smartproc-be/src/main/java/com/iconplus/smartproc/service/authentication/ChangePasswordService.java

package com.iconplus.smartproc.service.authentication;

import com.iconplus.smartproc.exception.BusinessException;
import com.iconplus.smartproc.helper.context.ApiContext;
import com.iconplus.smartproc.helper.model.EmptyResponse;
import com.iconplus.smartproc.helper.service.BaseService;
import com.iconplus.smartproc.model.request.ChangePasswordRequest;
import com.iconplus.smartproc.repository.UsersRepository;
import com.iconplus.smartproc.service.CommonService;
import com.iconplus.smartproc.util.Constants;
import org.apache.commons.lang3.StringUtils;
import org.springframework.http.HttpStatus;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;

@Service
public class ChangePasswordService implements BaseService<ChangePasswordRequest, EmptyResponse> {

    private ApiContext apiContext;
    private UsersRepository usersRepository;
    private CommonService commonService;
    public ChangePasswordService(UsersRepository usersRepository,
                                 ApiContext apiContext,
                                 CommonService commonService) {
        this.usersRepository = usersRepository;
        this.apiContext = apiContext;
        this.commonService = commonService;
    }

    @Override
    public EmptyResponse execute(ChangePasswordRequest input) {

        Long id = Long.valueOf(apiContext.getUserId());
        var users = usersRepository.findByIdAndIsDeleteFalse(id)
                .orElseThrow(() -> new BusinessException(Constants.ERR_CODE_10001,
                        Constants.ERR_TTL_10001,
                        String.format(Constants.ERR_MSG_10001, "User", id)));

        String password = commonService.getPassword(input.getCurrentPassword());
        BCryptPasswordEncoder bCryptPasswordEncoder = new BCryptPasswordEncoder();
        boolean isValidCurrentPassword = bCryptPasswordEncoder.matches(password, users.getPassword());

        if (!isValidCurrentPassword) {
            throw new BusinessException(HttpStatus.CONFLICT,
                    Constants.ERR_CODE_10009,
                    Constants.ERR_TTL_10009,
                    Constants.ERR_MSG_10009);
        }

        String newPassword = commonService.getPassword(input.getNewPassword());
        String confirmationPassword = commonService.getPassword(input.getConfirmationPassword());


        if (!StringUtils.equalsIgnoreCase(newPassword, confirmationPassword)) {
            throw new BusinessException(HttpStatus.CONFLICT,
                    Constants.ERR_CODE_10007,
                    Constants.ERR_TTL_10007,
                    Constants.ERR_MSG_10007);
        }

        users.setPassword(bCryptPasswordEncoder.encode(newPassword));
        usersRepository.save(users);

        return new EmptyResponse();
    }
}