bugfix: changed request parameter to DTO and added validation

Author: Troha7

src/main/java/com/chat/yourway/controller/ChangePasswordController.java

@@ -2,6 +2,7 @@
 
 import com.chat.yourway.config.openapi.OpenApiExamples;
 import com.chat.yourway.dto.request.ChangePasswordDto;
+import com.chat.yourway.dto.request.RestorePasswordDto;
 import com.chat.yourway.dto.response.ApiErrorResponseDto;
 import com.chat.yourway.service.interfaces.ChangePasswordService;
 import io.swagger.v3.oas.annotations.Operation;
@@ -70,8 +71,8 @@ public void sendRequestToRestorePassword(@RequestParam String email,
           @ApiResponse(responseCode = "404", description = EMAIL_TOKEN_NOT_FOUND,
               content = @Content(schema = @Schema(implementation = ApiErrorResponseDto.class)))
       })
-  @PatchMapping(path = "/password/restore", produces = APPLICATION_JSON_VALUE)
-  public void restorePassword(@RequestParam String newPassword, @RequestParam String token) {
-    changePasswordService.restorePassword(newPassword, token);
+  @PatchMapping(path = "/password/restore", consumes = APPLICATION_JSON_VALUE)
+  public void restorePassword(@Valid @RequestBody RestorePasswordDto restorePasswordDto) {
+    changePasswordService.restorePassword(restorePasswordDto);
   }
 }

src/main/java/com/chat/yourway/dto/request/RestorePasswordDto.java

@@ -0,0 +1,26 @@
+package com.chat.yourway.dto.request;
+
+import com.chat.yourway.annotation.PasswordValidation;
+import io.swagger.v3.oas.annotations.media.Schema;
+import jakarta.validation.constraints.NotEmpty;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import lombok.ToString;
+
+@AllArgsConstructor
+@NoArgsConstructor
+@Setter
+@Getter
+@ToString
+public class RestorePasswordDto {
+
+  @Schema(description = "New password", example = "Password-321")
+  @PasswordValidation
+  private String newPassword;
+
+  @Schema(description = "Email token", example = "245034-cc65-4dce-b374-7419fbfc18e5")
+  @NotEmpty(message = "Email token cannot be empty")
+  private String emailToken;
+}

src/main/java/com/chat/yourway/service/ChangePasswordServiceImpl.java

@@ -2,6 +2,7 @@
 
 import com.chat.yourway.dto.common.EmailMessageInfoDto;
 import com.chat.yourway.dto.request.ChangePasswordDto;
+import com.chat.yourway.dto.request.RestorePasswordDto;
 import com.chat.yourway.exception.EmailTokenNotFoundException;
 import com.chat.yourway.model.email.EmailMessageType;
 import com.chat.yourway.model.email.EmailToken;
@@ -53,7 +54,7 @@ public void sendEmailToRestorePassword(String email, String clientHost) {
     var emailMessageInfo = new EmailMessageInfoDto(contact.getNickname(),
         contact.getEmail(),
         uuidToken,
-            clientHost,
+        clientHost,
         EmailMessageType.RESTORE_PASSWORD);
     var emailMessage = emailMessageFactoryService.generateEmailMessage(emailMessageInfo);
 
@@ -62,11 +63,11 @@ public void sendEmailToRestorePassword(String email, String clientHost) {
 
   @Override
   @Transactional
-  public void restorePassword(String newPassword, String token) {
-    var emailToken =
-        emailTokenRepository.findById(token).orElseThrow(EmailTokenNotFoundException::new);
+  public void restorePassword(RestorePasswordDto restorePasswordDto) {
+    var emailToken = emailTokenRepository.findById(restorePasswordDto.getEmailToken())
+        .orElseThrow(EmailTokenNotFoundException::new);
     var contact = emailToken.getContact();
-    var newEncodedPassword = passwordEncoder.encode(newPassword);
+    var newEncodedPassword = passwordEncoder.encode(restorePasswordDto.getNewPassword());
 
     contact.setPassword(newEncodedPassword);
     emailTokenRepository.delete(emailToken);

src/main/java/com/chat/yourway/service/interfaces/ChangePasswordService.java

@@ -1,6 +1,7 @@
 package com.chat.yourway.service.interfaces;
 
 import com.chat.yourway.dto.request.ChangePasswordDto;
+import com.chat.yourway.dto.request.RestorePasswordDto;
 import com.chat.yourway.exception.ContactNotFoundException;
 import com.chat.yourway.exception.EmailTokenNotFoundException;
 import com.chat.yourway.exception.PasswordsAreNotEqualException;
@@ -11,11 +12,11 @@ public interface ChangePasswordService {
   /**
    * Changes the password for the user's account based on the provided request and user details.
    *
-   * @param request The data transfer object (DTO) containing the necessary information for password
-   *     change.
+   * @param request     The data transfer object (DTO) containing the necessary information for
+   *                    password change.
    * @param userDetails The details of the user account for which the password change is requested.
    * @throws PasswordsAreNotEqualException If old password does not matched to current user
-   *     password.
+   *                                       password.
    */
   void changePassword(ChangePasswordDto request, UserDetails userDetails);
 
