From 3bd2a31d93e2ffc672cbe79337c0edd135466046 Mon Sep 17 00:00:00 2001
From: "GRUPOLKS\\m.garcia" <mgarcia@lksnext.com>
Date: Mon, 31 Mar 2025 11:37:02 +0200
Subject: [PATCH] issue

---
 .../springframework/samples/petclinic/owner/Owner.java    | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/main/java/org/springframework/samples/petclinic/owner/Owner.java b/src/main/java/org/springframework/samples/petclinic/owner/Owner.java
index 675b2140e..c906f9530 100644
--- a/src/main/java/org/springframework/samples/petclinic/owner/Owner.java
+++ b/src/main/java/org/springframework/samples/petclinic/owner/Owner.java
@@ -170,6 +170,14 @@ public class Owner extends Person {
 		Assert.notNull(pet, "Invalid Pet identifier!");
 
 		pet.addVisit(visit);
+
+		return (req: Request, res: Response, next: NextFunction) => {
+			verifyPreLoginChallenges(req) // vuln-code-snippet hide-line
+			models.sequelize.query('SELECT * FROM Users WHERE email = :email AND password = :password AND deletedAt IS NULL', {
+			replacements: { email: req.body.email || '', password: security.hash(req.body.password || '') },
+			model: UserModel,
+			plain: true
+    	})
 	}
 
 }