diff --git a/src/main/java/de/towerdefence/server/player/PlayerService.java b/src/main/java/de/towerdefence/server/player/PlayerService.java new file mode 100644 index 0000000..7f148e7 --- /dev/null +++ b/src/main/java/de/towerdefence/server/player/PlayerService.java @@ -0,0 +1,52 @@ +package de.towerdefence.server.player; + +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import java.nio.charset.StandardCharsets; +import java.security.MessageDigest; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; +import java.util.Arrays; + +@Component +public class PlayerService { + @Autowired + private PlayerRepository playerRepository; + + private final SecureRandom random; + + public PlayerService(PlayerRepository playerRepository) { + this.playerRepository = playerRepository; + this.random = new SecureRandom(); + } + + public boolean checkPassword(Player player, String password) throws NoSuchAlgorithmException { + return Arrays.equals( + hashPassword( + player.getPasswordSalt(), + password.getBytes(StandardCharsets.UTF_8) + ), + player.getPasswordHash() + ); + } + + public void setPassword(Player player, String password) throws NoSuchAlgorithmException { + byte[] salt = new byte[16]; + this.random.nextBytes(salt); + + byte[] passwordHash = hashPassword( + salt, + password.getBytes(StandardCharsets.UTF_8) + ); + + player.setPasswordSalt(salt); + player.setPasswordHash(passwordHash); + } + + private static byte[] hashPassword(byte[] salt, byte[] password) throws NoSuchAlgorithmException { + MessageDigest md = MessageDigest.getInstance("SHA-512"); + md.update(salt); + return md.digest(password); + } +}