From 731bc3d1549406ecf1d5ed03272fa4625d815044 Mon Sep 17 00:00:00 2001 From: Tim <47184194+imgde@users.noreply.github.com> Date: Sun, 15 Jun 2025 12:33:43 +0200 Subject: [PATCH] Take email:pass instead of Account Body to delete --- .../webshop/controller/AccountController.java | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java b/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java index b3c4a0c..6867a91 100644 --- a/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java +++ b/00-backend/src/main/java/de/htwsaar/webshop/controller/AccountController.java @@ -75,16 +75,19 @@ public class AccountController { @RequestMapping(path = ACCOUNT_BASE, method = RequestMethod.DELETE, produces = "application/json") public ResponseEntity deleteAccount(HttpServletRequest request, - @RequestBody Account account) { + @RequestParam(PARAM_EMAIL) String email, + @RequestParam(PARAM_PASSWORD) String password) { logRequest(request); - if (validatorService.isInvalid(account)) { - log.warn("[{}] failed Validation, sending bad request", request.getRequestURI()); + if (!accountService.existsWithEmail(email)) { + log.warn("[{}] Account doesn't exist", request.getRequestURI()); return ResponseEntity.badRequest().build(); } - if (accountService.existsWithEmail(account.getEmail())) { + Account acc = accountService.isValidLogin(email, password); + if (acc == null) { + log.warn("[{}] Invalid Credentials", request.getRequestURI()); return ResponseEntity.badRequest().build(); } - if (!accountService.deleteIfExists(account)) { + if (!accountService.deleteIfExists(acc)) { return ResponseEntity.badRequest().build(); } return ResponseEntity.ok().build();