From 80f766554a3dd117b2958fd8c55b8fab2b73f9f9 Mon Sep 17 00:00:00 2001
From: Demian <demianalonso@gmail.com>
Date: Thu, 11 Jun 2015 10:20:37 -0300
Subject: Implemented password hashing using a salt, following this
 code&guidelines: https://crackstation.net/hashing-security.htm

---
 src/org/traccar/http/UserServlet.java | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/org/traccar/http/UserServlet.java')

diff --git a/src/org/traccar/http/UserServlet.java b/src/org/traccar/http/UserServlet.java
index f388326b0..197ef0326 100644
--- a/src/org/traccar/http/UserServlet.java
+++ b/src/org/traccar/http/UserServlet.java
@@ -47,14 +47,14 @@ public class UserServlet extends BaseServlet {
     private void add(HttpServletRequest req, HttpServletResponse resp) throws Exception {
         User user = JsonConverter.objectFromJson(req.getReader(), new User());
         Context.getPermissionsManager().checkUser(getUserId(req), user.getId());
-        Context.getDataManager().addUser(user);
+        Context.getDataManager().addUser(user, user.getPassword());
         sendResponse(resp.getWriter(), JsonConverter.objectToJson(user));
     }
     
     private void update(HttpServletRequest req, HttpServletResponse resp) throws Exception {
         User user = JsonConverter.objectFromJson(req.getReader(), new User());
         Context.getPermissionsManager().checkUser(getUserId(req), user.getId());
-        Context.getDataManager().updateUser(user);
+        Context.getDataManager().updateUser(user, user.getPassword());
         sendResponse(resp.getWriter(), true);
     }
     
-- 
cgit v1.2.3