From 83ade1d0d4be0bc474b17a0ce722873df940bbc2 Mon Sep 17 00:00:00 2001 From: Altair-Bueno <67512202+Altair-Bueno@users.noreply.github.com> Date: Thu, 26 May 2022 19:10:33 +0200 Subject: [PATCH] ref: changePassword.jsp now uses ChangePasswordDTO --- .../taw/ubayspring/controller/AuthController.java | 9 ++++++--- .../uma/taw/ubayspring/service/AuthService.java | 15 +++++++++------ 2 files changed, 15 insertions(+), 9 deletions(-) diff --git a/src/main/java/uma/taw/ubayspring/controller/AuthController.java b/src/main/java/uma/taw/ubayspring/controller/AuthController.java index 01ab26e..9ee1e14 100644 --- a/src/main/java/uma/taw/ubayspring/controller/AuthController.java +++ b/src/main/java/uma/taw/ubayspring/controller/AuthController.java @@ -4,7 +4,10 @@ import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.security.core.userdetails.User; import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.*; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.ModelAttribute; +import org.springframework.web.bind.annotation.PostMapping; +import org.springframework.web.bind.annotation.RequestMapping; import uma.taw.ubayspring.dto.auth.ChangePasswordDTO; import uma.taw.ubayspring.dto.auth.RegisterDTO; import uma.taw.ubayspring.dto.auth.ResetPasswordDTO; @@ -32,9 +35,9 @@ public ChangePasswordDTO getChangePassword() { } @PostMapping("/changePassword") - public String postChangePassword(@RequestParam String oldPassword, @RequestParam String password, @RequestParam String repeatPassword) throws AuthenticationException { + public String postChangePassword(@ModelAttribute ChangePasswordDTO changePasswordDTO) throws AuthenticationException { var user = ((User) SecurityContextHolder.getContext().getAuthentication().getPrincipal()); - service.changePassword(user, oldPassword, password, repeatPassword); + service.changePassword(user, changePasswordDTO); return "redirect:/"; } diff --git a/src/main/java/uma/taw/ubayspring/service/AuthService.java b/src/main/java/uma/taw/ubayspring/service/AuthService.java index 0814548..720287d 100644 --- a/src/main/java/uma/taw/ubayspring/service/AuthService.java +++ b/src/main/java/uma/taw/ubayspring/service/AuthService.java @@ -8,6 +8,7 @@ import org.springframework.security.core.userdetails.UsernameNotFoundException; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; +import uma.taw.ubayspring.dto.auth.ChangePasswordDTO; import uma.taw.ubayspring.dto.auth.RegisterDTO; import uma.taw.ubayspring.dto.auth.ResetPasswordDTO; import uma.taw.ubayspring.entity.ClientEntity; @@ -43,20 +44,22 @@ public class AuthService implements UserDetailsService { PasswordEncoder passwordEncoder; public void changePassword(@NonNull User user, - @NonNull String oldPassword, - @NonNull String newPassword, - @NonNull String repeatPassword + @NonNull ChangePasswordDTO changePasswordDTO ) throws AuthenticationException { - if (!repeatPassword.equals(newPassword)) + String password = changePasswordDTO.getPassword(); + String repeatPassword = changePasswordDTO.getRepeatPassword(); + String oldPassword = changePasswordDTO.getOldPassword(); + + if (!repeatPassword.equals(password)) throw new AuthenticationException("Passwords don't match"); - if (!newPassword.matches(AuthKeys.PASSWORD_REGEX)) + if (!password.matches(AuthKeys.PASSWORD_REGEX)) throw new AuthenticationException("Invalid password format"); LoginCredentialsEntity loginCredentials = getCredentialsEntity(user); String oldHash = loginCredentials.getPassword(); if (passwordEncoder.matches(oldPassword, oldHash)) { - var newHash = passwordEncoder.encode(newPassword); + var newHash = passwordEncoder.encode(password); loginCredentials.setPassword(newHash); loginCredentialsRepository.save(loginCredentials);