diff options
author | Anton Tananaev <anton.tananaev@gmail.com> | 2015-06-17 09:54:02 +1200 |
---|---|---|
committer | Anton Tananaev <anton.tananaev@gmail.com> | 2015-06-17 09:54:02 +1200 |
commit | 771e2d7c4ceb34c0b62852130061b04640b8ee71 (patch) | |
tree | 57a23077fc9af137baffbb51bcb4ba82cff2f94b /src/org/traccar/model | |
parent | 8ff799f9d16715259131cd535f7f918823f161f9 (diff) | |
parent | 92ac9aaa10fcf65a005c4e06245ce4a9427d5148 (diff) | |
download | trackermap-server-771e2d7c4ceb34c0b62852130061b04640b8ee71.tar.gz trackermap-server-771e2d7c4ceb34c0b62852130061b04640b8ee71.tar.bz2 trackermap-server-771e2d7c4ceb34c0b62852130061b04640b8ee71.zip |
Merge pull request #1252 from demianalonso/password-salt
Implemented password hashing with salt
Diffstat (limited to 'src/org/traccar/model')
-rw-r--r-- | src/org/traccar/model/User.java | 40 |
1 files changed, 34 insertions, 6 deletions
diff --git a/src/org/traccar/model/User.java b/src/org/traccar/model/User.java index 410bc4d74..f7c55c0d6 100644 --- a/src/org/traccar/model/User.java +++ b/src/org/traccar/model/User.java @@ -15,7 +15,9 @@ */ package org.traccar.model; -import org.traccar.helper.Hashing; +import org.traccar.helper.IgnoreOnSerialization; +import org.traccar.helper.PasswordHash; +import org.traccar.helper.PasswordHash.HashingResult; public class User implements Factory { @@ -35,11 +37,18 @@ public class User implements Factory { private String email; public String getEmail() { return email; } public void setEmail(String email) { this.email = email; } - - private byte[] password; - public byte[] getPassword() { return password; } - public void setPassword(String password) { this.password = Hashing.sha256(password); } - + + private String hashedPassword; + @IgnoreOnSerialization + public String getHashedPassword() { return hashedPassword; } + public void setHashedPassword(String hashedPassword) { + this.hashedPassword = hashedPassword; + } + + private String salt; + @IgnoreOnSerialization + public String getSalt() { return salt; } + public void setSalt(String salt) { this.salt = salt; } private boolean readonly; private boolean admin; @@ -59,4 +68,23 @@ public class User implements Factory { private double longitude; private int zoom; + + private String password; + public String getPassword() { return password; } + public void setPassword(String password) { + this.password = password; + if(this.password != null && !this.password.trim().equals("")) { + this.hashPassword(password); + } + } + + public boolean isPasswordValid(String inputPassword) { + return PasswordHash.validatePassword(inputPassword.toCharArray(), PasswordHash.PBKDF2_ITERATIONS, this.salt, this.hashedPassword); + } + + public void hashPassword(String password) { + HashingResult hashingResult = PasswordHash.createHash(password); + this.hashedPassword = hashingResult.hash; + this.salt = hashingResult.salt; + } } |