Correct the api rest authentication [EN/PL]

in #utopian-io7 years ago (edited)

start.png

(EN) Improvement of the REST-API for authentication

(polish version below)

Because imported data from Scada has a different password hashing mechanism, I adapted our API to use the same mechanism.

The method checkPassword (String hash, String password) has been added to check the validity of the hash with the password in the UsersServiceImpl.

The data structure has been changed. Field name md5password has been changed to hash.
This caused the need for changes also in the following classes: UserDao, Migration, User, UserAPI, UserDaoTest.

In addition, I changed the visibility range of the encriptPassword (String plainText) function to the public in the UsersServiceImp class, which allowed it to be used in the AuthenticationService class.

Also, a unit test has been added to check the hash of the default password for the User "admin" in the UserServiceTest.
And there has been a corrected mistake in using an annotation instead of @PathParam @PathVariable should be used.
Finally, the authentication check (which should be by https by default)

utopian-198.png

All changes were made as part of the tasks 198

(PL) Poprawa REST-API do autentykacji

Ponieważ zaimportowane dane z programu Scada-LTS mają inny mechanizm haszowania haseł to dostosowałem API aby używało tego samego mechanizmu.

Dodałem metodę checkPassword(String hash, String password) sprawdzającą prawidłowość hasza z hasłem w klasie UsersServiceImpl.

Zmodyfikowałem struktury danych, nazwa pola md5password została zamieniona na hash, co wymusiło zmiany w klasach: UserDao, Migration, User, UserAPI, UserDaoTest

Dodatkowo zmieniłem zasięg widoczności funkcji encriptPassword(String plainText) na publiczny w klasie UsersServiceImp, co pozwoliło na użycie jej w klasie AuthenticationService.

Utworzyłem test jednostkowy sprawdzający hash domyślnego hasła dla Użytkownika "admin" w UserServiceTest.

Poprawiłem też pomyłkę w użyciu adnotacji. Zmieniając @PathParam na @PathVariable.

Na końcu test sprawdzający autentykacje (która domyślnie ma być po https)

utopian-198.png

Wszystkie zmiany zostały dokonane w ramach zadaniach 198



Posted on Utopian.io - Rewarding Open Source Contributors

Sort:  

Thank you for the contribution. It has been approved.

Please try to keep your contributions in english.

You can contact us on Discord.
[utopian-moderator]

Hey @ms10398, I just gave you a tip for your hard work on moderation. Upvote this comment to support the utopian moderators and increase your future rewards!

My basic language is Polish.
That is why I put a bilingual version.

@grzesiekb, Upvote is the only thing I can support you.

Hey @grzesiekb I am @utopian-io. I have just upvoted you!

Achievements

  • You have less than 500 followers. Just gave you a gift to help you succeed!
  • Seems like you contribute quite often. AMAZING!

Community-Driven Witness!

I am the first and only Steem Community-Driven Witness. Participate on Discord. Lets GROW TOGETHER!

mooncryption-utopian-witness-gif

Up-vote this comment to grow my power and help Open Source contributions like this one. Want to chat? Join me on Discord https://discord.gg/Pc8HG9x

Brawo Grzesiu! Dobry jesteś.

Mega - brawo !!!