diff --git a/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java b/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java index b3c4a0c..6867a91 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java @@ -75,16 +75,19 @@ public class AccountController { @RequestMapping(path = ACCOUNT_BASE, method = RequestMethod.DELETE, produces = "application/json") public ResponseEntity deleteAccount(HttpServletRequest request, - @RequestBody Account account) { + @RequestParam(PARAM_EMAIL) String email, + @RequestParam(PARAM_PASSWORD) String password) { logRequest(request); - if (validatorService.isInvalid(account)) { - log.warn("[{}] failed Validation, sending bad request", request.getRequestURI()); + if (!accountService.existsWithEmail(email)) { + log.warn("[{}] Account doesn't exist", request.getRequestURI()); return ResponseEntity.badRequest().build(); } - if (accountService.existsWithEmail(account.getEmail())) { + Account acc = accountService.isValidLogin(email, password); + if (acc == null) { + log.warn("[{}] Invalid Credentials", request.getRequestURI()); return ResponseEntity.badRequest().build(); } - if (!accountService.deleteIfExists(account)) { + if (!accountService.deleteIfExists(acc)) { return ResponseEntity.badRequest().build(); } return ResponseEntity.ok().build();