From 675c5d71dd2368da36528639696fe5eab9aff680 Mon Sep 17 00:00:00 2001
From: bouchaalaOmar <bouchaalaomar1@gmail.com>
Date: Mon, 2 Oct 2023 16:42:40 +0200
Subject: [PATCH] Update UserService.java

It is better to use Authentication instead the Principal

the Principal is a part of Java while the Authentication is a part of spring

So, I thing that it is better to use the more high level of abstraction.
---
 src/main/java/com/alibou/security/user/UserService.java | 8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

diff --git a/src/main/java/com/alibou/security/user/UserService.java b/src/main/java/com/alibou/security/user/UserService.java
index a17181d..d6c812a 100644
--- a/src/main/java/com/alibou/security/user/UserService.java
+++ b/src/main/java/com/alibou/security/user/UserService.java
@@ -1,21 +1,19 @@
 package com.alibou.security.user;
 
 import lombok.RequiredArgsConstructor;
-import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
+import org.springframework.security.core.Authentication;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 
-import java.security.Principal;
-
 @Service
 @RequiredArgsConstructor
 public class UserService {
 
     private final PasswordEncoder passwordEncoder;
     private final UserRepository repository;
-    public void changePassword(ChangePasswordRequest request, Principal connectedUser) {
+    public void changePassword(ChangePasswordRequest request, Authentication authentication) {
 
-        var user = (User) ((UsernamePasswordAuthenticationToken) connectedUser).getPrincipal();
+        var user = (User) authentication.getPrincipal();
 
         // check if the current password is correct
         if (!passwordEncoder.matches(request.getCurrentPassword(), user.getPassword())) {