Correct the api rest authentication [EN/PL]

(EN) Improvement of the REST-API for authentication

(polish version below)

Because imported data from Scada has a different password hashing mechanism, I adapted our API to use the same mechanism.

The method checkPassword (String hash, String password) has been added to check the validity of the hash with the password in the UsersServiceImpl.

The data structure has been changed. Field name md5password has been changed to hash.
This caused the need for changes also in the following classes: UserDao, Migration, User, UserAPI, UserDaoTest.

In addition, I changed the visibility range of the encriptPassword (String plainText) function to the public in the UsersServiceImp class, which allowed it to be used in the AuthenticationService class.

Also, a unit test has been added to check the hash of the default password for the User "admin" in the UserServiceTest.
And there has been a corrected mistake in using an annotation instead of @PathParam @PathVariable should be used.
Finally, the authentication check (which should be by https by default)

All changes were made as part of the tasks 198

(PL) Poprawa REST-API do autentykacji

Ponieważ zaimportowane dane z programu Scada-LTS mają inny mechanizm haszowania haseł to dostosowałem API aby używało tego samego mechanizmu.

Dodałem metodę checkPassword(String hash, String password) sprawdzającą prawidłowość hasza z hasłem w klasie UsersServiceImpl.

Zmodyfikowałem struktury danych, nazwa pola md5password została zamieniona na hash, co wymusiło zmiany w klasach: UserDao, Migration, User, UserAPI, UserDaoTest

Dodatkowo zmieniłem zasięg widoczności funkcji encriptPassword(String plainText) na publiczny w klasie UsersServiceImp, co pozwoliło na użycie jej w klasie AuthenticationService.

Utworzyłem test jednostkowy sprawdzający hash domyślnego hasła dla Użytkownika "admin" w UserServiceTest.

Poprawiłem też pomyłkę w użyciu adnotacji. Zmieniając @PathParam na @PathVariable.

Na końcu test sprawdzający autentykacje (która domyślnie ma być po https)

Wszystkie zmiany zostały dokonane w ramach zadaniach 198

Posted on Utopian.io - Rewarding Open Source Contributors

Sort Order:

Trending

[-]

ms10398 (64) · 7 years ago (edited)

Thank you for the contribution. It has been approved.

Please try to keep your contributions in english.

You can contact us on Discord.
[utopian-moderator]

$2.16

4 votes

utopian.tip (46) · 7 years ago

Hey @ms10398, I just gave you a tip for your hard work on moderation. Upvote this comment to support the utopian moderators and increase your future rewards!

$0.49

grzesiekb (56) · 7 years ago

My basic language is Polish.
That is why I put a bilingual version.

$0.00

steemitstats (47) · 7 years ago

@grzesiekb, Upvote is the only thing I can support you.

$0.46

1 vote

utopian-io (71) · 7 years ago

Hey @grzesiekb I am @utopian-io. I have just upvoted you!

Achievements

You have less than 500 followers. Just gave you a gift to help you succeed!
Seems like you contribute quite often. AMAZING!

Community-Driven Witness!

I am the first and only Steem Community-Driven Witness. Participate on Discord. Lets GROW TOGETHER!

Vote for my Witness With SteemConnect
Proxy vote to Utopian Witness with SteemConnect
Or vote/proxy on Steemit Witnesses

Up-vote this comment to grow my power and help Open Source contributions like this one. Want to chat? Join me on Discord https://discord.gg/Pc8HG9x

jozef230 (70) · 7 years ago

Brawo Grzesiu! Dobry jesteś.

gradzio (56) · 7 years ago

Mega - brawo !!!