From 03029c73f66b90f03044eb6ee45e19355c4f3788 Mon Sep 17 00:00:00 2001 From: Parpaillax Date: Tue, 23 Apr 2024 17:00:07 +0200 Subject: [PATCH 1/3] patch connexion --- .../java/fr/eni/enchere/dal/UserRepository.java | 2 +- .../fr/eni/enchere/dal/UserRepositoryImpl.java | 14 ++++---------- 2 files changed, 5 insertions(+), 11 deletions(-) diff --git a/src/main/java/fr/eni/enchere/dal/UserRepository.java b/src/main/java/fr/eni/enchere/dal/UserRepository.java index adfe6d7..cd03bae 100644 --- a/src/main/java/fr/eni/enchere/dal/UserRepository.java +++ b/src/main/java/fr/eni/enchere/dal/UserRepository.java @@ -7,7 +7,7 @@ import java.util.List; public interface UserRepository { List findAll(); UserProfil findById(int id); - UserProfil findByUsername(String username, String email); + UserProfil findByUsername(String username); void save(UserProfil utilisateur); void delete(int id); } diff --git a/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java b/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java index 3e9eeee..4ee84d7 100644 --- a/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java +++ b/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java @@ -11,6 +11,7 @@ import org.springframework.jdbc.core.namedparam.MapSqlParameterSource; import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate; import org.springframework.jdbc.support.GeneratedKeyHolder; import org.springframework.jdbc.support.KeyHolder; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Repository; @@ -57,16 +58,9 @@ public class UserRepositoryImpl implements UserRepository { } @Override - public UserProfil findByUsername(String username, String email) { - UserProfil user = null; - if (username != null) { - String sql = "SELECT * FROM UTILISATEURS WHERE pseudo = ? AND isDelete = 0"; - user = jdbcTemplate.queryForObject(sql, new UserRowMapper(), username); - } else if (email != null) { - String sql = "SELECT * FROM UTILISATEURS WHERE email = ? AND isDelete = 0"; - user = jdbcTemplate.queryForObject(sql, new UserRowMapper(), email); - } - System.out.println(user.getPassword()); + public UserProfil findByUsername(String username) { + String sql = "SELECT * FROM UTILISATEURS WHERE pseudo = ? OR email = ? AND isDelete = 0"; + UserProfil user = jdbcTemplate.queryForObject(sql, new UserRowMapper(), username, username); return user; } From 7e868dae3f50feb6fa1468ae448a5807d5dfcdb3 Mon Sep 17 00:00:00 2001 From: Parpaillax Date: Wed, 24 Apr 2024 09:20:17 +0200 Subject: [PATCH 2/3] allo --- src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java | 4 ---- 1 file changed, 4 deletions(-) diff --git a/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java b/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java index a9ce471..0234421 100644 --- a/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java +++ b/src/main/java/fr/eni/enchere/dal/UserRepositoryImpl.java @@ -1,8 +1,6 @@ package fr.eni.enchere.dal; -import fr.eni.enchere.bo.Article; import fr.eni.enchere.bo.UserProfil; -import org.apache.catalina.User; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Primary; import org.springframework.jdbc.core.JdbcTemplate; @@ -16,9 +14,7 @@ import org.springframework.stereotype.Repository; import java.sql.ResultSet; import java.sql.SQLException; -import java.util.HashMap; import java.util.List; -import java.util.Map; @Repository @Primary From 07b47b3f41f405594bf363237b8ff5f1f7bfe671 Mon Sep 17 00:00:00 2001 From: Parpaillax Date: Wed, 24 Apr 2024 10:07:02 +0200 Subject: [PATCH 3/3] test --- .../java/fr/eni/enchere/bo/UserProfil.java | 21 ++++++++++++++++++- .../controllers/InscriptionController.java | 4 ++-- .../enchere/controllers/ProfilController.java | 11 ++++++++++ .../enchere/security/WebSecurityConfig.java | 4 ++-- src/main/resources/templates/editProfil.html | 4 ++-- 5 files changed, 37 insertions(+), 7 deletions(-) diff --git a/src/main/java/fr/eni/enchere/bo/UserProfil.java b/src/main/java/fr/eni/enchere/bo/UserProfil.java index 9677c64..f0d49b4 100644 --- a/src/main/java/fr/eni/enchere/bo/UserProfil.java +++ b/src/main/java/fr/eni/enchere/bo/UserProfil.java @@ -14,13 +14,15 @@ public class UserProfil { private String ville; private String password; private String confirmPassword; + private String currentPassword; + private String newPassword; private float credit; private boolean isAdmin; //Constructeur public UserProfil(){} - public UserProfil(int id, String pseudo, String nom, String prenom, String email, String telephone, String rue, String code_postal, String ville, String password, String confirmPassword, int credit, boolean isAdmin) { + public UserProfil(int id, String pseudo, String nom, String prenom, String email, String