diff --git a/src/main/java/com/ceticamarco/bits/user/UserController.java b/src/main/java/com/ceticamarco/bits/user/UserController.java index 49e4127..266d6e5 100644 --- a/src/main/java/com/ceticamarco/bits/user/UserController.java +++ b/src/main/java/com/ceticamarco/bits/user/UserController.java @@ -49,25 +49,23 @@ public class UserController { : new ResponseEntity<>(res.getLeft().getMessage(), HttpStatus.BAD_REQUEST); } - /** - * Update an existing user - * - * @param user the user to update - * @return on failure, the error message - */ - @PutMapping("/users") - public String updateUser(@RequestBody User user) { - return ""; - } - /** * Delete an existing user * - * @param userId the user ID to delete + * @param user the email and the password of the user * @return on failure, the error message */ - @DeleteMapping("/users/{userId}") - public String deleteUser(@PathVariable("userId") Integer userId) { - return ""; + @DeleteMapping("/users") + public ResponseEntity deleteUser(@RequestBody User user) { + // Check if email and password are specified + if(user.getPassword() == null || user.getEmail() == null) { + return new ResponseEntity<>("Specify both email and password", HttpStatus.BAD_REQUEST); + } + + // Delete the user + var res = userService.deleteUser(user); + + return res.map(error -> new ResponseEntity<>(error.getMessage(), HttpStatus.BAD_REQUEST)) + .orElseGet(() -> new ResponseEntity<>("OK", HttpStatus.OK)); } } diff --git a/src/main/java/com/ceticamarco/bits/user/UserRepository.java b/src/main/java/com/ceticamarco/bits/user/UserRepository.java index 4f421dc..416dc22 100644 --- a/src/main/java/com/ceticamarco/bits/user/UserRepository.java +++ b/src/main/java/com/ceticamarco/bits/user/UserRepository.java @@ -5,10 +5,15 @@ import org.springframework.data.jpa.repository.Query; import java.util.Optional; -public interface UserRepository extends JpaRepository { +public interface UserRepository extends JpaRepository { @Query("SELECT u FROM User u WHERE u.email = ?1") Optional findUserByEmail(String email); - @Query("SELECT u FROM User u WHERE u.username= ?1") + @Query("SELECT u FROM User u WHERE u.username = ?1") Optional findUserByUsername(String username); + + @Query("SELECT u.password FROM User u WHERE u.email = ?1") + Optional findPasswordByEmail(String email); + + void deleteUserByEmail(String email); } \ No newline at end of file diff --git a/src/main/java/com/ceticamarco/bits/user/UserService.java b/src/main/java/com/ceticamarco/bits/user/UserService.java index 0993c9c..7939e72 100644 --- a/src/main/java/com/ceticamarco/bits/user/UserService.java +++ b/src/main/java/com/ceticamarco/bits/user/UserService.java @@ -1,10 +1,13 @@ package com.ceticamarco.bits.user; import io.vavr.control.Either; +import jakarta.transaction.Transactional; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.crypto.password.PasswordEncoder; import org.springframework.stereotype.Service; +import java.util.Optional; + @Service public class UserService { private final UserRepository userRepository; @@ -35,4 +38,26 @@ public class UserService { return Either.right(userId); } + + @Transactional + public Optional deleteUser(User user) { + // Search user password by its email + var rawPassword = user.getPassword(); + var encodedPassword = userRepository.findPasswordByEmail(user.getEmail()); + + // Check whether user exists + if(encodedPassword.isEmpty()) { + return Optional.of(new Error("Cannot find user.")); + } + + // Otherwise compare the hash + var isHashEqual = passwordEncoder.matches(rawPassword, encodedPassword.get()); + if(!isHashEqual) { + return Optional.of(new Error("Wrong password.")); + } + + userRepository.deleteUserByEmail(user.getEmail()); + + return Optional.empty(); + } }