package de.fhswf.in.inf.fit.aufgabe5.model; import java.io.Serializable; import java.security.MessageDigest; import java.security.NoSuchAlgorithmException; import java.util.Base64; import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Id; import javax.persistence.NamedQuery; import javax.persistence.Table; /** * The persistent class for the account database table. * */ @Entity @Table(name = "account") @NamedQuery(name = "Account.findAll", query = "SELECT a FROM Account a") public class Account implements Serializable { private static final long serialVersionUID = 1L; @Id @Column(name = "Username") private String username; @Column(name = "Password") private String password; @Column(name = "Salt") private String salt; public Account() { } public String getUsername() { return this.username; } public void setUsername(String username) { this.username = username; } public String getPassword() { return this.password; } public void setPassword(String password) { this.password = createSaltedPasswordHash(password); } private String getSalt() { // TODO Generate Salt if not set return this.salt; } public Boolean isPasswordCorrect(String password) { return getPassword().equals(createSaltedPasswordHash(password)); } /** * Generate a Base64 encoded SHA-1 hashed password that is salted. * * @param password * The password to encode. * @param salt * The salt for salting the password. * @return The salted and encoded password hash. */ protected String createSaltedPasswordHash(String password) { try { MessageDigest md = MessageDigest.getInstance("SHA-1"); md.update((password + getSalt()).getBytes()); return Base64.getEncoder().encodeToString(md.digest()); } catch (NoSuchAlgorithmException e) { throw new IllegalStateException( "SHA-1 for some reason is not supported.", e); } } }