@@ -24,7 +25,7 @@ public interface ChangePasswordService {
    * process of sending an email to the provided email address, checking if account exists in the
    * system, generating email message for sending to user by inputted email.
    *
-   * @param email         The email address of the user requesting password restoration.
+   * @param email      The email address of the user requesting password restoration.
    * @param clientHost The client host for generating the restoration link.
    * @throws ContactNotFoundException If the provided email does not exist in a database.
    */
@@ -36,10 +37,10 @@ public interface ChangePasswordService {
    * <p>This method allows a user to restore their password by providing a new password along with
    * the restoration token received through the password restoration process.
    *
-   * @param newPassword The new password chosen by the user for restoration.
-   * @param token The restoration token received by the user for verification from email letter.
+   * @param restorePasswordDto The data transfer object (DTO) containing the necessary information
+   *                           for restore password.
    * @throws EmailTokenNotFoundException If the provided token does not exist in a database.
    */
-  void restorePassword(String newPassword, String token);
+  void restorePassword(RestorePasswordDto restorePasswordDto);
 
 }

src/test/java/com/chat/yourway/integration/service/impl/ChangePasswordServiceImplTestValidation.java

@@ -16,6 +16,7 @@
 import com.chat.yourway.dto.common.EmailMessageDto;
 import com.chat.yourway.dto.common.EmailMessageInfoDto;
 import com.chat.yourway.dto.request.ChangePasswordDto;
+import com.chat.yourway.dto.request.RestorePasswordDto;
 import com.chat.yourway.exception.ContactNotFoundException;
 import com.chat.yourway.exception.EmailTokenNotFoundException;
 import com.chat.yourway.exception.PasswordsAreNotEqualException;
@@ -202,9 +203,10 @@ public void shouldSetNewPassword_whenUserGaveCorrectToken() {
     var oldPassword = contactService.findByEmail(EMAIL).getPassword();
     var newPassword = "newPassword";
     var uuidToken = "token";
+    var restorePasswordDto = new RestorePasswordDto(newPassword, uuidToken);
 
     // When
-    changePasswordService.restorePassword(newPassword, uuidToken);
+    changePasswordService.restorePassword(restorePasswordDto);
 
     // Then
     assertAll(
@@ -231,10 +233,11 @@ public void shouldThrowEmailTokenNotFoundException_whenUserGaveIncorrectToken()
     var emailTokenRepositoryMock = mock(EmailTokenRepository.class);
     var newPassword = "newPassword";
     var uuidToken = "UUID";
+    var restorePasswordDto = new RestorePasswordDto(newPassword, uuidToken);
 
     // When
     assertThrows(EmailTokenNotFoundException.class,
-        () -> changePasswordService.restorePassword(newPassword, uuidToken));
+        () -> changePasswordService.restorePassword(restorePasswordDto));
 
     // Then
     verify(passwordEncoderMock, never()).encode(newPassword);

src/test/java/com/chat/yourway/unit/service/impl/ChangePasswordServiceImplTestValidation.java

@@ -3,6 +3,7 @@
 import com.chat.yourway.dto.common.EmailMessageDto;
 import com.chat.yourway.dto.common.EmailMessageInfoDto;
 import com.chat.yourway.dto.request.ChangePasswordDto;
+import com.chat.yourway.dto.request.RestorePasswordDto;
 import com.chat.yourway.exception.EmailTokenNotFoundException;
 import com.chat.yourway.exception.PasswordsAreNotEqualException;
 import com.chat.yourway.model.Contact;
@@ -178,6 +179,7 @@ public void restorePassword_shouldSetNewPassword_whenUserGaveCorrectToken() {
     // Given
     var newPassword = "newPassword";
     var uuidToken = UUID.randomUUID().toString();
+    var restorePasswordDto = new RestorePasswordDto(newPassword, uuidToken);
     var contact =
         Contact.builder()
             .id(1)
@@ -198,7 +200,7 @@ public void restorePassword_shouldSetNewPassword_whenUserGaveCorrectToken() {
     when(emailTokenRepository.findById(uuidToken)).thenReturn(Optional.of(emailToken));
 
     // When
-    changePasswordService.restorePassword(newPassword, uuidToken);
+    changePasswordService.restorePassword(restorePasswordDto);
 
     // Then
     verify(emailTokenRepository).findById(uuidToken);
@@ -213,13 +215,14 @@ public void restorePassword_shouldThrowEmailTokenNotFoundException_whenUserGaveI
     // Given
     var newPassword = "newPassword";
     var uuidToken = UUID.randomUUID().toString();
+    var restorePasswordDto = new RestorePasswordDto(newPassword, uuidToken);
 
     when(emailTokenRepository.findById(uuidToken)).thenReturn(Optional.empty());
 
     // When
     assertThrows(
         EmailTokenNotFoundException.class,
-        () -> changePasswordService.restorePassword(newPassword, uuidToken));
+        () -> changePasswordService.restorePassword(restorePasswordDto));
 
     // Then
     verify(emailTokenRepository).findById(uuidToken);