This is an automated email from the ASF dual-hosted git repository.
dahn pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to refs/heads/main by this push:
new 9184170b01d Remove Domain/IP from Password Reset Link to custom Global
Setting (#11379)
9184170b01d is described below
commit 9184170b01d65c1823c8ec231bfc5337d96d8563
Author: Davi Torres <[email protected]>
AuthorDate: Sun Aug 31 05:22:33 2025 -0400
Remove Domain/IP from Password Reset Link to custom Global Setting (#11379)
Co-authored-by: Davi Torres <[email protected]>
Co-authored-by: Suresh Kumar Anaparti <[email protected]>
---
.../org/apache/cloudstack/user/UserPasswordResetManager.java | 5 +++++
.../org/apache/cloudstack/user/UserPasswordResetManagerImpl.java | 9 +++++----
2 files changed, 10 insertions(+), 4 deletions(-)
diff --git
a/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManager.java
b/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManager.java
index a42faf2835a..c7ec7f0c488 100644
---
a/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManager.java
+++
b/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManager.java
@@ -65,6 +65,11 @@ public interface UserPasswordResetManager {
"Password for SMTP server for sending emails for resetting
password for ACS users",
false, ConfigKey.Scope.Global);
+ ConfigKey<String> UserPasswordResetDomainURL = new
ConfigKey<>(ConfigKey.CATEGORY_ADVANCED,
+ String.class, "user.password.reset.mail.domain.url", null,
+ "Domain URL for reset password links sent to the user via email",
true,
+ ConfigKey.Scope.Global);
+
void setResetTokenAndSend(UserAccount userAccount);
boolean validateAndResetPassword(UserAccount user, String token, String
password);
diff --git
a/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManagerImpl.java
b/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManagerImpl.java
index 6574489c827..8a278f6e45d 100644
---
a/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManagerImpl.java
+++
b/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManagerImpl.java
@@ -48,7 +48,6 @@ import java.util.Map;
import java.util.Set;
import java.util.UUID;
-import static
org.apache.cloudstack.config.ApiServiceConfiguration.ManagementServerAddresses;
import static
org.apache.cloudstack.resourcedetail.UserDetailVO.PasswordResetToken;
import static
org.apache.cloudstack.resourcedetail.UserDetailVO.PasswordResetTokenExpiryDate;
@@ -69,7 +68,7 @@ public class UserPasswordResetManagerImpl extends ManagerBase
implements UserPas
new ConfigKey<>(ConfigKey.CATEGORY_ADVANCED, String.class,
"user.password.reset.mail.template", "Hello {{username}}!\n" +
"You have requested to reset your password. Please click the
following link to reset your password:\n" +
- "http://{{{resetLink}}}\n"; +
+ "{{{domainUrl}}}{{{resetLink}}}\n" +
"If you did not request a password reset, please ignore this
email.\n" +
"\n" +
"Regards,\n" +
@@ -95,6 +94,7 @@ public class UserPasswordResetManagerImpl extends ManagerBase
implements UserPas
UserPasswordResetSMTPUseAuth,
UserPasswordResetSMTPUsername,
UserPasswordResetSMTPPassword,
+ UserPasswordResetDomainURL,
PasswordResetMailTemplate
};
}
@@ -173,9 +173,10 @@ public class UserPasswordResetManagerImpl extends
ManagerBase implements UserPas
final String email = userAccount.getEmail();
final String username = userAccount.getUsername();
final String subject = "Password Reset Request";
+ final String domainUrl = UserPasswordResetDomainURL.value();
- String resetLink =
String.format("%s/client/#/user/resetPassword?username=%s&token=%s",
- ManagementServerAddresses.value().split(",")[0], username,
resetToken);
+ String resetLink =
String.format("/client/#/user/resetPassword?username=%s&token=%s",
+ username, resetToken);
String content = getMessageBody(userAccount, resetToken, resetLink);
SMTPMailProperties mailProperties = new SMTPMailProperties();
