zmiana hasla
This commit is contained in:
parent
9c47e45353
commit
e96f619e46
@ -1,13 +1,11 @@
|
|||||||
package com.example.bsm_notatnik;
|
package com.example.bsm_notatnik;
|
||||||
|
|
||||||
import androidx.annotation.NonNull;
|
|
||||||
import androidx.appcompat.app.AppCompatActivity;
|
import androidx.appcompat.app.AppCompatActivity;
|
||||||
|
|
||||||
import android.content.Intent;
|
import android.content.Intent;
|
||||||
import android.content.SharedPreferences;
|
import android.content.SharedPreferences;
|
||||||
import android.os.Bundle;
|
import android.os.Bundle;
|
||||||
import android.text.TextUtils;
|
import android.text.TextUtils;
|
||||||
import android.util.Log;
|
|
||||||
import android.view.View;
|
import android.view.View;
|
||||||
import android.widget.Button;
|
import android.widget.Button;
|
||||||
import android.widget.EditText;
|
import android.widget.EditText;
|
||||||
@ -15,17 +13,12 @@ import android.widget.ProgressBar;
|
|||||||
import android.widget.TextView;
|
import android.widget.TextView;
|
||||||
import android.widget.Toast;
|
import android.widget.Toast;
|
||||||
|
|
||||||
import com.google.android.gms.tasks.OnCompleteListener;
|
import java.nio.charset.StandardCharsets;
|
||||||
import com.google.android.gms.tasks.Task;
|
import java.security.MessageDigest;
|
||||||
import com.google.firebase.auth.AuthResult;
|
|
||||||
import com.google.firebase.auth.FirebaseAuth;
|
|
||||||
import com.google.firebase.auth.FirebaseUser;
|
|
||||||
|
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.security.spec.InvalidKeySpecException;
|
import java.security.spec.InvalidKeySpecException;
|
||||||
import java.security.spec.KeySpec;
|
import java.security.spec.KeySpec;
|
||||||
import java.util.Base64;
|
import java.util.Base64;
|
||||||
import java.util.Objects;
|
|
||||||
|
|
||||||
import javax.crypto.SecretKey;
|
import javax.crypto.SecretKey;
|
||||||
import javax.crypto.SecretKeyFactory;
|
import javax.crypto.SecretKeyFactory;
|
||||||
@ -66,8 +59,10 @@ public class Login extends AppCompatActivity {
|
|||||||
@Override
|
@Override
|
||||||
public void onClick(View view) {
|
public void onClick(View view) {
|
||||||
//progressBar.setVisibility(View.VISIBLE);
|
//progressBar.setVisibility(View.VISIBLE);
|
||||||
String email, password;
|
String email, hashedEmail, password;
|
||||||
email = String.valueOf(editTextEmail.getText());
|
email = String.valueOf(editTextEmail.getText());
|
||||||
|
|
||||||
|
hashedEmail = hashEmail(email);
|
||||||
password = String.valueOf(editTextPassword.getText());
|
password = String.valueOf(editTextPassword.getText());
|
||||||
|
|
||||||
if (TextUtils.isEmpty(email)){
|
if (TextUtils.isEmpty(email)){
|
||||||
@ -78,31 +73,39 @@ public class Login extends AppCompatActivity {
|
|||||||
Toast.makeText(Login.this, "Enter password!", Toast.LENGTH_SHORT).show();
|
Toast.makeText(Login.this, "Enter password!", Toast.LENGTH_SHORT).show();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
if (!checkIfUserExists(email)){
|
if (!checkIfUserExists(hashedEmail)){
|
||||||
Toast.makeText(Login.this, "No such username in database!", Toast.LENGTH_SHORT).show();
|
Toast.makeText(Login.this, "No such username in database!", Toast.LENGTH_SHORT).show();
|
||||||
editTextPassword.setText("");
|
editTextPassword.setText("");
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
login(email, password);
|
login(hashedEmail, password);
|
||||||
//progressBar.setVisibility(View.GONE);
|
//progressBar.setVisibility(View.GONE);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
private boolean checkIfUserExists(String email){
|
private boolean checkIfUserExists(String hashedemail){
|
||||||
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
||||||
return sharedPreferences.contains("user_" + email);
|
return sharedPreferences.contains("user_" + hashedemail);
|
||||||
}
|
}
|
||||||
|
|
||||||
private void login(String email, String password){
