From 85707e32c590567b0afe53e2d4cf9114f96a7146 Mon Sep 17 00:00:00 2001 From: Richard Schmidt Date: Thu, 8 Feb 2024 15:40:19 +0100 Subject: [PATCH] Added hashing algorithm to the user signup and login --- src/main/java/CreateUser.java | 43 +++++++++++++++++++++++++++++------ src/main/java/LoginGUI.java | 32 +++++++++++++++++++++++--- src/main/java/SignUpGUI.java | 4 +++- user.json | 32 +++++++++----------------- 4 files changed, 79 insertions(+), 32 deletions(-) diff --git a/src/main/java/CreateUser.java b/src/main/java/CreateUser.java index 59c55b1..c078749 100644 --- a/src/main/java/CreateUser.java +++ b/src/main/java/CreateUser.java @@ -10,6 +10,9 @@ import java.util.List; import java.io.FileWriter; import java.io.IOException; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + import java.util.UUID; class CreateUser { @@ -18,18 +21,18 @@ class CreateUser { private String password; private String birthday; private String firstName; - private String surName; + private String surname; private boolean stayLoggedIn; // Constructor - public CreateUser(String id, String name, String password, String birthday) { + public CreateUser(String id, String name, String password, String birthday, String firstName, String surname) { this.id = id; this.userName = name; - this.password = password; + this.password = hashPassword(password); this.birthday = birthday; this.firstName = firstName; - this.surName = surName; + this.surname = surname; } // Getters and Setters @@ -72,6 +75,14 @@ class CreateUser { public void setFirstName(String firstName) { this.firstName = firstName; } + + public String surname() { + return firstName; + } + + public void surname(String firstName) { + this.firstName = firstName; + } public boolean isStayLoggedIn() { return stayLoggedIn; @@ -82,7 +93,7 @@ class CreateUser { } // Function to create user with validation - public static CreateUser createUser(String id, String userName, String password, String birthday) { + public static CreateUser createUser(String id, String userName, String password, String birthday, String firstName, String surname) { if (userName == null || userName.isEmpty()) { throw new IllegalArgumentException("Username cannot be empty"); } @@ -91,7 +102,25 @@ class CreateUser { } if (password.length() < 6) { throw new IllegalArgumentException("Password must be at least 6 characters long"); - } return new CreateUser(id, userName, password, birthday); + } return new CreateUser(id, userName, password, birthday, firstName, surname); + } + + // Function to hash the password using SHA-256 algorithm + private String hashPassword(String password) { + try { + MessageDigest digest = MessageDigest.getInstance("SHA-256"); + byte[] hash = digest.digest(password.getBytes()); + StringBuilder hexString = new StringBuilder(); + for (byte b : hash) { + String hex = Integer.toHexString(0xff & b); + if (hex.length() == 1) hexString.append('0'); + hexString.append(hex); + } + return hexString.toString(); + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + return null; + } } // Function to save to JSON file, replace with database call later @@ -147,7 +176,7 @@ class CreateUser { try { // Example usage UUID randomUUID = UUID.randomUUID(); - CreateUser user = createUser(randomUUID.toString(), "Test User", "TestPasswort123", "01.01.2000"); + CreateUser user = createUser(randomUUID.toString(), "Hash Test", "123456", "01.01.2000", "Hans", "Wurst"); // Example of accessing properties System.out.println("UserID: " + user.getId()); diff --git a/src/main/java/LoginGUI.java b/src/main/java/LoginGUI.java index f8dad01..6a442b7 100644 --- a/src/main/java/LoginGUI.java +++ b/src/main/java/LoginGUI.java @@ -5,6 +5,9 @@ import java.util.List; import java.awt.event.KeyEvent; import java.awt.event.KeyListener; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; + public class LoginGUI extends JFrame implements ActionListener { private JTextField usernameField; private JPasswordField passwordField; @@ -102,15 +105,38 @@ public class LoginGUI extends JFrame implements ActionListener { private boolean authenticateUser(String username, String password) { List userList = CreateUser.readUserListFromJsonFile("user.json"); if (userList != null) { - for (CreateUser user : userList) { - if (user.getUserName().equals(username) && user.getPassword().equals(password)) { - return true; //Success + for (CreateUser user : userList) { + if (user.getUserName().equals(username)) { + // Hash the user input password + String hashedPassword = hashPassword(password); + // Compare the hashed passwords + if (user.getPassword().equals(hashedPassword)) { + return true; // Success } } } + } return false; // Fail } + private String hashPassword(String password) { + try { + MessageDigest digest = MessageDigest.getInstance("SHA-256"); + byte[] hash = digest.digest(password.getBytes()); + StringBuilder hexString = new StringBuilder(); + for (byte b : hash) { + String hex = Integer.toHexString(0xff & b); + if (hex.length() == 1) { + hexString.append('0'); + } + hexString.append(hex); + } + return hexString.toString(); + } catch (NoSuchAlgorithmException e) { + e.printStackTrace(); + return null; + } + } private class EnterKeyListener implements KeyListener { @Override diff --git a/src/main/java/SignUpGUI.java b/src/main/java/SignUpGUI.java index 0266fe4..2f31890 100644 --- a/src/main/java/SignUpGUI.java +++ b/src/main/java/SignUpGUI.java @@ -75,6 +75,8 @@ public class SignUpGUI extends JFrame implements ActionListener { String password = passwordField.getText(); String confirmPassword = confirmPasswordField.getText(); String birthday = birthdayField.getText(); + String firstName = firstNameField.getText(); + String surname = surnameField.getText(); if (!password.equals(confirmPassword)) { JOptionPane.showMessageDialog(this, "Passwords do not match!", "Sign Up Error", JOptionPane.ERROR_MESSAGE); @@ -87,7 +89,7 @@ public class SignUpGUI extends JFrame implements ActionListener { } try { UUID randomUUID = UUID.randomUUID(); - CreateUser user = CreateUser.createUser(randomUUID.toString(), username, password, birthday); + CreateUser user = CreateUser.createUser(randomUUID.toString(), username, password, birthday, firstName, surname); user.saveToJsonFile("user.json"); JOptionPane.showMessageDialog(this, "User signed up successfully!"); dispose(); diff --git a/user.json b/user.json index 2bef498..29df4e8 100644 --- a/user.json +++ b/user.json @@ -1,30 +1,20 @@ [ { - "id": "a2864d79-1079-4cbb-8d77-f5f84995580d", - "userName": "Another Test User", - "password": "TestPasswort123", - "birthday": "01.01.2000", - "stayLoggedIn": false - }, - { - "id": "3690702d-9c7e-48fb-8a01-ef89b3b76268", - "userName": "TestUser2", - "password": "123456", - "birthday": "01.01.2000", - "stayLoggedIn": false - }, - { - "id": "685bc3a6-e706-4214-a5e1-8443d1a5258e", - "userName": "Test User", - "password": "Test", - "birthday": "01.01.2000", + "id": "d7ae19fe-4684-4d69-a73d-4cca612962a3", + "userName": "Test", + "password": "8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92", + "birthday": "", + "firstName": "", + "surname": "", "stayLoggedIn": false }, { - "id": "57b7fb2e-50c1-4027-8871-58cbfc8405c8", - "userName": "New", - "password": "123456", + "id": "2ec2c0c5-677c-4262-8958-fef98d11cc63", + "userName": "Test2", + "password": "8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92", "birthday": "", + "firstName": "", + "surname": "", "stayLoggedIn": false } ] \ No newline at end of file