MaltesConsolenEcke #2
@ -1,4 +1,15 @@
|
|||||||
package com.bib.essensbestellungsverwaltung;
|
package com.bib.essensbestellungsverwaltung;
|
||||||
|
|
||||||
|
import javax.crypto.SecretKeyFactory;
|
||||||
|
import javax.crypto.spec.PBEKeySpec;
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.SecureRandom;
|
||||||
|
import java.security.spec.InvalidKeySpecException;
|
||||||
|
import java.security.spec.KeySpec;
|
||||||
|
import java.util.Arrays;
|
||||||
|
import java.util.Base64;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
@author Malte Schulze Hobeling
|
@author Malte Schulze Hobeling
|
||||||
*/
|
*/
|
||||||
@ -40,7 +51,7 @@ public class AccountMgr {
|
|||||||
String[] userH = {"name", "firstname", "addressid", "password", "email"};
|
String[] userH = {"name", "firstname", "addressid", "password", "email"};
|
||||||
String name = userData[0];
|
String name = userData[0];
|
||||||
String firstname = userData[1];
|
String firstname = userData[1];
|
||||||
String pw = userData[2];
|
String pw = hashAndSalt(userData[2]);
|
||||||
String email = userData[3];
|
String email = userData[3];
|
||||||
|
|
||||||
long id = Database.insert("address", addressH, addressData);
|
long id = Database.insert("address", addressH, addressData);
|
||||||
@ -72,7 +83,7 @@ public class AccountMgr {
|
|||||||
|
|
||||||
public static long login(String email, String pw){
|
public static long login(String email, String pw){
|
||||||
String[] userH = {"email","password"};
|
String[] userH = {"email","password"};
|
||||||
String[] userD = {email,pw};
|
String[] userD = {email,hashAndSalt(pw)};
|
||||||
return Database.getSingleId("user",userH,userD);
|
return Database.getSingleId("user",userH,userD);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -90,4 +101,20 @@ public class AccountMgr {
|
|||||||
long parentId = Database.getSingleId("parent",parentH,parentD);
|
long parentId = Database.getSingleId("parent",parentH,parentD);
|
||||||
return parentId > 0;
|
return parentId > 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public static String hashAndSalt(String pw){
|
||||||
|
//todo: find a better way to salt
|
||||||
|
byte[] magicSalt = new byte[]{96, 13, 100, 85, -37, 52, -123, 86, -123, -92, 16, 15, -110, -42, -49, 0};
|
||||||
|
KeySpec spec = new PBEKeySpec(pw.toCharArray(), magicSalt,310001,256);
|
||||||
|
String hashedPw = null;
|
||||||
|
try {
|
||||||
|
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
|
||||||
|
byte[] hash = factory.generateSecret(spec).getEncoded();
|
||||||
|
Base64.Encoder enc = Base64.getEncoder();
|
||||||
|
hashedPw = enc.encodeToString(hash);
|
||||||
|
} catch (InvalidKeySpecException | NoSuchAlgorithmException e) {
|
||||||
|
throw new RuntimeException(e);
|
||||||
|
}
|
||||||
|
return hashedPw;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user