From 6d8468f5348a86b12e60a1c6a3339bc875cab857 Mon Sep 17 00:00:00 2001
From: Dmytro Trotsenko <trohae7@gmail.com>
Date: Sat, 6 Jan 2024 16:24:06 +0200
Subject: [PATCH] bugfix: added forbidden symbols and cyrillic letters to
 password validation

---
 .../annotation/validator/PasswordValidator.java  | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/main/java/com/chat/yourway/annotation/validator/PasswordValidator.java b/src/main/java/com/chat/yourway/annotation/validator/PasswordValidator.java
index 4ba1e9f2..3096d422 100644
--- a/src/main/java/com/chat/yourway/annotation/validator/PasswordValidator.java
+++ b/src/main/java/com/chat/yourway/annotation/validator/PasswordValidator.java
@@ -15,6 +15,10 @@ public class PasswordValidator implements ConstraintValidator<PasswordValidation
       Pattern.compile(".*[!@#$%^&*_\\-+=~?].*");
   private static final Pattern PASSWORD_UPPER_CASE_PATTERN = Pattern.compile(".*[A-Z].*");
   private static final Pattern PASSWORD_DIGIT_PATTERN = Pattern.compile(".*\\d.*");
+  private static final Pattern PASSWORD_FORBIDEN_SYMBOLS_PATTERN =
+      Pattern.compile(".*[<>;/.:'(),\\[\\]\"].*");
+  private static final Pattern PASSWORD_FORBIDEN_CYRILLIC_LETTERS_PATTERN =
+      Pattern.compile(".*[а-яА-ЯІіЇї].*");
 
   @Override
   public boolean isValid(String value, ConstraintValidatorContext context) {
@@ -35,7 +39,17 @@ public boolean isValid(String value, ConstraintValidatorContext context) {
               .buildConstraintViolationWithTemplate("The password must not be longer than 12 characters.")
               .addConstraintViolation();
       return false;
-    } else if (!PASSWORD_SPECIAL_SYMBOLS_PATTERN.matcher(value).matches()) {
+    }  else if (PASSWORD_FORBIDEN_SYMBOLS_PATTERN.matcher(value).matches()) {
+      context
+          .buildConstraintViolationWithTemplate("Password should not include symbols [< > ; / . : ' [ ] ( ) , ]")
+          .addConstraintViolation();
+      return false;
+    } else if (PASSWORD_FORBIDEN_CYRILLIC_LETTERS_PATTERN.matcher(value).matches()) {
+      context
+          .buildConstraintViolationWithTemplate("Password should not include cyrillic letters")
+          .addConstraintViolation();
+      return false;
+    }else if (!PASSWORD_SPECIAL_SYMBOLS_PATTERN.matcher(value).matches()) {
       context
               .buildConstraintViolationWithTemplate("Password must include at least 1 special symbol: [! @ # $ % ^ & * _ - + = ~ ?]")
               .addConstraintViolation();