|
private String hashEmail(String email){
|
||||||
|
byte[] emailSalt = new byte[16];
|
||||||
|
emailSalt = getFirst16BytesOfHash(email);
|
||||||
|
|
||||||
|
return hashCredential(email, emailSalt);
|
||||||
|
}
|
||||||
|
|
||||||
|
private void login(String hashedemail, String password){
|
||||||
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
||||||
String passwordHashFromData = sharedPreferences.getString("user_" + email, "err");
|
String passwordHashFromData = sharedPreferences.getString("user_" + hashedemail, "err");
|
||||||
|
|
||||||
byte[] salt = getSaltForUser(email);
|
|
||||||
|
|
||||||
String inputPasswordHash = hashPassword(password, salt);
|
byte[] salt = getSaltForUser(hashedemail);
|
||||||
|
|
||||||
|
String inputPasswordHash = hashCredential(password, salt);
|
||||||
|
|
||||||
assert inputPasswordHash != null;
|
assert inputPasswordHash != null;
|
||||||
|
|
||||||
@ -110,7 +113,7 @@ public class Login extends AppCompatActivity {
|
|||||||
Toast.makeText(getApplicationContext(), "Login Successful", Toast.LENGTH_SHORT).show();
|
Toast.makeText(getApplicationContext(), "Login Successful", Toast.LENGTH_SHORT).show();
|
||||||
|
|
||||||
Intent intent = new Intent(getApplicationContext(), MainActivity.class);
|
Intent intent = new Intent(getApplicationContext(), MainActivity.class);
|
||||||
intent.putExtra("CURRENT_USER_EMAIL", email);
|
intent.putExtra("CURRENT_USER_EMAIL_HASH", hashedemail);
|
||||||
startActivity(intent);
|
startActivity(intent);
|
||||||
finish();
|
finish();
|
||||||
|
|
||||||
@ -120,22 +123,22 @@ public class Login extends AppCompatActivity {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
private byte[] getSaltForUser(String email){
|
private byte[] getSaltForUser(String hashedemail){
|
||||||
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
||||||
String saltFromData = sharedPreferences.getString("salt_" + email, "err");
|
String saltFromData = sharedPreferences.getString("salt_" + hashedemail, "err");
|
||||||
return Base64.getDecoder().decode(saltFromData);
|
return Base64.getDecoder().decode(saltFromData);
|
||||||
}
|
}
|
||||||
|
|
||||||
private static String hashPassword(String password, byte[] salt){
|
private static String hashCredential(String credential, byte[] salt){
|
||||||
int iteratiions = 1000;
|
int iteratiions = 1000;
|
||||||
int keyLen = 256;
|
int keyLen = 256;
|
||||||
|
|
||||||
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, iteratiions, keyLen);
|
KeySpec keySpec = new PBEKeySpec(credential.toCharArray(), salt, iteratiions, keyLen);
|
||||||
try{
|
try{
|
||||||
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||||
SecretKey secretKey = secretKeyFactory.generateSecret(keySpec);
|
SecretKey secretKey = secretKeyFactory.generateSecret(keySpec);
|
||||||
byte[] hashedPassword = secretKey.getEncoded();
|
byte[] hashedCredential = secretKey.getEncoded();
|
||||||
return Base64.getEncoder().encodeToString(hashedPassword);
|
return Base64.getEncoder().encodeToString(hashedCredential);
|
||||||
|
|
||||||
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
|
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
|
||||||
e.printStackTrace();
|
e.printStackTrace();
|
||||||
@ -144,4 +147,25 @@ public class Login extends AppCompatActivity {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
private byte[] getFirst16BytesOfHash(String input){
|
||||||
|
try {
|
||||||
|
// Create MessageDigest instance for SHA-256
|
||||||
|
MessageDigest digest = MessageDigest.getInstance("SHA-256");
|
||||||
|
|
||||||
|
// Get the hash value by updating the digest with the input bytes
|
||||||
|
byte[] hashBytes = digest.digest(input.getBytes(StandardCharsets.UTF_8));
|
||||||
|
|
||||||
|
// Truncate the hash to the first 16 bytes
|
||||||
|
byte[] truncatedHash = new byte[16];
|
||||||
|
System.arraycopy(hashBytes, 0, truncatedHash, 0, 16);
|
||||||
|
|
||||||
|
