dubey/WebGoat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added validation to detect duplicate users during registration

Browse Source
This commit is contained in:
Nanne Baars
2017-04-08 08:30:14 +02:00
parent dc245bd1e7
commit fbf2d1b422
2 changed files with 68 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
webgoat-container/src/main/java/org/owasp/webgoat/users/UserValidator.java
View File

@ -1,5 +1,6 @@
package org.owasp.webgoat.users;
import lombok.AllArgsConstructor;
import org.springframework.stereotype.Component;
import org.springframework.validation.Errors;
import org.springframework.validation.Validator;
@ -9,10 +10,10 @@ import org.springframework.validation.Validator;
* @since 3/19/17.
*/
@Component
@AllArgsConstructor
public class UserValidator implements Validator {
// @Autowired
// private UserService userService;
private final UserRepository userRepository;
@Override
public boolean supports(Class<?> aClass) {
@ -23,9 +24,9 @@ public class UserValidator implements Validator {
public void validate(Object o, Errors errors) {
UserForm userForm = (UserForm) o;
// if (userService.findByUsername(userForm.getUsername()) != null) {
// errors.rejectValue("username", "Duplicate.userForm.username");
// }
if (userRepository.findByUsername(userForm.getUsername()) != null) {
errors.rejectValue("username", "username.duplicate");
}
if (!userForm.getMatchingPassword().equals(userForm.getPassword())) {
errors.rejectValue("matchingPassword", "password.diff");