[FIXED] Why validation not work for encoded password

Issue

In my project i add some validation for Signup form fields. While click on submit button password validation not check orignal password like 123456 but it check encoded password like $2a$10$kUm6AxxH3SNSIoUtP6V7WOlFTIORTOILKDFGOP and produce validation error message. Here down is my code.

Entity

public class User {
    ...
    ...
    ...

    @Pattern(regexp = "^\\$2[ayb]\\$.{56}$")
    private String password;
}

Controller

@RequestMapping(value = "/register", method = RequestMethod.POST)
    public String resiterUser(@Valid @ModelAttribute("user") User user, 
                                  BindingResult result)
    {
        
        if(result.hasErrors())
        {
            return "signup";
        }

        // Problem is here
        user.setPassword(bCryptPasswordEncoder.encode(user.getPassword()));
        userRepo.save(user);
        return "redirect:/";
}

View

<form th:action="@{/register}" method="post">
    
    <div class="form-outline mb-4">
        <label class="form-label" for="form3Example4cg">Password</label>
        <input type="password" 
            th:classappend="${#fields.hasErrors('password') ? 'is-invalid' : ''}" 
            class="form-control form-control-lg"
            name="password" />
        <div id="validation" class="text-danger" th:each="e: ${#fields.errors('password')}" th:text=${e}>

        </div>
    </div>
    
    <div class="d-flex">
        <button type="submit" class="btn bg-primary">Submit</button>
    </div>
    
</form>

Solution

I solved my problem by the help of @OrangeDog, Who give me the way how to solve this problem.

• Declare another variable dummyPassword with transient keyword which is temporary variable.
• Here i am trying to validate the user entered password in Controller, If regular expression is match so, dummyPassword into encoded password and save into database otherwise got validation error

Entity:

public class User {
    ...
    ...
    ...

    private String password;

    @Pattern(regexp = "(?=.*[a-z])(?=.*[A-Z])(?=.*\\d)(?=.*[^\\da-zA-Z]).{8,15}$")
    private transient String dummyPassword;
}

In Controller set dummyPassword in orignal password

user.setPassword(bCryptPasswordEncoder.encode(user.getDummyPassword()));

Thymeleaf

<div class="form-outline mb-4">
    <label class="form-label" for="form3Example4cg">Password</label>
    <input type="password" 
        id="form3Example4cg"
        th:classappend="${#fields.hasErrors('newPassword') ? 'is-invalid' : ''}"
        class="form-control form-control-lg"
        name="newPassword" />
    <div class="text-danger" th:each="e: ${#fields.errors('newPassword')}" th:text=${e}>

    </div>
</div>

Answered By - Faeem azaz Bhanej
Answer Checked By - Katrina (JavaFixing Volunteer)