Skip to content

Commit

Permalink
Merge pull request #143 from Code-4-Community/kjung/fix-email-case-in…
Browse files Browse the repository at this point in the history 
…sensitive
  • Loading branch information
@chromium-52
chromium-52 authored Feb 8, 2024
2 parents f09e952 + 61559fb commit 2111030
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
6 changes: 3 additions & 3 deletions service/src/main/java/com/codeforcommunity/dataaccess/AuthDatabaseOperations.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ public AuthDatabaseOperations(DSLContext db) {
public JWTData getUserJWTData(String email) {
Optional<Users> maybeUser =
Optional.ofNullable(
db.selectFrom(USERS).where(USERS.EMAIL.eq(email)).fetchOneInto(Users.class));
db.selectFrom(USERS).where(USERS.EMAIL.equalIgnoreCase(email)).fetchOneInto(Users.class));

if (maybeUser.isPresent()) {
Users user = maybeUser.get();
Expand Down Expand Up @@ -117,7 +117,7 @@ public Users getUserPojo(int userId) {
public boolean isValidLogin(String email, String pass) {
Optional<Users> maybeUser =
Optional.ofNullable(
db.selectFrom(USERS).where(USERS.EMAIL.eq(email)).fetchOneInto(Users.class));
db.selectFrom(USERS).where(USERS.EMAIL.equalIgnoreCase(email)).fetchOneInto(Users.class));

return maybeUser
.filter(user -> Passwords.isExpectedPassword(pass, user.getPassHash()))
Expand All @@ -132,7 +132,7 @@ public boolean isValidLogin(String email, String pass) {
*/
public UsersRecord createNewUser(NewUserRequest request) {
String email = request.getEmail();
boolean emailUsed = db.fetchExists(db.selectFrom(USERS).where(USERS.EMAIL.eq(email)));
boolean emailUsed = db.fetchExists(db.selectFrom(USERS).where(USERS.EMAIL.equalIgnoreCase(email)));
if (emailUsed) {
throw new EmailAlreadyInUseException(email);
}
Expand Down
2 changes: 1 addition & 1 deletion service/src/main/java/com/codeforcommunity/processor/ProtectedUserProcessorImpl.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -173,7 +173,7 @@ public void changeEmail(JWTData userData, ChangeEmailRequest changeEmailRequest)
}

if (Passwords.isExpectedPassword(changeEmailRequest.getPassword(), user.getPassHash())) {
if (db.fetchExists(USERS, USERS.EMAIL.eq(changeEmailRequest.getNewEmail()))) {
if (db.fetchExists(USERS, USERS.EMAIL.equalIgnoreCase(changeEmailRequest.getNewEmail()))) {
throw new EmailAlreadyInUseException(changeEmailRequest.getNewEmail());
}

Expand Down

0 comments on commit 2111030

Please sign in to comment.