From 6124641cbc9fb25d2202f80e2ffe17ff985a1573 Mon Sep 17 00:00:00 2001
From: "hilmi.albiruni" <hilmi.albiruni@ui.ac.id>
Date: Tue, 8 Nov 2022 15:33:34 +0700
Subject: [PATCH] ngecek password lama sudah tidak bisa digunakan sebelumnya

---
 .../tutorial/belajarbelajar/controller/UserController.java  | 6 ++++--
 belajarbelajar/src/main/resources/templates/error/403.html  | 2 +-
 .../src/main/resources/templates/form-update-password.html  | 2 +-
 3 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/belajarbelajar/src/main/java/apap/tutorial/belajarbelajar/controller/UserController.java b/belajarbelajar/src/main/java/apap/tutorial/belajarbelajar/controller/UserController.java
index e778ad6..5c261d6 100644
--- a/belajarbelajar/src/main/java/apap/tutorial/belajarbelajar/controller/UserController.java
+++ b/belajarbelajar/src/main/java/apap/tutorial/belajarbelajar/controller/UserController.java
@@ -70,14 +70,16 @@ public class UserController {
         UserModel user = userService.getUserByUsername(userModel.getUsername());
         BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
         if (passwordEncoder.matches(userModel.getPassword(), user.getPassword())){
-            if (newPassword.equals(confPassword)){
+            if (passwordEncoder.matches(newPassword, user.getPassword())) {
+                return "error-update";
+            } else if (newPassword.equals(confPassword)){
                 user.setPassword(newPassword);
                 userService.addUser(user);
                 return "sukses-update-password";
             } else {
                 model.addAttribute("message", "password yang dikonfirmasi tidak sama. Ulangi!");
             }
-        }else {
+        } else {
             model.addAttribute("message", "password lama invalid. Ulangi!");
         }
         return "form-update-password";
diff --git a/belajarbelajar/src/main/resources/templates/error/403.html b/belajarbelajar/src/main/resources/templates/error/403.html
index 34318c5..08e5359 100644
--- a/belajarbelajar/src/main/resources/templates/error/403.html
+++ b/belajarbelajar/src/main/resources/templates/error/403.html
@@ -2,7 +2,7 @@
 <html lang="en" xmlns:th="http://thymeleaf.org">
 <head>
     <meta charset="UTF-8">
-    <title>404 not found</title>
+    <title>Error 403</title>
     <object th:include="fragments/fragment :: css" th:remove="tag"></object>
     <object th:include="fragments/fragment :: js" th:remove="tag"></object>
 
diff --git a/belajarbelajar/src/main/resources/templates/form-update-password.html b/belajarbelajar/src/main/resources/templates/form-update-password.html
index 96ab436..cec2932 100644
--- a/belajarbelajar/src/main/resources/templates/form-update-password.html
+++ b/belajarbelajar/src/main/resources/templates/form-update-password.html
@@ -3,7 +3,7 @@
 
 <head>
   <meta charset="UTF-8">
-  <title>21 Cineplux</title>
+  <title>Update password</title>
   <object th:include="fragments/fragment :: css" th:remove="tag"></object>
   <object th:include="fragments/fragment :: js" th:remove="tag"></object>
 </head>
-- 
GitLab