fix: password checking condition on private pastes

change: password is now sent via http headers

core/pom.xml

@@ -83,7 +83,7 @@
 		<dependency>
 			<groupId>net.miarma</groupId>
 			<artifactId>backlib</artifactId>
-			<version>1.1.0</version>
+			<version>1.1.1</version>
 		</dependency>
 	</dependencies>
 

mpaste/src/main/java/net/miarma/backend/mpaste/controller/PasteController.java

@@ -38,7 +38,7 @@ public class PasteController {
     @GetMapping("/{paste_key}")
     public ResponseEntity<PasteDto.Response> getByKey(
             @PathVariable("paste_key") String pasteKey,
-            @RequestParam(value = "password", required = false) String password
+            @RequestHeader(value = "X-Paste-Password", required = false) String password
     ) {
         return ResponseEntity.ok(
                 PasteMapper.toResponse(pasteService.getByKey(pasteKey, password))

mpaste/src/main/java/net/miarma/backend/mpaste/service/PasteService.java

@@ -46,7 +46,7 @@ public class PasteService {
                 .orElseThrow(() -> new NotFoundException("Paste not found"));
 
         if(Boolean.TRUE.equals(paste.isPrivate())) {
-            if(password == null || passwordEncoder.matches(password, paste.getPassword())) {
+            if(password == null || !passwordEncoder.matches(password, paste.getPassword())) {
                 throw new ForbiddenException("Incorrect password");
             }
         }
@@ -63,6 +63,12 @@ public class PasteService {
 
     public Paste create(Paste paste) {
         PasteValidator.validate(paste);
+
+        if (Boolean.TRUE.equals(paste.isPrivate()) && paste.getPassword() != null) {
+            String encodedPassword = passwordEncoder.encode(paste.getPassword());
+            paste.setPassword(encodedPassword);
+        }
+
         paste.setPasteId(UUID.randomUUID());
         paste.setPasteKey(PasteKeyGenerator.generate(6));
         return pasteRepository.save(paste);