src/main/java/de/towerdefence/server/player/Player.java

@@ -0,0 +1,35 @@
+package de.towerdefence.server.player;
+
+import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Size;
+import lombok.Setter;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.AllArgsConstructor;
+import jakarta.persistence.*;
+
+@NoArgsConstructor
+@AllArgsConstructor
+@Getter
+@Setter
+@Entity
+@Table(name = "player")
+public class Player {
+    public static final int PASSWORD_SALT_BYTE_LENGTH = 16;
+    public static final int PASSWORD_HASH_BYTE_LENGTH = 64;
+
+    @Id
+    private Long id;
+
+    @NotNull
+    @Column(unique = true)
+    private String username;
+
+    @NotNull
+    @Size(min = PASSWORD_HASH_BYTE_LENGTH, max = PASSWORD_HASH_BYTE_LENGTH)
+    private byte[] passwordHash;
+
+    @NotNull
+    @Size(min = PASSWORD_SALT_BYTE_LENGTH, max = PASSWORD_SALT_BYTE_LENGTH)
+    private byte[] passwordSalt;
+}

src/main/java/de/towerdefence/server/player/PlayerRepository.java

@@ -0,0 +1,7 @@
+package de.towerdefence.server.player;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+
+public  interface PlayerRepository extends JpaRepository<Player, Long> {
+    Player findByUsername(String username);
+}

src/main/java/de/towerdefence/server/player/PlayerService.java

@@ -0,0 +1,52 @@
+package de.towerdefence.server.player;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.util.Arrays;
+
+@Component
+public class PlayerService {
+    @Autowired
+    private PlayerRepository playerRepository;
+
+    private final SecureRandom random;
+
+    public PlayerService(PlayerRepository playerRepository) {
+        this.playerRepository = playerRepository;
+        this.random = new SecureRandom();
+    }
+
+    public boolean checkPassword(Player player, String password) throws NoSuchAlgorithmException {
+        return Arrays.equals(
+            hashPassword(
+                    player.getPasswordSalt(),
+                    password.getBytes(StandardCharsets.UTF_8)
+            ),
+            player.getPasswordHash()
+        );
+    }
+
+    public void setPassword(Player player, String password) throws NoSuchAlgorithmException {
+        byte[] salt = new byte[Player.PASSWORD_SALT_BYTE_LENGTH];
+        this.random.nextBytes(salt);
+
+        byte[] passwordHash = hashPassword(
+                salt,
+                password.getBytes(StandardCharsets.UTF_8)
+        );
+
+        player.setPasswordSalt(salt);
+        player.setPasswordHash(passwordHash);
+    }
+
+    private static byte[] hashPassword(byte[] salt, byte[] password) throws NoSuchAlgorithmException {
+        MessageDigest md = MessageDigest.getInstance("SHA-512");
+        md.update(salt);
+        return md.digest(password);
+    }
+}