diff --git a/src/main/java/sk/kasv/lisivka/bootcamp/ChangingUserPassword.java b/src/main/java/sk/kasv/lisivka/bootcamp/ChangingUserPassword.java
new file mode 100644
index 0000000000000000000000000000000000000000..b94455e48d5099523b82c2646ac662f85b44b321
--- /dev/null
+++ b/src/main/java/sk/kasv/lisivka/bootcamp/ChangingUserPassword.java
@@ -0,0 +1,32 @@
+package sk.kasv.lisivka.bootcamp;
+
+import java.util.regex.Pattern;
+
+public class ChangingUserPassword {
+ public boolean isStrongPassword(String pass) {
+ if (pass == null || pass.isEmpty()) {
+ return false;
+ }
+
+ if (pass.length() < 8) {
+ return false;
+ }
+
+ if (!Pattern.compile("[a-z]").matcher(pass).find()) {
+ return false;
+ }
+
+ if (!Pattern.compile("[A-Z]").matcher(pass).find()) {
+ return false;
+ }
+
+ if (!Pattern.compile("[0-9]").matcher(pass).find()) {
+ return false;
+ }
+
+ if (!Pattern.compile("[^a-zA-Z0-9]").matcher(pass).find()) {
+ return false;
+ }
+ return true;
+ }
+}
\ No newline at end of file
diff --git a/src/main/java/sk/kasv/lisivka/bootcamp/JSON/JsonWriter.java b/src/main/java/sk/kasv/lisivka/bootcamp/JSON/JsonWriter.java
index e06012cb175ad5322f8eefe5e8b991e7e7cc9b88..6a9273e967e352a196e88552e7628bf4df1c9007 100644
--- a/src/main/java/sk/kasv/lisivka/bootcamp/JSON/JsonWriter.java
+++ b/src/main/java/sk/kasv/lisivka/bootcamp/JSON/JsonWriter.java
@@ -74,4 +74,28 @@ public class JsonWriter {
object.put("error", "wrong user id or new last name");
return object;
}
+
+ public static JSONObject wrongPassword() {
+ JSONObject object = new JSONObject();
+ object.put("error", "wrong old password");
+ return object;
+ }
+
+ public static JSONObject passwordsEqual() {
+ JSONObject object = new JSONObject();
+ object.put("error", "New password is equal as old password");
+ return object;
+ }
+
+ public static JSONObject weakPassword() {
+ JSONObject object = new JSONObject();
+ object.put("error", "weak password (Password has to be at least 8 characters long, contain one capital letter, one small letter, one number and one special character)");
+ return object;
+ }
+
+ public static JSONObject wrongUsername() {
+ JSONObject object = new JSONObject();
+ object.put("error", "wrong username");
+ return object;
+ }
}
\ No newline at end of file
diff --git a/src/main/java/sk/kasv/lisivka/bootcamp/controller/test/MainController.java b/src/main/java/sk/kasv/lisivka/bootcamp/controller/test/MainController.java
index b8af6bdb8ff185ff1a2c791b20f6820086f5cf9d..28739c032518d2fa7a43864299d7c01bc0d6e35a 100644
--- a/src/main/java/sk/kasv/lisivka/bootcamp/controller/test/MainController.java
+++ b/src/main/java/sk/kasv/lisivka/bootcamp/controller/test/MainController.java
@@ -1,17 +1,22 @@
package sk.kasv.lisivka.bootcamp.controller.test;
import com.fasterxml.jackson.core.JsonProcessingException;
+import jakarta.websocket.server.PathParam;
+import net.minidev.json.JSONObject;
import org.springframework.http.HttpHeaders;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
+import sk.kasv.lisivka.bootcamp.ChangingUserPassword;
import sk.kasv.lisivka.bootcamp.JSON.JsonWriter;
import sk.kasv.lisivka.bootcamp.Tokens;
import sk.kasv.lisivka.bootcamp.database.MariaDB;
+import sk.kasv.lisivka.bootcamp.model.ChangePasswordModel;
import sk.kasv.lisivka.bootcamp.model.LoginData;
import sk.kasv.lisivka.bootcamp.model.NewStudentModel;
import java.sql.SQLException;
+import java.util.Objects;
@RestController
public class MainController {
@@ -59,7 +64,7 @@ public class MainController {
}
@PostMapping(value = "/user/new")
- public ResponseEntity<?> newUser(@RequestBody NewStudentModel newStudentModel) throws SQLException {
+ public ResponseEntity<JSONObject> newUser(@RequestBody NewStudentModel newStudentModel) throws SQLException {
if (toker.isTokenValid(newStudentModel.getToken())) {
boolean createdStudent = mariaDB.InsertStudent(newStudentModel.getFirstName(), newStudentModel.getLastName(), newStudentModel.getDateOfBirth());
if (createdStudent) {
@@ -75,7 +80,7 @@ public class MainController {
}
@DeleteMapping(value = "/user/delete/{id}")
- public ResponseEntity<?> deleteUser(@PathVariable int id, @RequestBody LoginData loginData) {
+ public ResponseEntity<JSONObject> deleteUser(@PathVariable int id, @RequestBody LoginData loginData) {
if (toker.isTokenValid(loginData.getToken())) {
try {
boolean deletedStudent = mariaDB.DeleteStudent(id);