return truncatedHash;
|
||||||
|
} catch (NoSuchAlgorithmException e) {
|
||||||
|
// Handle the exception (e.g., print an error message)
|
||||||
|
e.printStackTrace();
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
@ -1,7 +1,9 @@
|
|||||||
package com.example.bsm_notatnik;
|
package com.example.bsm_notatnik;
|
||||||
import android.content.DialogInterface;
|
import android.content.DialogInterface;
|
||||||
import android.content.Intent;
|
import android.content.Intent;
|
||||||
|
import android.content.SharedPreferences;
|
||||||
import android.os.Bundle;
|
import android.os.Bundle;
|
||||||
|
import android.text.TextUtils;
|
||||||
import android.view.LayoutInflater;
|
import android.view.LayoutInflater;
|
||||||
import android.view.Menu;
|
import android.view.Menu;
|
||||||
import android.view.MenuItem;
|
import android.view.MenuItem;
|
||||||
@ -14,12 +16,25 @@ import android.widget.Toast;
|
|||||||
import androidx.appcompat.app.AlertDialog;
|
import androidx.appcompat.app.AlertDialog;
|
||||||
import androidx.appcompat.app.AppCompatActivity;
|
import androidx.appcompat.app.AppCompatActivity;
|
||||||
|
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.SecureRandom;
|
||||||
|
import java.security.spec.InvalidKeySpecException;
|
||||||
|
import java.security.spec.KeySpec;
|
||||||
|
import java.util.Base64;
|
||||||
|
import java.util.regex.Matcher;
|
||||||
|
import java.util.regex.Pattern;
|
||||||
|
|
||||||
|
import javax.crypto.SecretKey;
|
||||||
|
import javax.crypto.SecretKeyFactory;
|
||||||
|
import javax.crypto.spec.PBEKeySpec;
|
||||||
|
|
||||||
|
|
||||||
public class MainActivity extends AppCompatActivity {
|
public class MainActivity extends AppCompatActivity {
|
||||||
|
|
||||||
Button buttonLogout, buttonChangePassword;
|
Button buttonLogout, buttonChangePassword;
|
||||||
|
|
||||||
|
private static final String SHARED_NAME_CREDENTIALS = "Credentials";
|
||||||
|
|
||||||
|
|
||||||
@Override
|
@Override
|
||||||
protected void onCreate(Bundle savedInstanceState) {
|
protected void onCreate(Bundle savedInstanceState) {
|
||||||
@ -27,7 +42,7 @@ public class MainActivity extends AppCompatActivity {
|
|||||||
setContentView(R.layout.activity_main);
|
setContentView(R.layout.activity_main);
|
||||||
|
|
||||||
Intent intent = getIntent();
|
Intent intent = getIntent();
|
||||||
String currentu_username = intent.getStringExtra("CURRENT_USER_EMAIL");
|
String current_username_hashed = intent.getStringExtra("CURRENT_USER_EMAIL_HASH");
|
||||||
|
|
||||||
buttonLogout = findViewById(R.id.btn_logout);
|
buttonLogout = findViewById(R.id.btn_logout);
|
||||||
buttonChangePassword = findViewById(R.id.btn_change_password);
|
buttonChangePassword = findViewById(R.id.btn_change_password);
|
||||||
@ -44,7 +59,7 @@ public class MainActivity extends AppCompatActivity {
|
|||||||
buttonChangePassword.setOnClickListener(new View.OnClickListener() {
|
buttonChangePassword.setOnClickListener(new View.OnClickListener() {
|
||||||
@Override
|
@Override
|
||||||
public void onClick(View view) {
|
public void onClick(View view) {
|
||||||
showPasswordChangeDialog();
|
showPasswordChangeDialog(current_username_hashed);
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
|
|
||||||
@ -58,7 +73,10 @@ public class MainActivity extends AppCompatActivity {
|
|||||||
finish();
|
finish();
|
||||||
}
|
}
|
||||||
|
|
||||||
private void showPasswordChangeDialog(){
|
|
||||||
|
|
||||||
|
|
||||||
|
private void showPasswordChangeDialog(String hashedEmail){
|
||||||
// Inflate the dialog layout
|
// Inflate the dialog layout
|
||||||
LayoutInflater inflater = getLayoutInflater();
|
LayoutInflater inflater = getLayoutInflater();
|
||||||
View dialogView = inflater.inflate(R.layout.password_change_dialog, null);
|
View dialogView = inflater.inflate(R.layout.password_change_dialog, null);
|
||||||
@ -73,18 +91,36 @@ public class MainActivity extends AppCompatActivity {
