");
    String msg = "";
    if(sid.equals("") || userName.equals("")){
      msg="鏈接不完整,請重新生成";
      model.addObject("msg",msg) ;
      logInfo(userName,"找回密碼鏈接失效");
      return model;
    }
    Users users = userService.findUserByName(userName);
    if(users == null){
      msg = "鏈接錯誤,無法找到匹配用戶,請重新申請找回密碼.";
      model.addObject("msg",msg) ;
      logInfo(userName,"找回密碼鏈接失效");
      return model;
    }
    Timestamp outDate = users.getRegisterDate();
    if(outDate.getTime() <= System.currentTimeMillis()){     //表示已經(jīng)過期
      msg = "鏈接已經(jīng)過期,請重新申請找回密碼.";
      model.addObject("msg",msg) ;
      logInfo(userName,"找回密碼鏈接失效");
      return model;
    }
    String key = users.getUserName()+"$"+outDate.getTime()/1000*1000+"$"+users.getValidataCode();     //數(shù)字簽名
    String digitalSignature = MD5.MD5Encode(key);
    System.out.println(key+"\t"+digitalSignature);
    if(!digitalSignature.equals(sid)) {
      msg = "鏈接不正確,是否已經(jīng)過期了?重新申請吧";
      model.addObject("msg",msg) ;
      logInfo(userName,"找回密碼鏈接失效");
      return model;
    }
    model.setViewName("user/reset_password"); //返回到修改密碼的界面
    model.addObject("userName",userName);
    return model;
  }

補充1：Timestamp類型對象在保存到數(shù)據(jù)的時候毫秒精度會丟失。比如:2013-10-08 10:29:10.234 存到mysql數(shù)據(jù)庫的時候變成 2013-10-08 10:29:10.0。時間變得不相同了,sid 匹配的時候不會相等。所以我做了忽略精度的操作。

補充2：解決linux下面title中文亂碼

sun.misc.BASE64Encoder enc = new sun.misc.BASE64Encoder();
mailMessage.setSubject(MimeUtility.encodeText(mailInfo.getSubject(), "UTF-8", "B")); //解決linux郵件title亂碼

補充3:怎么不直接把sid插入到user表呢。驗證的時候直接比較sid就ok了。

以上就是本文的全部內(nèi)容，希望對大家的學(xué)習(xí)有所幫助，也希望大家多多支持腳本之家。

您可能感興趣的文章: