Continued a bit:

- introduced ifPasswordMatches (String, User) which checks the unencrypted (direct) password against user's password
- this can be used if no login container (only used for login step) is available (e.g. when the user changes password)

diff --git a/src/org/mxchange/jusercore/model/user/UserUtils.java b/src/org/mxchange/jusercore/model/user/UserUtils.java
index 2d663ab105214cf98be150acca7ee43e05398cac..ebd64ef717aa09205561cdcc94a39caeac37ad30 100644 (file)
--- a/src/org/mxchange/jusercore/model/user/UserUtils.java
+++ b/src/org/mxchange/jusercore/model/user/UserUtils.java
@@ -315,8 +315,33 @@ public class UserUtils implements Serializable {
                        throw new IllegalArgumentException("container.userPassword is empty"); //NOI18N
                }
 
+               // Call below method
+               return ifPasswordMatches(container.getUserPassword(), updatedUser);
+       }
+
+       /**
+        * Checks if direct password the updatedUser's password
+        * <p>
+        * @param unencryptedPassword Unencrypted (direct) password
+        * @param updatedUser Updated user instance from database
+        * <p>
+        * @return Whether the password matches
+        */
+       public static boolean ifPasswordMatches (final String unencryptedPassword, final User updatedUser) {
+               // Validate parameters
+               if (null == unencryptedPassword) {
+                       // Throw NPE
+                       throw new NullPointerException("unencryptedPassword is null"); //NOI18N
+               } else if (unencryptedPassword.isEmpty()) {
+                       // NPE for user in container
+                       throw new NullPointerException("unencryptedPassword is empty."); //NOI18N
+               } else if (null == updatedUser) {
+                       // And again NPE ...
+                       throw new NullPointerException("updatedUser is null"); //NOI18N
+               }
+
                // First encrypt password
-               String encryptedPassword = Crypt.crypt(container.getUserPassword(), updatedUser.getUserEncryptedPassword());
+               String encryptedPassword = Crypt.crypt(unencryptedPassword, updatedUser.getUserEncryptedPassword());
 
                // Is it matching?
                return encryptedPassword.equals(updatedUser.getUserEncryptedPassword());
@@ -345,11 +370,8 @@ public class UserUtils implements Serializable {
                        throw new IllegalArgumentException("container.userPassword is empty"); //NOI18N
                }
 
-               // First encrypt password
-               String encryptedPassword = Crypt.crypt(container.getUserPassword(), container.getUser().getUserEncryptedPassword());
-
-               // Is it matching?
-               return encryptedPassword.equals(container.getUser().getUserEncryptedPassword());
+               // Call other method
+               return ifPasswordMatches(container.getUserPassword(), container.getUser());
        }
 
        /**

diff --git a/src/org/mxchange/jusercore/model/user/password_history/UserPasswordHistory.java b/src/org/mxchange/jusercore/model/user/password_history/UserPasswordHistory.java
index d6b9c25237df7437ca980bbfc235b90204f7547f..270ac6d05825ab43801e19b1ddcc23e0eee950d1 100644 (file)
--- a/src/org/mxchange/jusercore/model/user/password_history/UserPasswordHistory.java
+++ b/src/org/mxchange/jusercore/model/user/password_history/UserPasswordHistory.java
@@ -47,7 +47,7 @@ import org.mxchange.jusercore.model.user.User;
 )
 @NamedQueries (
                {
-                       @NamedQuery (name = "AllUsersHistoryEntries", query = "SELECT h FROM user_password_history AS h WHERE h.userPasswordHistoryUser = :user ORDER BY h.userPasswordHistoryId ASC")
+                       @NamedQuery (name = "AllUsersHistoryEntries", query = "SELECT h FROM user_password_history AS h WHERE h.userPasswordHistoryUser = :user ORDER BY h.userPasswordHistoryId DESC")
                }
 )
 @SuppressWarnings ("PersistenceUnitPresent")