hubert/Experiment
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Compare commits

base: hubert:c1c05276a2e9becb1cac51a1b21a42e731c36a19
Branches Tags
hubert:master
...
compare: hubert:4cdb074ff555cbaad6430c80f23df5dd8cbbf197
Branches Tags
hubert:master

No commits in common. "c1c05276a2e9becb1cac51a1b21a42e731c36a19" and "4cdb074ff555cbaad6430c80f23df5dd8cbbf197" have entirely different histories.
c1c05276a2 ... 4cdb074ff5

3 changed files with 10 additions and 4 deletions
Show Stats Expand all files Collapse all files

5
src/main/kotlin/repositories/UserRepository.kt
View File

@ -5,11 +5,14 @@ import be.simplenotes.UserId
import be.simplenotes.public_.tables.Users.USERS
import be.simplenotes.security.PasswordHash
import com.github.benmanes.caffeine.cache.Caffeine
import de.mkammerer.argon2.Argon2Factory
import org.jooq.DSLContext
import org.jooq.Record
import org.jooq.exception.DataAccessException
class UserRepository(private val db: DSLContext, private val passwordHash: PasswordHash) {
private val argon2 = Argon2Factory.create()
private val cache = Caffeine.newBuilder()
.maximumSize(10)
.build<UserId, User>()
@ -28,7 +31,7 @@ class UserRepository(private val db: DSLContext, private val passwordHash: Passw
fun find(username: String, password: String): User? {
val user = db.fetchOne(USERS, USERS.USERNAME.eq(username))?.map(::userMapper) ?: return null
return if (passwordHash.verify(user.password, password))
return if (argon2.verify(user.password, password.encodeToByteArray()))
user
else null
}

4
src/main/kotlin/security/PasswordHash.kt
View File

@ -4,11 +4,11 @@ import de.mkammerer.argon2.Argon2Factory
interface PasswordHash {
fun hash(password: String): String
fun verify(hash: String, password: String): Boolean
fun verify(password: String, hash: String): Boolean
}
class Argon2PasswordHash : PasswordHash {
private val argon2 = Argon2Factory.create()
override fun hash(password: String): String = argon2.hash(10, 65536 / 2, 1, password.encodeToByteArray())
override fun verify(hash: String, password: String) = argon2.verify(hash, password.encodeToByteArray())
override fun verify(password: String, hash: String) = argon2.verify(password, password.encodeToByteArray())
}

5
src/main/kotlin/security/SimpleJwt.kt
View File

@ -14,11 +14,14 @@ class SimpleJwt(secret: String, validity: Long, timeUnit: TimeUnit) {
private val idClaim = "id"
private val verifier: JWTVerifier = JWT.require(algorithm).build()
fun sign(id: UserId): String = JWT.create()
fun sign(id: UserId): String {
return JWT.create()
.withClaim(idClaim, id.value)
.withExpiresAt(getExpiration())
.sign(algorithm)
}
fun extract(token: String): UserId? = try {
val decodedJWT = verifier.verify(token)