|
|||||||
@Override
|
@Override
|
||||||
public void onClick(DialogInterface dialogInterface, int i) {
|
public void onClick(DialogInterface dialogInterface, int i) {
|
||||||
// Handle password change logic here
|
// Handle password change logic here
|
||||||
|
EditText editTextOldPassword = dialogView.findViewById(R.id.editTextOldPassword);
|
||||||
EditText editTextNewPassword = dialogView.findViewById(R.id.editTextNewPassword);
|
EditText editTextNewPassword = dialogView.findViewById(R.id.editTextNewPassword);
|
||||||
EditText editTextConfirmPassword = dialogView.findViewById(R.id.editTextConfirmPassword);
|
EditText editTextConfirmPassword = dialogView.findViewById(R.id.editTextConfirmPassword);
|
||||||
|
|
||||||
|
String oldPassword = editTextOldPassword.getText().toString();
|
||||||
String newPassword = editTextNewPassword.getText().toString();
|
String newPassword = editTextNewPassword.getText().toString();
|
||||||
String confirmPassword = editTextConfirmPassword.getText().toString();
|
String confirmPassword = editTextConfirmPassword.getText().toString();
|
||||||
|
|
||||||
|
if (TextUtils.isEmpty(oldPassword) || TextUtils.isEmpty(newPassword) || TextUtils.isEmpty(confirmPassword)) {
|
||||||
|
Toast.makeText(MainActivity.this, "Fill out all 3 fields!", Toast.LENGTH_SHORT).show();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!validatePassword(newPassword)){
|
||||||
|
Toast.makeText(MainActivity.this, "Wrong format of new password!", Toast.LENGTH_SHORT).show();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if(!validateOldPassword(hashedEmail, oldPassword)){
|
||||||
|
Toast.makeText(MainActivity.this, "Old password not correct!", Toast.LENGTH_SHORT).show();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
// Perform password change validation and logic
|
// Perform password change validation and logic
|
||||||
if (newPassword.equals(confirmPassword)) {
|
if (newPassword.equals(confirmPassword)) {
|
||||||
// Passwords match, implement your password change logic here
|
updatePassword(hashedEmail, newPassword);
|
||||||
|
Toast.makeText(MainActivity.this, "Password Changed", Toast.LENGTH_SHORT).show();
|
||||||
} else {
|
} else {
|
||||||
// Passwords do not match, show an error message
|
Toast.makeText(MainActivity.this, "New passwords don't match!", Toast.LENGTH_SHORT).show();
|
||||||
// You can use a Toast or any other method to display the message
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
@ -102,5 +138,75 @@ public class MainActivity extends AppCompatActivity {
|
|||||||
alertDialog.show();
|
alertDialog.show();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
private boolean validatePassword(String password){
|
||||||
|
final String PASSWORD_PATTERN = "^.{6,}$";
|
||||||
|
Pattern pattern = Pattern.compile(PASSWORD_PATTERN);
|
||||||
|
Matcher matcher = pattern.matcher(password);
|
||||||
|
|
||||||
|
return matcher.matches();
|
||||||
|
}
|
||||||
|
|
||||||
|
private void updatePassword(String hashedEmail, String newPassword){
|
||||||
|
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
||||||
|
SharedPreferences.Editor editor = sharedPreferences.edit();
|
||||||
|
|
||||||
|
byte[] newSalt = generateSalt();
|
||||||
|
String newSaltString = Base64.getEncoder().encodeToString(newSalt);
|
||||||
|
editor.putString("salt_" + hashedEmail, newSaltString);
|
||||||
|
|
||||||
|
String hashedNewPassword = hashCredential(newPassword, newSalt);
|
||||||
|
editor.putString("user_" + hashedEmail, hashedNewPassword);
|
||||||
|
editor.apply();
|
||||||
|
}
|
||||||
|
|
||||||
|
private boolean validateOldPassword(String hashedEmail, String oldPassword){
|
||||||
|
byte[] salt = getSaltForUser(hashedEmail);
|
||||||
|
String hashedOldPassword = hashCredential(oldPassword, salt);
|
||||||
|
String hashedCorrectPassword = getPasswordFromShared(hashedEmail);
|
||||||
|
|
||||||
|
assert hashedOldPassword != null;
|
||||||
