diff --git a/src/main/java/de/thm/arsnova/service/UserServiceImpl.java b/src/main/java/de/thm/arsnova/service/UserServiceImpl.java
index 10802621170b17221dd445f9933941877c717dd9..29f729b41d90f0e4b2e0bdf6ce8d62849f558cfd 100644
--- a/src/main/java/de/thm/arsnova/service/UserServiceImpl.java
+++ b/src/main/java/de/thm/arsnova/service/UserServiceImpl.java
@@ -438,7 +438,7 @@ public class UserServiceImpl extends DefaultEntityServiceImpl<UserProfile> imple
userProfile.setAuthProvider(UserProfile.AuthProvider.ARSNOVA);
userProfile.setLoginId(lcUsername);
account.setPassword(encodePassword(password));
- account.setActivationKey(RandomStringUtils.randomAlphanumeric(32));
+ account.setActivationKey(RandomStringUtils.randomAlphanumeric(8));
userProfile.setCreationTimestamp(new Date());
/* Repository is accessed directly without EntityService to skip permission check */
@@ -462,15 +462,9 @@ public class UserServiceImpl extends DefaultEntityServiceImpl<UserProfile> imple
private void sendActivationEmail(final UserProfile userProfile) {
final String activationKey = userProfile.getAccount().getActivationKey();
- final String activationUrl = MessageFormat.format(
- "{0}{1}/login?action=activate&username={3}&key={4}",
- rootUrl,
- customizationPath,
- UriUtils.encodeQueryParam(userProfile.getLoginId(), "UTF-8"),
- activationKey);
sendEmail(userProfile, registeredProperties.getRegistrationMailSubject(),
- MessageFormat.format(registeredProperties.getRegistrationMailBody(), activationUrl, activationKey));
+ MessageFormat.format(registeredProperties.getRegistrationMailBody(), activationKey, rootUrl));
}
private void parseMailAddressPattern() {
@@ -563,27 +557,15 @@ public class UserServiceImpl extends DefaultEntityServiceImpl<UserProfile> imple
throw new BadRequestException();
}
- account.setPasswordResetKey(RandomStringUtils.randomAlphanumeric(32));
+ account.setPasswordResetKey(RandomStringUtils.randomAlphanumeric(8));
account.setPasswordResetTime(new Date());
if (null == userRepository.save(userProfile)) {
logger.error("Password reset failed. {} could not be updated.", username);
}
- final String resetPasswordUrl = MessageFormat.format(
- "{0}{1}/login?action=resetpassword&username={3}&key={4}",
- rootUrl,
- customizationPath,
- UriUtils.encodeQueryParam(userProfile.getLoginId(), "UTF-8"), account.getPasswordResetKey());
-
- final String mailBody = MessageFormat.format(
- registeredProperties.getResetPasswordMailBody(),
- resetPasswordUrl,
- account.getPasswordResetKey()
- );
-
- sendEmail(userProfile, registeredProperties.getResetPasswordMailSubject(),
- MessageFormat.format(mailBody, resetPasswordUrl));
+ sendEmail(userProfile, registeredProperties.getResetPasswordMailSubject(), MessageFormat.format(
+ registeredProperties.getResetPasswordMailBody(), account.getPasswordResetKey(), rootUrl));
}
@Override
diff --git a/src/main/resources/config/defaults.yml b/src/main/resources/config/defaults.yml
index 0209418cfac7056ea479ad07a9048c920f797eb4..80c46a9cf875d1152e861643150e2059f3387360 100644
--- a/src/main/resources/config/defaults.yml
+++ b/src/main/resources/config/defaults.yml
@@ -107,16 +107,20 @@ arsnova:
registration-mail-body: |-
Welcome to ARSnova!
- Please confirm your registration by visiting the following web address:
- {0}
+ Here is the activation code you need for your first login to ARSnova:
- Afterwards, you can log into ARSnova with your e-mail address and password.
+ {0}
+
+ {1}
reset-password-mail-subject: ARSnova Password Reset
reset-password-mail-body: |-
You requested to reset your password.
- Please follow the link below to set a new password:
- {0}
+ Here is the confirmation code you need to set a new password:
+
+ {0}
+
+ {1}
# LDAP authentication
#