Fix for JWT assignment 1 log in now works again.

Reset button only triggers reset when admin is set to true in the token

webgoat-lessons/jwt/src/main/java/org/owasp/webgoat/plugin/JWTVotesEndpoint.java

@@ -143,7 +143,6 @@ AttackResult resetVotes(@CookieValue(value = "access_token", required = false) S
                 Claims claims = (Claims) jwt.getBody();
                 boolean isAdmin = Boolean.valueOf((String) claims.get("admin"));
                 if (!isAdmin) {
-                    votes.values().forEach(vote -> vote.reset());
                     return trackProgress(failed().feedback("jwt-only-admin").build());
                 } else {
                     votes.values().forEach(vote -> vote.reset());

webgoat-lessons/jwt/src/main/resources/html/JWT.html

@@ -16,8 +16,10 @@
 
     <link rel="stylesheet" type="text/css" th:href="@{/lesson_css/jwt.css}"/>
     <script th:src="@{/lesson_js/bootstrap.min.js}" language="JavaScript"></script>
-    <script th:src="@{/lesson_js/jwt-signing.js}" language="JavaScript"></script>
+    <script th:src="@{/lesson_js/jwt-voting.js}" language="JavaScript"></script>
     <div class="attack-container">
+        <div class="attack-feedback"></div>
+        <div class="attack-output"></div>
         <div class="assignment-success"><i class="fa fa-2 fa-check hidden" aria-hidden="true"></i></div>
         <form class="attack-form" accept-charset="UNKNOWN"
               method="POST"
@@ -37,16 +39,16 @@
                                 </button>
                                 <ul class="dropdown-menu dropdown-menu-left">
                                     <li role="presentation"><a role="menuitem" tabindex="-1"
-                                                               onclick="javascript:login('Guest')"
+                                                               onclick="javascript:loginVotes('Guest')"
                                                                th:text="Guest">current</a></li>
                                     <li role="presentation"><a role="menuitem" tabindex="-1"
-                                                               onclick="javascript:login('Tom')"
+                                                               onclick="javascript:loginVotes('Tom')"
                                                                th:text="Tom">current</a></li>
                                     <li role="presentation"><a role="menuitem" tabindex="-1"
-                                                               onclick="javascript:login('Jerry')"
+                                                               onclick="javascript:loginVotes('Jerry')"
                                                                th:text="Jerry">current</a></li>
                                     <li role="presentation"><a role="menuitem" tabindex="-1"
-                                                               onclick="javascript:login('Sylvester')"
+                                                               onclick="javascript:loginVotes('Sylvester')"
                                                                th:text="Sylvester">current</a></li>
                                 </ul>
                                 <button type="button" class="btn btn-default fa fa-refresh" title="Refresh votes"
@@ -70,8 +72,7 @@ <h3>Vote for your favorite</h3>
         </form>
 
         <br/>
-        <div class="attack-feedback"></div>
-        <div class="attack-output"></div>
+
     </div>
 </div>
 

webgoat-lessons/jwt/src/main/resources/js/jwt-signing.js → webgoat-lessons/jwt/src/main/resources/js/jwt-voting.js

@@ -1,8 +1,8 @@
 $(document).ready(function () {
-    login('Guest');
+    loginVotes('Guest');
 })
 
-function login(user) {
+function loginVotes(user) {
     $("#name").text(user);
     $.ajax({
         url: 'JWT/votings/login?user=' + user,