fixed salt

This commit is contained in:
Malte Schulze Hobeling 2023-01-17 13:47:24 +01:00
parent e245233a23
commit ec2d3b581d

View File

@ -106,9 +106,15 @@ public class AccountMgr {
String[] pwH = {"email"}; String[] pwH = {"email"};
String[] pwD = {email}; String[] pwD = {email};
List<String> foundEmail = Database.select("user",pwH,pwD); List<String> foundEmail = Database.select("user",pwH,pwD);
String salt;
if(foundEmail.size() == 1){
String[] userParts = foundEmail.get(0).split(":"); String[] userParts = foundEmail.get(0).split(":");
String[] pwParts = userParts[4].split("\\."); String[] pwParts = userParts[4].split("\\.");
String salt = pwParts[1]; salt = pwParts[1];
}else{
//no unique user found; still calculating a hash for security reasons
salt = getSalt();
}
String[] userH = {"email","password"}; String[] userH = {"email","password"};
String[] userD = {email,hashAndSalt(pw,salt)}; String[] userD = {email,hashAndSalt(pw,salt)};
return Database.getSingleId("user",userH,userD); return Database.getSingleId("user",userH,userD);