Password reset working

src/main/java/com/mattrixwv/raidbuilder/controller/AccountTutorialController.java

@@ -46,7 +46,7 @@ public class AccountTutorialController{
 	@PutMapping
 	@AccountAuthorization(permissions = {AccountPermissionType.ADMIN, AccountPermissionType.USER})
 	public ObjectNode updateTutorialStatus(@RequestBody AccountTutorialStatus tutorialStatus, Authentication authentication){
-		log.info("Updating tutorial status for account {} to {}", authentication.getName(), tutorialStatus);
+		log.info("Updating tutorial status for account {}", authentication.getName());
 
 
 		Account account = accountService.getByUsername(authentication.getName());

src/main/java/com/mattrixwv/raidbuilder/controller/AuthenticationController.java

@@ -8,6 +8,7 @@ import java.util.UUID;
 
 import org.springframework.security.authorization.AuthorizationDeniedException;
 import org.springframework.security.core.Authentication;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
@@ -40,6 +41,7 @@ import lombok.extern.slf4j.Slf4j;
 @RequiredArgsConstructor
 public class AuthenticationController{
 	private final ObjectMapper mapper;
+	private final PasswordEncoder passwordEncoder;
 	private final TokenService tokenService;
 	private final AccountService accountService;
 
@@ -230,14 +232,20 @@ public class AuthenticationController{
 		log.info("Resetting password for {}", authentication.getName());
 
 
-		if((requestNode == null) || (!requestNode.has("password"))){
+		if((requestNode == null) || (!requestNode.has("newPassword"))){
 			throw new IllegalArgumentException("Invalid request");
 		}
 
+		String currentPassword = requestNode.get("currentPassword").asText();
+		String newPassword = requestNode.get("newPassword").asText();
+
 		Account account = accountService.getByUsername(authentication.getName());
-		accountService.updatePassword(account.getAccountId(), requestNode.get("password").asText());
+		if(!passwordEncoder.matches(currentPassword, account.getPassword())){
+			throw new IllegalArgumentException("Current password did not match");
+		}
+
 		account.setForceReset(false);
-		accountService.updateAccount(account);
+		accountService.updatePassword(account.getAccountId(), newPassword);
 
 		ObjectNode returnNode = mapper.createObjectNode();
 		returnNode.put("status", "success");

src/main/java/com/mattrixwv/raidbuilder/service/AccountService.java

@@ -92,11 +92,11 @@ public class AccountService implements UserDetailsService{
 		return accountRepository.save(account);
 	}
 
-	public Account updatePassword(UUID accountId, String password){
+	public Account updatePassword(UUID accountId, String newPassword){
 		Account account = accountRepository.findById(accountId).orElse(null);
 
 		if(account != null){
-			account.setPassword(passwordEncoder.encode(password));
+			account.setPassword(passwordEncoder.encode(newPassword));
 			account = accountRepository.save(account);
 		}