Recently a new servlet was implemented on the SUSI Server about changing the password of the logged in user. This feature comes in handy to avoid unauthorized usage of the SUSI Account. Almost all the online platforms have this feature to change the password to avoid notorious user to unethical use someone else’s account. In SUSI Android app this new API was used with a nice UI to change the password of the user. The process is very simple and easy to grasp. This blog will try to cover the API information and implementation of the Change Password feature in the android client.
API Information
For changing the password of SUSI Account of the user, we have to call on /aaa/changepassword.json
We have to provide three parameters along with this api call:
- changepassword: Email of user (type string) using which user is logged in.
- password: Old password (type string with min length of 6) of the user.
- newpassword: New password (type string with min length of 6) of the user.
- access_token: An encrypted access_token indicating user is logged in.
Sample Response (Success)
{ "session": {"identity": { "type": "email", "name": "YOUR_EMAIL_ADDRESS", "anonymous": false }}, "accepted": true, "message": "Your password has been changed!" }
Error Response (Failure). This happens when user is not logged in:
HTTP ERROR 401 Problem accessing /aaa/changepassword.json. Reason: Base user role not sufficient. Your base user role is 'ANONYMOUS', your user role is 'anonymous'
Implementation in SUSI Android App
The change password option is located in Settings Activity and displayed only when user is logged in. So, if a logged in user wants to change the password of his/her SUSI AI account, he/she can simply go to the Settings and click on the option. Clicking on the options open up a dialog box with 3 input layouts for:
- Current Password
- New Password
- Confirm New Password
So, user can simply add these three inputs and click “Ok”. This will change the password of their account. Let’s see some code explanation.
- When user clicks on the “reset password” option from the settings, the showResetPasswordAlert() method is called which displays the dialog. And when user clicks on the “OK” button the resetPassword method() in the presenter is called passing input from the three input layout as parameters.
settingsPresenter.resetPassword(password.editText?.text.toString(), newPassword.editText?.text.toString(), conPassword.editText?.text.toString())
fun showResetPasswordAlert() { val builder = AlertDialog.Builder(activity) val resetPasswordView = activity.layoutInflater.inflate(R.layout.alert_reset_password, null) password = resetPasswordView.findViewById(R.id.password) as TextInputLayout newPassword = resetPasswordView.findViewById(R.id.newpassword) as TextInputLayout conPassword = resetPasswordView.findViewById(R.id.confirmpassword) as TextInputLayout builder.setView(resetPasswordView) builder.setTitle(Constant.CHANGE_PASSWORD) .setCancelable(false) .setNegativeButton(Constant.CANCEL, null) .setPositiveButton(getString(R.string.ok), null) resetPasswordAlert = builder.create() resetPasswordAlert.show() setupPasswordWatcher() resetPasswordAlert.getButton(AlertDialog.BUTTON_POSITIVE)?.setOnClickListener { settingsPresenter.resetPassword(password.editText?.text.toString(), newPassword.editText?.text.toString(), conPassword.editText?.text.toString()) } }
- In the resetPassword method, all details about the passwords are checked like:
- If passwords are not empty.
- If passwords’ lengths are greater than 6.
- If new password and confirmation new password matches
When all the conditions are satisfied and all the inputs are valid, resetPassword() in model is called which makes network call to change password of the user.
settingModel.resetPassword(password,newPassword,this)
override fun resetPassword(password: String, newPassword: String, conPassword: String) { if (password.isEmpty()) { settingView?.invalidCredentials(true, Constant.PASSWORD) return } if (newPassword.isEmpty()) { settingView?.invalidCredentials(true, Constant.NEW_PASSWORD) return } if (conPassword.isEmpty()) { settingView?.invalidCredentials(true, Constant.CONFIRM_PASSWORD) return } if (!CredentialHelper.isPasswordValid(newPassword)) { settingView?.passwordInvalid(Constant.NEW_PASSWORD) return } if (newPassword != conPassword) { settingView?.invalidCredentials(false, Constant.NEW_PASSWORD) return } settingModel.resetPassword(password,newPassword,this) }
Summary
So, this blog talked about how the Change Password feature is implemented in SUSI Android App. This included how a network call is made, logic for making network, information about API, making dialogs with custom UI, etc. So, If you are looking forward to contribute to SUSI Android App, this can help you a little. But if not so, this may also help you in understanding and how you can implement a dialog box with custom UI.
References
- To know about servlets https://en.wikipedia.org/wiki/Java_servlet
- To see how to implement one https://www.javatpoint.com/servlet-tutorial
- To see how to make network calls in android using Retrofit https://guides.codepath.com/android/Consuming-APIs-with-Retrofit
- Official docs for displaying dialog https://developer.android.com/guide/topics/ui/dialogs.html
- Implementing dialog boxes with custom UI https://stackoverflow.com/questions/13341560/how-to-create-a-custom-dialog-box-in-android
- Pull Request for API reference: https://github.com/fossasia/susi_server/pull/352