aboutsummaryrefslogtreecommitdiff
path: root/src/org/traccar
diff options
context:
space:
mode:
Diffstat (limited to 'src/org/traccar')
-rw-r--r--src/org/traccar/database/DataManager.java18
-rw-r--r--src/org/traccar/database/QueryBuilder.java22
-rw-r--r--src/org/traccar/model/User.java24
3 files changed, 58 insertions, 6 deletions
diff --git a/src/org/traccar/database/DataManager.java b/src/org/traccar/database/DataManager.java
index 7c2505f77..7ded88d15 100644
--- a/src/org/traccar/database/DataManager.java
+++ b/src/org/traccar/database/DataManager.java
@@ -15,10 +15,12 @@
*/
package org.traccar.database;
-import com.mchange.v2.c3p0.ComboPooledDataSource;
import java.io.File;
+import java.io.UnsupportedEncodingException;
import java.net.URL;
import java.net.URLClassLoader;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
import java.sql.Connection;
import java.sql.Driver;
import java.sql.DriverManager;
@@ -30,8 +32,10 @@ import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.Properties;
+
import javax.naming.InitialContext;
import javax.sql.DataSource;
+
import org.traccar.Context;
import org.traccar.helper.DriverDelegate;
import org.traccar.helper.Log;
@@ -42,6 +46,8 @@ import org.traccar.model.Position;
import org.traccar.model.Server;
import org.traccar.model.User;
+import com.mchange.v2.c3p0.ComboPooledDataSource;
+
public class DataManager {
private static final long DEFAULT_REFRESH_DELAY = 300;
@@ -173,7 +179,7 @@ public class DataManager {
mockData(admin.getId());
}
-
+
private void mockData(long userId) {
if (Boolean.valueOf(Context.getProps().getProperty("database.mock"))) {
try {
@@ -213,7 +219,7 @@ public class DataManager {
public User login(String email, String password) throws SQLException {
return QueryBuilder.create(dataSource, properties.getProperty("database.loginUser"))
.setString("email", email)
- .setString("password", password)
+ .setBytes("password", User.sha256(password))
.executeQuerySingle(new User());
}
@@ -232,6 +238,12 @@ public class DataManager {
QueryBuilder.create(dataSource, properties.getProperty("database.updateUser"))
.setObject(user)
.executeUpdate();
+
+ if(user.getPassword() != null) {
+ QueryBuilder.create(dataSource, properties.getProperty("database.updateUserPassword"))
+ .setObject(user)
+ .executeUpdate();
+ }
}
public void removeUser(User user) throws SQLException {
diff --git a/src/org/traccar/database/QueryBuilder.java b/src/org/traccar/database/QueryBuilder.java
index ff26221de..05ec3e35c 100644
--- a/src/org/traccar/database/QueryBuilder.java
+++ b/src/org/traccar/database/QueryBuilder.java
@@ -15,6 +15,7 @@
*/
package org.traccar.database;
+import java.lang.reflect.Array;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.sql.Connection;
@@ -31,7 +32,9 @@ import java.util.HashMap;
import java.util.LinkedList;
import java.util.List;
import java.util.Map;
+
import javax.sql.DataSource;
+
import org.traccar.model.Factory;
public class QueryBuilder {
@@ -211,6 +214,23 @@ public class QueryBuilder {
return this;
}
+ public QueryBuilder setBytes(String name, byte[] value) throws SQLException {
+ for (int i : indexes(name)) {
+ try {
+ if (value == null) {
+ statement.setNull(i, Types.VARCHAR);
+ } else {
+ statement.setBytes(i, value);
+ }
+ } catch (SQLException error) {
+ statement.close();
+ connection.close();
+ throw error;
+ }
+ }
+ return this;
+ }
+
public QueryBuilder setObject(Object object) throws SQLException {
Method[] methods = object.getClass().getMethods();
@@ -231,6 +251,8 @@ public class QueryBuilder {
setString(name, (String) method.invoke(object));
} else if (method.getReturnType().equals(Date.class)) {
setDate(name, (Date) method.invoke(object));
+ } else if (method.getReturnType().equals(byte[].class)) {
+ setBytes(name, (byte[]) method.invoke(object));
}
} catch (IllegalAccessException error) {
} catch (InvocationTargetException error) {
diff --git a/src/org/traccar/model/User.java b/src/org/traccar/model/User.java
index 2df5f276d..70a4498f5 100644
--- a/src/org/traccar/model/User.java
+++ b/src/org/traccar/model/User.java
@@ -15,6 +15,10 @@
*/
package org.traccar.model;
+import java.io.UnsupportedEncodingException;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+
public class User implements Factory {
@Override
@@ -34,9 +38,9 @@ public class User implements Factory {
public String getEmail() { return email; }
public void setEmail(String email) { this.email = email; }
- private String password;
- public String getPassword() { return password; }
- public void setPassword(String password) { this.password = password; }
+ private byte[] password;
+ public byte[] getPassword() { return password; }
+ public void setPassword(String password) { this.password = sha256(password); }
private boolean readonly;
@@ -58,4 +62,18 @@ public class User implements Factory {
private int zoom;
+
+ public static byte[] sha256(String text) {
+ try {
+ MessageDigest md = MessageDigest.getInstance("SHA-256");
+
+ md.update(text.getBytes("UTF-8"));
+ byte[] digest = md.digest();
+ return digest;
+ } catch (NoSuchAlgorithmException e) {
+ throw new RuntimeException(e);
+ } catch (UnsupportedEncodingException e) {
+ throw new RuntimeException(e);
+ }
+ }
}