|
if (hashedOldPassword.equals(hashedCorrectPassword)){
|
||||||
|
return true;
|
||||||
|
} else {
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
private byte[] getSaltForUser(String hashedEmail){
|
||||||
|
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
||||||
|
String saltFromData = sharedPreferences.getString("salt_" + hashedEmail, "err");
|
||||||
|
return Base64.getDecoder().decode(saltFromData);
|
||||||
|
}
|
||||||
|
|
||||||
|
private String getPasswordFromShared(String hashedEmail){
|
||||||
|
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
||||||
|
return sharedPreferences.getString("user_" + hashedEmail, "err");
|
||||||
|
}
|
||||||
|
|
||||||
|
private static byte[] generateSalt(){
|
||||||
|
SecureRandom random = new SecureRandom();
|
||||||
|
byte[] salt = new byte[16];
|
||||||
|
random.nextBytes(salt);
|
||||||
|
return salt;
|
||||||
|
}
|
||||||
|
|
||||||
|
private static String hashCredential(String credential, byte[] salt){
|
||||||
|
int iteratiions = 1000;
|
||||||
|
int keyLen = 256;
|
||||||
|
|
||||||
|
KeySpec keySpec = new PBEKeySpec(credential.toCharArray(), salt, iteratiions, keyLen);
|
||||||
|
try{
|
||||||
|
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||||
|
SecretKey secretKey = secretKeyFactory.generateSecret(keySpec);
|
||||||
|
byte[] hashedCredential = secretKey.getEncoded();
|
||||||
|
return Base64.getEncoder().encodeToString(hashedCredential);
|
||||||
|
|
||||||
|
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
|
||||||
|
e.printStackTrace();
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -2,12 +2,10 @@ package com.example.bsm_notatnik;
|
|||||||
|
|
||||||
import androidx.appcompat.app.AppCompatActivity;
|
import androidx.appcompat.app.AppCompatActivity;
|
||||||
|
|
||||||
import android.content.Context;
|
|
||||||
import android.content.Intent;
|
import android.content.Intent;
|
||||||
import android.content.SharedPreferences;
|
import android.content.SharedPreferences;
|
||||||
import android.os.Bundle;
|
import android.os.Bundle;
|
||||||
import android.text.TextUtils;
|
import android.text.TextUtils;
|
||||||
import android.util.Log;
|
|
||||||
import android.view.View;
|
import android.view.View;
|
||||||
import android.widget.Button;
|
import android.widget.Button;
|
||||||
import android.widget.EditText;
|
import android.widget.EditText;
|
||||||
@ -17,13 +15,15 @@ import android.widget.Toast;
|
|||||||
import javax.crypto.SecretKey;
|
import javax.crypto.SecretKey;
|
||||||
import javax.crypto.SecretKeyFactory;
|
import javax.crypto.SecretKeyFactory;
|
||||||
import javax.crypto.spec.PBEKeySpec;
|
import javax.crypto.spec.PBEKeySpec;
|
||||||
|
|
||||||
|
import java.nio.charset.StandardCharsets;
|
||||||
|
import java.security.MessageDigest;
|
||||||
import java.security.NoSuchAlgorithmException;
|
import java.security.NoSuchAlgorithmException;
|
||||||
import java.security.SecureRandom;
|
import java.security.SecureRandom;
|
||||||
import java.security.spec.InvalidKeySpecException;
|
import java.security.spec.InvalidKeySpecException;
|
||||||
import java.security.spec.KeySpec;
|
import java.security.spec.KeySpec;
|
||||||
import java.util.Base64;
|
import java.util.Base64;
|
||||||
|
|
||||||
import java.security.SecureRandom;
|
|
||||||
import java.util.regex.Matcher;
|
import java.util.regex.Matcher;
|
||||||
import java.util.regex.Pattern;
|
import java.util.regex.Pattern;
|
||||||
|
|
||||||
@ -67,7 +67,8 @@ public class Register extends AppCompatActivity {
|
|||||||
@Override
|
@Override
|
||||||
public void onClick(View view) {
|
public void onClick(View view) {
|
||||||
//progressBar.setVisibility(View.VISIBLE);
|
//progressBar.setVisibility(View.VISIBLE);
|
||||||
String email, password;
|
String email, hashedEmail, password, hashedPassword;
|
||||||
|
|
||||||
email = String.valueOf(editTextEmail.getText());
|
email = String.valueOf(editTextEmail.getText());
|
