package com.openkm.servlet;

import com.openkm.core.DatabaseException;
import com.openkm.dao.AuthDAO;
import com.openkm.dao.bean.User;
import com.openkm.util.MailUtils;
import com.openkm.util.WebUtils;
import java.io.IOException;
import javax.mail.MessagingException;
import javax.servlet.ServletContext;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang.RandomStringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:com/openkm/servlet/PasswordResetServlet.class */
public class PasswordResetServlet extends HttpServlet {
    private static Logger log = LoggerFactory.getLogger(PasswordResetServlet.class);
    private static final long serialVersionUID = 1;

    public void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        ServletContext servletContext = getServletContext();
        servletContext.removeAttribute("forgot");
        servletContext.removeAttribute("failed");
        httpServletResponse.sendRedirect("login.jsp");
    }

    public void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
        String string = WebUtils.getString(httpServletRequest, "username");
        ServletContext servletContext = getServletContext();
        User user = null;
        try {
            user = AuthDAO.findUserByPk(string);
        } catch (DatabaseException e) {
            log.error(getServletName() + " User '" + string + "' not found");
        }
        if (user == null) {
            servletContext.setAttribute("resetFailed", "Invalid user name provided");
            servletContext.getRequestDispatcher("/password_reset.jsp").forward(httpServletRequest, httpServletResponse);
            return;
        }
        try {
            String randomAlphanumeric = RandomStringUtils.randomAlphanumeric(8);
            AuthDAO.updateUserPassword(string, randomAlphanumeric);
            MailUtils.sendMessage(user.getEmail(), user.getEmail(), "Password reset", "Your new password is: " + randomAlphanumeric + "<br/>To change it log in and then go to 'Tools' > 'Preferences' > 'User Configuration'.");
            servletContext.setAttribute("resetOk", user.getEmail());
            httpServletResponse.sendRedirect("password_reset.jsp");
        } catch (DatabaseException e2) {
            log.error(e2.getMessage(), e2);
            servletContext.setAttribute("resetFailed", "Failed reset the user password");
            httpServletResponse.sendRedirect("password_reset.jsp");
        } catch (MessagingException e3) {
            log.error(e3.getMessage(), e3);
            servletContext.setAttribute("resetFailed", "Failed to send the new password by email");
            httpServletResponse.sendRedirect("password_reset.jsp");
        }
    }
}
