Add validation on route ChangePasswordCitizenRequest

2021-04-08 17:55:05 +02:00
parent eb399392c9
commit 9d3eeeb04b
7 changed files with 23 additions and 9 deletions
--- a/src/main/kotlin/fr/dcproject/common/validation/Password.kt
+++ b/src/main/kotlin/fr/dcproject/common/validation/Password.kt
@@ -10,7 +10,7 @@ fun ValidationBuilder<String>.passwordScore(minScore: Int) =
 fun String.passwordScore(): Int {
    var score: Int = length
    val alphaNum = ('a'..'z').toList() + ('A'..'Z').toList() + ('0'..'9').toList()
-    val specialCount = (length - toList().intersect(alphaNum).size)
+    val specialCount = length - toList().intersect(alphaNum).size
    score += specialCount.let { if (it > 3) 3 else it }

    val hasAlphaLower = toList().intersect(('a'..'z').toList()).size.let { if (it > 2) 2 else it }
--- a/src/main/kotlin/fr/dcproject/component/citizen/routes/ChangeMyPassword.kt
+++ b/src/main/kotlin/fr/dcproject/component/citizen/routes/ChangeMyPassword.kt
@@ -1,7 +1,9 @@
 package fr.dcproject.component.citizen.routes

+import fr.dcproject.application.http.badRequestIfNotValid
 import fr.dcproject.common.security.assert
 import fr.dcproject.common.utils.receiveOrBadRequest
+import fr.dcproject.common.validation.passwordScore
 import fr.dcproject.component.auth.citizen
 import fr.dcproject.component.auth.citizenOrNull
 import fr.dcproject.component.auth.database.UserRepository
@@ -9,6 +11,7 @@ import fr.dcproject.component.auth.database.UserWithPassword
 import fr.dcproject.component.auth.mustBeAuth
 import fr.dcproject.component.citizen.CitizenAccessControl
 import fr.dcproject.component.citizen.database.CitizenRef
+import io.konform.validation.Validation
 import io.ktor.application.call
 import io.ktor.auth.UserPasswordCredential
 import io.ktor.features.BadRequestException
@@ -25,14 +28,21 @@ object ChangeMyPassword {
    @Location("/citizens/{citizen}/password/change")
    class ChangePasswordCitizenRequest(citizen: UUID) {
        val citizen = CitizenRef(citizen)
-        data class Input(val oldPassword: String, val newPassword: String)
+        data class Input(val oldPassword: String, val newPassword: String) {
+            fun validate() = Validation<Input> {
+                Input::newPassword {
+                    passwordScore(15)
+                }
+            }.validate(this)
+        }
    }

    fun Route.changeMyPassword(ac: CitizenAccessControl, userRepository: UserRepository) {
        put<ChangePasswordCitizenRequest> {
            mustBeAuth()
-            ac.assert { canChangePassword(it.citizen, citizenOrNull) }
            val content = call.receiveOrBadRequest<ChangePasswordCitizenRequest.Input>()
+                .apply { validate().badRequestIfNotValid() }
+            ac.assert { canChangePassword(it.citizen, citizenOrNull) }
            userRepository.findByCredentials(UserPasswordCredential(citizen.user.username, content.oldPassword)) ?: throw BadRequestException("Bad Password")
            userRepository.changePassword(
                UserWithPassword(
--- a/src/main/resources/openapi.yaml
+++ b/src/main/resources/openapi.yaml
@@ -484,6 +484,10 @@ paths:
          description: Password changed
        400:
          description: Bad request
+          content:
+            application/json:
+              schema:
+                $ref: '#/components/schemas/400'
        401:
          $ref: '#/components/responses/401'
        404:
--- a/src/test/kotlin/integration/Citizen
+++ b/src/test/kotlin/integration/Citizen
@@ -69,8 +69,8 @@ class `Citizen routes` : BaseTest() {
                `with body`(
                    """
                    {
-                      "oldPassword": "azerty",
-                      "newPassword": "qwerty"
+                      "oldPassword": "Azerty123!",
+                      "newPassword": "Qwerty123!"
                    }
                    """
                )
--- a/src/test/kotlin/integration/Login
+++ b/src/test/kotlin/integration/Login
@@ -27,7 +27,7 @@ class `Login routes` : BaseTest() {
                    """
                    {
                      "username": "niels-bohr",
-                      "password": "azerty"
+                      "password": "Azerty123!"
                    }
                    """
                )
--- a/src/test/kotlin/integration/steps/given/Citizen.kt
+++ b/src/test/kotlin/integration/steps/given/Citizen.kt
@@ -23,7 +23,7 @@ fun TestApplicationEngine.`Given I have citizen`(
    val user = UserForCreate(
        id = id.toUUID(),
        username = "$firstName-$lastName".toLowerCase(),
-        password = "azerty",
+        password = "Azerty123!",
    )
    val citizen = CitizenForCreate(
        id = id.toUUID(),
@@ -53,7 +53,7 @@ fun createCitizen(name: CitizenI.Name? = null, id: UUID = UUID.randomUUID()): Ci
                last
            ),
            email = "$first@fakeemail.com",
-            user = UserForCreate(username = username, password = "azerty")
+            user = UserForCreate(username = username, password = "Azerty123!")
        ).let {
            citizenRepository.insertWithUser(it) ?: error("Unable to create User")
        }
--- a/src/test/kotlin/integration/steps/given/Workgroup.kt
+++ b/src/test/kotlin/integration/steps/given/Workgroup.kt
@@ -65,7 +65,7 @@ private fun createWorkgroup(
            .toLowerCase().replace(' ', '-')
        val user = UserForCreate(
            username = username,
-            password = "azerty",
+            password = "Azerty123!",
        )
        CitizenForCreate(
            name = creatorName,