March 30, 2020
Estimated Post Reading Time ~

Reset Password using AccountManagementService API in AEM 6.2 - Part2

In our previous User Creation using AccountManagementService API blog we have learned how to create the aem user account? Here, we will discuss resetting the password.

To achieve the same we have to use requestPasswordReset() method of AccountManagementService API.

Explanation of requestPasswordReset() method of
AccountManagementService API

Fig- requestPasswordReset() Method
Below are the parameters of requestPasswordReset() method in detail:
userId: UserId, for which you are changing the password.
requestUrl: From this parameter, API will get the host and port. This host and port used to create confirmation page url, which is send to user in mail for request for password. Example: http://localhost:4502
configPath: It is a path of the node(e.g., “/content/resetPasswordProperties”) type of nt:unstructured, where only one property is needed.

a) confirmationPage: This confirmationPage link will be sent in password reset request mail, On click which, user will be redirected to the page having reset password form.
Note: This field is mandatory.

Fig- config path node with its properties

Functionality of requestPasswordReset() method

Fig- Functionality of requestPasswordReset() method

Steps to follow:
User has to fill the Reset Password Form and submit the request.

Fig - Reset Password Form

This Request received by the servlet and the servlet calls the requestPasswordReset() method of AccountManagementService API.

package com.aem.sgaem.project.servlets;

import com.adobe.cq.account.api.AccountManagementService;
import java.io.IOException;
import javax.jcr.RepositoryException;
import org.apache.felix.scr.annotations.Reference;
import org.apache.felix.scr.annotations.sling.SlingServlet;
import org.apache.sling.api.SlingHttpServletRequest;
import org.apache.sling.api.SlingHttpServletResponse;
import org.apache.sling.api.servlets.SlingAllMethodsServlet;

@SlingServlet(paths = "/bin/requestPassword")
public class RequestPassword extends SlingAllMethodsServlet {

@Reference
private AccountManagementService accountManagementService;

@Override
protected void doPost(SlingHttpServletRequest request, SlingHttpServletResponse response) {
try {

String userId = request.getParameter("userId");
accountManagementService
.requestPasswordReset(userId, "http://localhost:4502",
"/content/resetPasswordProperties");
response.getWriter().print("Your request for change password is sent to your mail id");
} catch (RepositoryException e) {
e.getStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}

After submission of the form, "Request to change password" mail will be sent to the user.

Fig - Email for send the request to change password

User have to click “request to change password” link from email, and it will redirect user to change password form.

Fig - Change Password Form

This "change password" form is nothing but a “newPassword” component which is having newPassword.html and POST.html.
newPassword.html

<form action="${resource.path}.html" method="post">
<ul class="form-style-1">
<h1>Change Password</h1>
<li>
<label>New Password <span class="required">*</span></label>
<input type="password" name="passwordreset"/>
</li>
<li>
<label>Confirm Password <span class="required">*</span></label>
<input type="password" name="passwordreset_confirm"/>
</li>
<input name="ky" value="${request.requestParameterMap['ky'][0].toString}" type="hidden"/>
<li>
<input id="submit" type="submit" value="Submit"/>
</li>
</ul>
</form>

Note: The above html contains a hidden field having a value of “ky” token.

Post.html
<sly data-sly-include="/libs/foundation/components/account/requestconfirmation/requestconfirmation.jsp" />

Note: Above post.html will execute on newPassword form submission as it is defined in the action of form, which includes the requestconfirmation.jsp. requestconfirmation.jsp will help to reset the password.
After submitting the Change Password form, A post request goes to the server. and Post.html will execute to change the password
After that user will get a confirmation email for password change.

Fig- Email for Password changed


By aem4beginner

No comments:

Post a Comment

If you have any doubts or questions, please let us know.