diff --git a/beer-buddy-web/src/main/java/com/beerbuddy/web/controller/rest/LoginController.java b/beer-buddy-web/src/main/java/com/beerbuddy/web/controller/rest/LoginController.java index c798c103..a8bf0f00 100644 --- a/beer-buddy-web/src/main/java/com/beerbuddy/web/controller/rest/LoginController.java +++ b/beer-buddy-web/src/main/java/com/beerbuddy/web/controller/rest/LoginController.java @@ -41,6 +41,15 @@ public ResponseEntity authenticate(@RequestBody NewUserRequest request) { //clear context to be safe SecurityContextHolder.clearContext(); + if (request.getPassword().trim().length() < 8)//checks to make sure password is at least 8 characters long + { + log.error("Too Short Password"); + Map error = ImmutableMap. + of("error", "The password is too short", + "message", "The password must be at least 8 characters long."); + return new ResponseEntity<>(error, HttpStatus.UNAUTHORIZED); + } + Authentication auth = new UsernamePasswordAuthenticationToken(request.getUsername(), request.getPassword()); try { auth = beerBuddyAuthenticationManager.authenticate(auth); diff --git a/beer-buddy-web/src/main/java/com/beerbuddy/web/controller/rest/UserController.java b/beer-buddy-web/src/main/java/com/beerbuddy/web/controller/rest/UserController.java index 942947fd..067f1447 100644 --- a/beer-buddy-web/src/main/java/com/beerbuddy/web/controller/rest/UserController.java +++ b/beer-buddy-web/src/main/java/com/beerbuddy/web/controller/rest/UserController.java @@ -44,6 +44,14 @@ public class UserController implements BeerMapper { @RequestMapping(method=RequestMethod.POST) public ResponseEntity create(@RequestBody NewUserRequest request) { try { + if (request.getPassword().trim().length() < 8)//checks to make sure password is at least 8 characters long + { + Map error = ImmutableMap. + of("error", "The password is too short", + "message", "The password must be at least 8 characters long."); + return new ResponseEntity<>(error, HttpStatus.UNAUTHORIZED); + } + User user = userService.createUser(request.getUsername(), request.getPassword()); UserProfile profile = new UserProfile(); profile.setEmail(request.getEmail());