I'm working on a web app that involves a login procedure. More specifically, the procedure for resetting forgotten passwords. When a user goes to the Login.jsp page and has forgotten their password, they can click on the link that is labelled "Forgot Password?". When they click on the link, they are sent to another page where they enter their email address and click submit. The email address is sent via POST to a servlet that finds the record in the database that coincides with the email address and sets a TimeStamp field and another field that will contain a special String token. The servlet also sends an email to the user with instructions.
An additional thing I wanted the servlet to do is initialize a new Thread that performs a check in one hour by sending the following UPDATE query to the database:
UPDATE users SET pwd_reset_timestamp=null, pwd_special_token=null WHERE users.uid = 7 AND TIMESTAMPDIFF(MINUTE,pwd_reset_timestamp,NOW()) > 60;
The instructions sent to the user stipulate that they have one hour to return to the website and reset their password. If they fail to do so, the Thread will reset the timestamp and token fields back to null.
That is how I originally envisioned the procedure. But I'm wondering if creating a new Thread inside a servlet is a wise thing to do? Once the Servlet has completed, will the Thread still be alive to do its job in one hour? Is there a better mechanism available that can perform the task within the time frame specified?
Bear Bibeault wrote:I don't understand the need for the thread at all. Just timestamp the entry and if they try to access it more than hour after the timestamp, simply refuse to honor the process. There's really no need to actively run anything after the hour is up.
Good point Bear. I had stuck in my head the way that I generally approach this and it is with a ChangePasswordPending structure that I need to purge on some timed basis. But for the OP's problem, just checking the timestamp on request and denying the request then and doing cleanup would work great.