javier/Stirling-PDF
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Enforcing Username Uniqueness (#906)

Browse Source 
* Enforcing Username Uniqueness

Changes in UserService.java:

Added a new method findByUsername to allow searching for usernames regardless of case sensitivity.
Added a new method isUsernameValid to validate the username.
Changes in UserController.java:

Updated the changeUsername method to ensure the new username is valid before changing it.
Updated the editUser method to ensure the new username is unique and valid.
Changes in UserRepository.java:

Added a custom JPQL query to search for usernames regardless of case sensitivity.
Changes in HTML templates (account.html and addUsers.html):

Error messages are displayed if a username is invalid or already exists.

* JPAs auto
This commit is contained in:
Ludy
2024-03-13 23:09:16 +01:00
committed by GitHub
parent ae73595335
commit 9cc7a49d12
32 changed files with 96 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/java/stirling/software/SPDF/config/security/UserService.java
View File

@@ -176,6 +176,10 @@ public class UserService implements UserServiceInterface {
return userRepository.findByUsername(username);
}
public Optional<User> findByUsernameIgnoreCase(String username) {
return userRepository.findByUsernameIgnoreCase(username);
}
public void changeUsername(User user, String newUsername) {
user.setUsername(newUsername);
userRepository.save(user);
@@ -194,4 +198,8 @@ public class UserService implements UserServiceInterface {
public boolean isPasswordCorrect(User user, String currentPassword) {
return passwordEncoder.matches(currentPassword, user.getPassword());
}
public boolean isUsernameValid(String username) {
return username.matches("[a-zA-Z0-9]+");
}
}

23
src/main/java/stirling/software/SPDF/controller/api/UserController.java
View File

@@ -61,11 +61,16 @@ public class UserController {
HttpServletRequest request,
HttpServletResponse response,
RedirectAttributes redirectAttributes) {
if (!userService.isUsernameValid(newUsername)) {
return new RedirectView("/account?messageType=invalidUsername");
}
if (principal == null) {
return new RedirectView("/account?messageType=notAuthenticated");
}
Optional<User> userOpt = userService.findByUsername(principal.getName());
Optional<User> userOpt = userService.findByUsernameIgnoreCase(principal.getName());
if (userOpt == null || userOpt.isEmpty()) {
return new RedirectView("/account?messageType=userNotFound");
@@ -73,6 +78,10 @@ public class UserController {
User user = userOpt.get();
if (user.getUsername().equals(newUsername)) {
return new RedirectView("/account?messageType=usernameExists");
}
if (!userService.isPasswordCorrect(user, currentPassword)) {
return new RedirectView("/account?messageType=incorrectPassword");
}
@@ -186,6 +195,18 @@ public class UserController {
@RequestParam(name = "forceChange", required = false, defaultValue = "false")
boolean forceChange) {
if (!userService.isUsernameValid(username)) {
return new RedirectView("/addUsers?messageType=invalidUsername");
}
Optional<User> userOpt = userService.findByUsernameIgnoreCase(username);
if (userOpt.isPresent()) {
User user = userOpt.get();
if (user != null && user.getUsername().equalsIgnoreCase(username)) {
return new RedirectView("/addUsers?messageType=usernameExists");
}
}
if (userService.usernameExists(username)) {
return new RedirectView("/addUsers?messageType=usernameExists");
}

4
src/main/java/stirling/software/SPDF/repository/UserRepository.java
View File

@@ -3,10 +3,14 @@ package stirling.software.SPDF.repository;
import java.util.Optional;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.query.Param;
import stirling.software.SPDF.model.User;
public interface UserRepository extends JpaRepository<User, String> {
Optional<User> findByUsernameIgnoreCase(String username);
Optional<User> findByUsername(String username);
User findByApiKey(String apiKey);