feat[User]: Add Bcrpyt in verifying password in class and dependency …

…in pom.xml
Group-5 · Feb 26, 2026 · b9693b7 · b9693b7
1 parent 837cf93
commit b9693b7
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 6 deletions.
diff --git a/pom.xml b/pom.xml
@@ -32,6 +32,13 @@
             <artifactId>javafx-controls</artifactId>
             <version>${javafx.version}</version>
         </dependency>
+
+        <!-- https://mvnrepository.com/artifact/org.springframework.security/spring-security-crypto -->
+        <dependency>
+          <groupId>org.springframework.security</groupId>
+          <artifactId>spring-security-crypto</artifactId>
+          <version>7.0.2</version>
+        </dependency>
     </dependencies>
 
     <build>

diff --git a/src/main/java/edu/group5/app/model/user/User.java b/src/main/java/edu/group5/app/model/user/User.java
@@ -1,9 +1,13 @@
 package edu.group5.app.model.user;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 /**
  * User class represents a user in the system. It is an abstract class that will be extended by specific user types such as Donor, Recipient, and Admin.
  * Each user has a unique userId, a role that defines their permissions in the system, and personal information such as first name, last name, email, and password hash.
  * The constructor validates that all required fields are provided and throws an IllegalArgumentException if any of the fields are null or empty. 
  * This ensures that the User objects are always in a valid state when created.
+ * The class also includes a method to verify the user's password 
+ * by comparing the provided plaintext password with the stored hashed password using BCrypt.
+ * 
  */
 public abstract class User {
   private int userId;
@@ -21,7 +25,7 @@ public abstract class User {
    * @param firstName the first name of the user
    * @param lastName the last name of the user
    * @param email the email address of the user
-   * @param passwordHash the hashed password of the user
+   * @param passwordHash the hashed password of the user, used for authentication purposes
    */
   public User(int userId, String role, String firstName, 
             String lastName, String email, String passwordHash) {
@@ -101,14 +105,16 @@ public String getPasswordHash() {
   }
 
   /**
-   * Verifies if the provided password matches the stored password hash for the user.
-   * This method should implement the logic to hash the input password 
-   * and compare it with the stored password hash.
+   * Verifies if the provided password matches the stored password hash.
+   * This method uses BCrypt to compare the plaintext password with the hashed password.
    * @param password the plaintext password to verify
    * @return true if the password is correct, false otherwise
    */
   public boolean verifyPassword(String password) {
-    // TODO Implement password verification logic here, e.g., using a hashing algorithm
-    return true; // Placeholder return value
+    if (password == null || password.isEmpty()) {
+        return false;
+    }
+    BCryptPasswordEncoder encoder = new BCryptPasswordEncoder();
+    return encoder.matches(password, this.passwordHash);
   }
 }
diff --git a/target/classes/edu/group5/app/model/user/User.class b/target/classes/edu/group5/app/model/user/User.class