telephone, String rue, String code_postal, String ville, String password, String confirmPassword, String newPassword, String currentPassword, int credit, boolean isAdmin) { setId(id); setPrenom(prenom); setNom(nom); @@ -34,6 +36,8 @@ public class UserProfil { setConfirmPassword(confirmPassword); setCredit(credit); setAdmin(isAdmin); + setCurrentPassword(currentPassword); + setNewPassword(newPassword); } //Méthode getter et setter @@ -141,4 +145,19 @@ public class UserProfil { isAdmin = admin; } + public String getCurrentPassword() { + return currentPassword; + } + + public void setCurrentPassword(String currentPassword) { + this.currentPassword = currentPassword; + } + + public String getNewPassword() { + return newPassword; + } + + public void setNewPassword(String newPassword) { + this.newPassword = newPassword; + } } diff --git a/src/main/java/fr/eni/enchere/controllers/InscriptionController.java b/src/main/java/fr/eni/enchere/controllers/InscriptionController.java index 2e9c9a6..f0c3661 100644 --- a/src/main/java/fr/eni/enchere/controllers/InscriptionController.java +++ b/src/main/java/fr/eni/enchere/controllers/InscriptionController.java @@ -41,13 +41,13 @@ public class InscriptionController { // Utilisez le service approprié pour récupérer les informations de l'utilisateur à partir du nom d'utilisateur UserProfil currentUserProfile = userService.utilisateurByName(username); // Vérifiez si le mot de passe actuel correspond à celui stocké dans la base de données - if (!passwordEncoder.matches(userProfile.getPassword(), currentUserProfile.getPassword())) { + if (!passwordEncoder.matches(userProfile.getNewPassword(), currentUserProfile.getPassword())) { // Mot de passe actuel incorrect, renvoyer une erreur result.rejectValue("currentPassword", "invalid", "Mot de passe actuel incorrect"); return "editProfil"; // Rediriger vers la page de modification du profil avec une erreur } // Vérifiez si le nouveau mot de passe et sa confirmation correspondent - if (!userProfile.getPassword().equals(userProfile.getConfirmPassword())) { + if (!userProfile.getNewPassword().equals(userProfile.getConfirmPassword())) { // Mauvaise correspondance entre le nouveau mot de passe et sa confirmation, renvoyer une erreur result.rejectValue("confirmPassword", "invalid", "La confirmation du mot de passe ne correspond pas au nouveau mot de passe"); return "editProfil"; // Rediriger vers la page de modification du profil avec une erreur diff --git a/src/main/java/fr/eni/enchere/controllers/ProfilController.java b/src/main/java/fr/eni/enchere/controllers/ProfilController.java index ec2be31..fe66b44 100644 --- a/src/main/java/fr/eni/enchere/controllers/ProfilController.java +++ b/src/main/java/fr/eni/enchere/controllers/ProfilController.java @@ -39,6 +39,17 @@ public class ProfilController { } } + @GetMapping("/edit") + public String edit(Model model) { + Authentication authentication = SecurityContextHolder.getContext().getAuthentication(); + if (!authentication.getName().equals("anonymousUser")) { + String username = authentication.getName(); + UserProfil userProfile = userService.utilisateurByName(username); + model.addAttribute("userProfile", userProfile); + } + return "editProfil"; + } + @PostMapping("/edit") public String editProfile(Model model) { // Obtenez l'authentification actuelle diff --git a/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java b/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java index 076a4fd..ddf85c8 100644 --- a/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java +++ b/src/main/java/fr/eni/enchere/security/WebSecurityConfig.java @@ -17,9 +17,9 @@ public class WebSecurityConfig{ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception { http.authorizeHttpRequests((requests) -> requests .requestMatchers("/", "/accueil").permitAll() - .requestMatchers("/accueil", "/login", "/inscription/**", "/searchArticle", "/article/**", "/change-language", "/profile/**").permitAll() + .requestMatchers("/accueil", "/login", "/inscription/**", "/searchArticle", "/article/**", "/change-language").permitAll() .requestMatchers("/css/**", "/images/**", "/assets/**", "/img/**", "/js/**").permitAll() - .requestMatchers("/profile/**").authenticated() + .requestMatchers("/profil/**").authenticated() .requestMatchers("/admin").hasRole("ADMIN") .anyRequest().authenticated()) .formLogin((form) -> form.loginPage("/login").defaultSuccessUrl("/", true)) diff --git a/src/main/resources/templates/editProfil.html b/src/main/resources/templates/editProfil.html index cf3aa04..5e8f9db 100644 --- a/src/main/resources/templates/editProfil.html +++ b/src/main/resources/templates/editProfil.html @@ -110,7 +110,7 @@
- +
    @@ -122,7 +122,7 @@
    - +