@startuml

skinparam ParticipantPadding 30

participant AuthenticationController << (C, #ADD1B2) @Controller >>
-> AuthenticationController: ""POST /api/2/auth/forgot.json"" \n//@RequestBody ForgotPasswordRequest forgotPasswordRequest// \n\n-> forgotPassword(//forgotPasswordRequest//)
activate AuthenticationController
participant AuthenticationService << (C, #ADD1B2) @Service >>
AuthenticationController -> AuthenticationService: forgotPassword(//forgotPasswordRequest//)
activate AuthenticationService
participant JavaMailSenderImpl << (C, #ADD1B2) >>
AuthenticationService -> JavaMailSenderImpl: create link to reset password with JWT as URL parameter \n-> send(SimpleMailMessage simpleMessage) with link
activate JavaMailSenderImpl
<<- JavaMailSenderImpl: sends email with link containing a JWT to reset password
JavaMailSenderImpl --> AuthenticationService
deactivate JavaMailSenderImpl
AuthenticationService --> AuthenticationController: int indicating status
deactivate AuthenticationService
<-- AuthenticationController: ResponseEntity<Integer> indicating status \n\n-> ""HTTP status code""
deactivate AuthenticationController
||60||
-> AuthenticationController: ""PUT /api/2/auth/{username}/resetpassword.json"" \n//@RequestParam String jwt// \n//@RequestBody ResetPasswordRequest resetPasswordRequest// \n\n-> login user (""username"") via JWT (//jwt//) \n-> resetPassword(""username"", //resetPasswordRequest//)
activate AuthenticationController
AuthenticationController -> AuthenticationService: resetPassword(""username"", //resetPasswordRequest//)
activate AuthenticationService
participant JdbcUserDetailsManager << (C, #ADD1B2) @Repository >>
AuthenticationService -> JdbcUserDetailsManager: String oldPassword = //resetPasswordRequest//.getOldPassword() \nString newPassword = //resetPasswordRequest//.getNewPassword() \n-> changePassword(newPassword, oldPassword)
activate JdbcUserDetailsManager
database Database
JdbcUserDetailsManager -> Database: change password of logged in user
activate Database
Database --> JdbcUserDetailsManager
deactivate Database
JdbcUserDetailsManager --> AuthenticationService: int indicating status
deactivate JdbcUserDetailsManager
AuthenticationService --> AuthenticationController: int indicating status
deactivate AuthenticationService
<-- AuthenticationController: ResponseEntity<Integer> indicating status \n\n-> ""HTTP status code""
deactivate AuthenticationController

@enduml