From: Roland Häder Date: Wed, 3 Aug 2016 11:03:59 +0000 (+0200) Subject: Continued a bit: X-Git-Url: https://git.mxchange.org/?a=commitdiff_plain;h=67350e02b67463ebbb9505ba83d43e47bfdbd1e7;p=juser-login-core.git Continued a bit: - introduced ifPasswordMatches (String, User) which checks the unencrypted (direct) password against user's password - this can be used if no login container (only used for login step) is available (e.g. when the user changes password) --- diff --git a/src/org/mxchange/jusercore/model/user/UserUtils.java b/src/org/mxchange/jusercore/model/user/UserUtils.java index 2d663ab..ebd64ef 100644 --- a/src/org/mxchange/jusercore/model/user/UserUtils.java +++ b/src/org/mxchange/jusercore/model/user/UserUtils.java @@ -315,8 +315,33 @@ public class UserUtils implements Serializable { throw new IllegalArgumentException("container.userPassword is empty"); //NOI18N } + // Call below method + return ifPasswordMatches(container.getUserPassword(), updatedUser); + } + + /** + * Checks if direct password the updatedUser's password + *

+ * @param unencryptedPassword Unencrypted (direct) password + * @param updatedUser Updated user instance from database + *

+ * @return Whether the password matches + */ + public static boolean ifPasswordMatches (final String unencryptedPassword, final User updatedUser) { + // Validate parameters + if (null == unencryptedPassword) { + // Throw NPE + throw new NullPointerException("unencryptedPassword is null"); //NOI18N + } else if (unencryptedPassword.isEmpty()) { + // NPE for user in container + throw new NullPointerException("unencryptedPassword is empty."); //NOI18N + } else if (null == updatedUser) { + // And again NPE ... + throw new NullPointerException("updatedUser is null"); //NOI18N + } + // First encrypt password - String encryptedPassword = Crypt.crypt(container.getUserPassword(), updatedUser.getUserEncryptedPassword()); + String encryptedPassword = Crypt.crypt(unencryptedPassword, updatedUser.getUserEncryptedPassword()); // Is it matching? return encryptedPassword.equals(updatedUser.getUserEncryptedPassword()); @@ -345,11 +370,8 @@ public class UserUtils implements Serializable { throw new IllegalArgumentException("container.userPassword is empty"); //NOI18N } - // First encrypt password - String encryptedPassword = Crypt.crypt(container.getUserPassword(), container.getUser().getUserEncryptedPassword()); - - // Is it matching? - return encryptedPassword.equals(container.getUser().getUserEncryptedPassword()); + // Call other method + return ifPasswordMatches(container.getUserPassword(), container.getUser()); } /** diff --git a/src/org/mxchange/jusercore/model/user/password_history/UserPasswordHistory.java b/src/org/mxchange/jusercore/model/user/password_history/UserPasswordHistory.java index d6b9c25..270ac6d 100644 --- a/src/org/mxchange/jusercore/model/user/password_history/UserPasswordHistory.java +++ b/src/org/mxchange/jusercore/model/user/password_history/UserPasswordHistory.java @@ -47,7 +47,7 @@ import org.mxchange.jusercore.model.user.User; ) @NamedQueries ( { - @NamedQuery (name = "AllUsersHistoryEntries", query = "SELECT h FROM user_password_history AS h WHERE h.userPasswordHistoryUser = :user ORDER BY h.userPasswordHistoryId ASC") + @NamedQuery (name = "AllUsersHistoryEntries", query = "SELECT h FROM user_password_history AS h WHERE h.userPasswordHistoryUser = :user ORDER BY h.userPasswordHistoryId DESC") } ) @SuppressWarnings ("PersistenceUnitPresent")