Added extra check for userId

This commit is contained in:
Mikhail Trofimov 2025-08-15 11:05:47 +03:00
parent a428ba9d49
commit f8967fa337

View file

@ -26,6 +26,9 @@ public class AuthorizationService {
} }
public AuthResult findAuthInfo(String userId, String password) throws Exception { public AuthResult findAuthInfo(String userId, String password) throws Exception {
if (userId.length() > 12) {
return new AuthResult(false, SignalError.ERROR_005);
}
String hashedPassword = hashPassword(password); String hashedPassword = hashPassword(password);
List<String> productCodes = mapper.findUserProductCodes(userId, hashedPassword); List<String> productCodes = mapper.findUserProductCodes(userId, hashedPassword);
if (productCodes.isEmpty()) { if (productCodes.isEmpty()) {