Simplify account mails and fix placeholders

The account activation and reset mail now only contain the code. String
placeholders are numbered correctly again. The activation and reset
keys' length has been reduced to 8 characters.

Fixes #47.

src/main/java/de/thm/arsnova/service/UserServiceImpl.java

@@ -438,7 +438,7 @@ public class UserServiceImpl extends DefaultEntityServiceImpl<UserProfile> imple
 		userProfile.setAuthProvider(UserProfile.AuthProvider.ARSNOVA);
 		userProfile.setLoginId(lcUsername);
 		account.setPassword(encodePassword(password));
-		account.setActivationKey(RandomStringUtils.randomAlphanumeric(32));
+		account.setActivationKey(RandomStringUtils.randomAlphanumeric(8));
 		userProfile.setCreationTimestamp(new Date());
 
 		/* Repository is accessed directly without EntityService to skip permission check */
@@ -462,15 +462,9 @@ public class UserServiceImpl extends DefaultEntityServiceImpl<UserProfile> imple
 
 	private void sendActivationEmail(final UserProfile userProfile) {
 		final String activationKey = userProfile.getAccount().getActivationKey();
-		final String activationUrl = MessageFormat.format(
-				"{0}{1}/login?action=activate&username={3}&key={4}",
-				rootUrl,
-				customizationPath,
-				UriUtils.encodeQueryParam(userProfile.getLoginId(), "UTF-8"),
-				activationKey);
 
 		sendEmail(userProfile, registeredProperties.getRegistrationMailSubject(),
-				MessageFormat.format(registeredProperties.getRegistrationMailBody(), activationUrl, activationKey));
+				MessageFormat.format(registeredProperties.getRegistrationMailBody(), activationKey, rootUrl));
 	}
 
 	private void parseMailAddressPattern() {
@@ -563,27 +557,15 @@ public class UserServiceImpl extends DefaultEntityServiceImpl<UserProfile> imple
 			throw new BadRequestException();
 		}
 
-		account.setPasswordResetKey(RandomStringUtils.randomAlphanumeric(32));
+		account.setPasswordResetKey(RandomStringUtils.randomAlphanumeric(8));
 		account.setPasswordResetTime(new Date());
 
 		if (null == userRepository.save(userProfile)) {
 			logger.error("Password reset failed. {} could not be updated.", username);
 		}
 
-		final String resetPasswordUrl = MessageFormat.format(
-				"{0}{1}/login?action=resetpassword&username={3}&key={4}",
-				rootUrl,
-				customizationPath,
-				UriUtils.encodeQueryParam(userProfile.getLoginId(), "UTF-8"), account.getPasswordResetKey());
-
-		final String mailBody = MessageFormat.format(
-				registeredProperties.getResetPasswordMailBody(),
-				resetPasswordUrl,
-				account.getPasswordResetKey()
-		);
-
-		sendEmail(userProfile, registeredProperties.getResetPasswordMailSubject(),
-				MessageFormat.format(mailBody, resetPasswordUrl));
+		sendEmail(userProfile, registeredProperties.getResetPasswordMailSubject(), MessageFormat.format(
+				registeredProperties.getResetPasswordMailBody(), account.getPasswordResetKey(), rootUrl));
 	}
 
 	@Override

src/main/resources/config/defaults.yml

@@ -107,16 +107,20 @@ arsnova:
         registration-mail-body: |-
           Welcome to ARSnova!
 
-          Please confirm your registration by visiting the following web address:
-          {0}
+          Here is the activation code you need for your first login to ARSnova:
 
-          Afterwards, you can log into ARSnova with your e-mail address and password.
+              {0}
+
+          {1}
         reset-password-mail-subject: ARSnova Password Reset
         reset-password-mail-body: |-
           You requested to reset your password.
 
-          Please follow the link below to set a new password:
-          {0}
+          Here is the confirmation code you need to set a new password:
+
+              {0}
+
+          {1}
 
       # LDAP authentication
       #