@@ -96,7 +101,7 @@ public class MainController {
}
@PutMapping(value = "/user/update/{id}")
- public ResponseEntity<?> updateUser(@PathVariable int id, @RequestBody NewStudentModel newStudentModel) {
+ public ResponseEntity<JSONObject> updateUser(@PathVariable int id, @RequestBody NewStudentModel newStudentModel) {
if (newStudentModel.getToken() == null) {
return ResponseEntity.status(400).body(JsonWriter.missingToken());
}
@@ -118,4 +123,37 @@ public class MainController {
return ResponseEntity.status(401).body(JsonWriter.wrongToken());
}
}
+
+ @PutMapping(value = "/admin/password?username")
+ public ResponseEntity<JSONObject> changeUserPassword(@RequestParam("username") String username, ChangePasswordModel changePasswordModel) throws SQLException {
+ LoginData loginData = new LoginData();
+ ChangingUserPassword changingUserPassword = new ChangingUserPassword();
+ AuthenticationAPI authenticationAPI = new AuthenticationAPI();
+ if (changePasswordModel.getNew_password() == null || changePasswordModel.getOld_password() == null) {
+ return ResponseEntity.status(400).body(JsonWriter.wrongInputData());
+ }
+ if (!toker.isTokenValid(changePasswordModel.getToken())) {
+ return ResponseEntity.status(401).body(JsonWriter.wrongToken());
+ }
+ if (!Objects.equals(changePasswordModel.getOld_password(), loginData.getPassword())) {
+ return ResponseEntity.status(401).body(JsonWriter.wrongPassword());
+ }
+ if (toker.isTokenValid(changePasswordModel.getToken()) && changePasswordModel.getOld_password().equals(loginData.getPassword()) && username.equals(loginData.getUserName())) {
+ if (changePasswordModel.getOld_password().equals(changePasswordModel.getNew_password())) {
+ return ResponseEntity.status(400).body(JsonWriter.passwordsEqual());
+ }
+ if (changingUserPassword.isStrongPassword(changePasswordModel.getNew_password())) {
+ boolean changePassword = mariaDB.UpdateUser(changePasswordModel.getNew_password(), username);
+ if (changePassword) {
+ authenticationAPI.logout(loginData);
+ return ResponseEntity.ok().body(JsonWriter.emptyJson());
+ } else {
+ return ResponseEntity.status(400).body(JsonWriter.wrongUsername());
+ }
+ } else {
+ return ResponseEntity.status(400).body(JsonWriter.weakPassword());
+ }
+ }
+ return null;
+ }
}
\ No newline at end of file
diff --git a/src/main/java/sk/kasv/lisivka/bootcamp/database/MariaDB.java b/src/main/java/sk/kasv/lisivka/bootcamp/database/MariaDB.java
index 701dea3ed83b52ca43965ff80ac6efa639e1f9fc..3e3919efc8c5fd8386d650c7de9882ae8837ef0b 100644
--- a/src/main/java/sk/kasv/lisivka/bootcamp/database/MariaDB.java
+++ b/src/main/java/sk/kasv/lisivka/bootcamp/database/MariaDB.java
@@ -21,6 +21,7 @@ public class MariaDB {
private static final String DELETE_STUDENT = "DELETE FROM students WHERE id = ?";
private static final String INSERT_STUDENT = "INSERT INTO students (first_name, last_name, dob) VALUES (?, ?, ?)";
private static final String UPDATE_STUDENT = "UPDATE students SET last_name = ? WHERE id = ?";
+ private static final String UPDATE_USER = "UPDATE users SET password = ? WHERE username = ?";
public static void main(String[] args) {
try {
@@ -211,4 +212,16 @@ public class MariaDB {
}
return result != 0;
}
+
+ public boolean UpdateUser(String password, String username) throws SQLException {
+ Connection connection = connection();
+ int result = 0;
+ PreparedStatement preparedStatement = connection.prepareStatement(UPDATE_USER);
+ preparedStatement.setString(1, password);
+ preparedStatement.setString(2, username);
+ result = preparedStatement.executeUpdate();
+ System.out.println("Update user result:" + result);
+ connection.close();
+ return result != 0;
+ }
}
\ No newline at end of file
diff --git a/src/main/java/sk/kasv/lisivka/bootcamp/model/ChangePasswordModel.java b/src/main/java/sk/kasv/lisivka/bootcamp/model/ChangePasswordModel.java
new file mode 100644
index 0000000000000000000000000000000000000000..979f9e3fe5fa61f441b1c0d614e6a81db3b2a72b
--- /dev/null
+++ b/src/main/java/sk/kasv/lisivka/bootcamp/model/ChangePasswordModel.java
@@ -0,0 +1,19 @@
+package sk.kasv.lisivka.bootcamp.model;
+
+public class ChangePasswordModel {
+ String old_password;
+ String new_password;
+ String token;
+
+ public String getOld_password() {
+ return old_password;
+ }
+
+ public String getNew_password() {
+ return new_password;
+ }
+
+ public String getToken() {
+ return token;
+ }
+}
\ No newline at end of file