diff --git a/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManager.java b/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManager.java index a42faf2835a5..c7ec7f0c4881 100644 --- a/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManager.java +++ b/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManager.java @@ -65,6 +65,11 @@ public interface UserPasswordResetManager { "Password for SMTP server for sending emails for resetting password for ACS users", false, ConfigKey.Scope.Global); + ConfigKey UserPasswordResetDomainURL = new ConfigKey<>(ConfigKey.CATEGORY_ADVANCED, + String.class, "user.password.reset.mail.domain.url", null, + "Domain URL for reset password links sent to the user via email", true, + ConfigKey.Scope.Global); + void setResetTokenAndSend(UserAccount userAccount); boolean validateAndResetPassword(UserAccount user, String token, String password); diff --git a/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManagerImpl.java b/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManagerImpl.java index 6574489c827d..8a278f6e45d7 100644 --- a/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManagerImpl.java +++ b/server/src/main/java/org/apache/cloudstack/user/UserPasswordResetManagerImpl.java @@ -48,7 +48,6 @@ import java.util.Set; import java.util.UUID; -import static org.apache.cloudstack.config.ApiServiceConfiguration.ManagementServerAddresses; import static org.apache.cloudstack.resourcedetail.UserDetailVO.PasswordResetToken; import static org.apache.cloudstack.resourcedetail.UserDetailVO.PasswordResetTokenExpiryDate; @@ -69,7 +68,7 @@ public class UserPasswordResetManagerImpl extends ManagerBase implements UserPas new ConfigKey<>(ConfigKey.CATEGORY_ADVANCED, String.class, "user.password.reset.mail.template", "Hello {{username}}!\n" + "You have requested to reset your password. Please click the following link to reset your password:\n" + - "http://{{{resetLink}}}\n" + + "{{{domainUrl}}}{{{resetLink}}}\n" + "If you did not request a password reset, please ignore this email.\n" + "\n" + "Regards,\n" + @@ -95,6 +94,7 @@ public ConfigKey[] getConfigKeys() { UserPasswordResetSMTPUseAuth, UserPasswordResetSMTPUsername, UserPasswordResetSMTPPassword, + UserPasswordResetDomainURL, PasswordResetMailTemplate }; } @@ -173,9 +173,10 @@ public void setResetTokenAndSend(UserAccount userAccount) { final String email = userAccount.getEmail(); final String username = userAccount.getUsername(); final String subject = "Password Reset Request"; + final String domainUrl = UserPasswordResetDomainURL.value(); - String resetLink = String.format("%s/client/#/user/resetPassword?username=%s&token=%s", - ManagementServerAddresses.value().split(",")[0], username, resetToken); + String resetLink = String.format("/client/#/user/resetPassword?username=%s&token=%s", + username, resetToken); String content = getMessageBody(userAccount, resetToken, resetLink); SMTPMailProperties mailProperties = new SMTPMailProperties();