||||||
password = String.valueOf(editTextPassword.getText());
|
password = String.valueOf(editTextPassword.getText());
|
||||||
|
|
||||||
@ -81,8 +82,11 @@ public class Register extends AppCompatActivity {
|
|||||||
Toast.makeText(Register.this, "Enter password!", Toast.LENGTH_SHORT).show();
|
Toast.makeText(Register.this, "Enter password!", Toast.LENGTH_SHORT).show();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
hashedEmail = hashEmail(email);
|
||||||
|
|
||||||
//checks if given username is already registered in database
|
//checks if given username is already registered in database
|
||||||
if (checkIfUserExists(email)){
|
if (checkIfUserExists(hashedEmail)){
|
||||||
editTextEmail.setText("");
|
editTextEmail.setText("");
|
||||||
editTextPassword.setText("");
|
editTextPassword.setText("");
|
||||||
Toast.makeText(Register.this, "Account with this username already exists!", Toast.LENGTH_SHORT).show();
|
Toast.makeText(Register.this, "Account with this username already exists!", Toast.LENGTH_SHORT).show();
|
||||||
@ -101,11 +105,13 @@ public class Register extends AppCompatActivity {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
byte[] salt = generateSalt();
|
|
||||||
saveSaltForUser(email, salt);
|
|
||||||
|
|
||||||
String hashPassword = hashPassword(password, salt);
|
byte[] salt = generateSalt();
|
||||||
saveNewUser(email, hashPassword);
|
saveSaltForUser(hashedEmail, salt);
|
||||||
|
|
||||||
|
hashedPassword = hashCredential(password, salt);
|
||||||
|
|
||||||
|
saveNewUser(hashedEmail, hashedPassword);
|
||||||
|
|
||||||
Toast.makeText(Register.this, "Konto utworzone z email: " + email + " oraz hasłem: " + password, Toast.LENGTH_SHORT).show();
|
Toast.makeText(Register.this, "Konto utworzone z email: " + email + " oraz hasłem: " + password, Toast.LENGTH_SHORT).show();
|
||||||
editTextEmail.setText("");
|
editTextEmail.setText("");
|
||||||
@ -115,16 +121,10 @@ public class Register extends AppCompatActivity {
|
|||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
private void saveNewUser(String email, String password){
|
|
||||||
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
|
||||||
SharedPreferences.Editor editor = sharedPreferences.edit();
|
|
||||||
editor.putString("user_" + email, password);
|
|
||||||
editor.apply();
|
|
||||||
}
|
|
||||||
|
|
||||||
private boolean checkIfUserExists(String email){
|
private boolean checkIfUserExists(String hashedemail){
|
||||||
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
||||||
return sharedPreferences.contains("user_" + email);
|
return sharedPreferences.contains("user_" + hashedemail);
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean validateEmail(String email){
|
private boolean validateEmail(String email){
|
||||||
@ -143,13 +143,11 @@ public class Register extends AppCompatActivity {
|
|||||||
return matcher.matches();
|
return matcher.matches();
|
||||||
}
|
}
|
||||||
|
|
||||||
private void saveSaltForUser(String email, byte[] salt){
|
private String hashEmail(String email){
|
||||||
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
byte[] emailSalt;
|
||||||
SharedPreferences.Editor editor = sharedPreferences.edit();
|
emailSalt = getFirst16BytesOfHash(email);
|
||||||
|
|
||||||
String saltString = Base64.getEncoder().encodeToString(salt);
|
return hashCredential(email, emailSalt);
|
||||||
editor.putString("salt_" + email, saltString);
|
|
||||||
editor.apply();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
private static byte[] generateSalt(){
|
private static byte[] generateSalt(){
|
||||||
@ -159,16 +157,34 @@ public class Register extends AppCompatActivity {
|
|||||||
return salt;
|
return salt;
|
||||||
}
|
}
|
||||||
|
|
||||||
private static String hashPassword(String password, byte[] salt){
|
private void saveSaltForUser(String hashedemail, byte[] salt){
|
||||||
|
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
||||||
|
SharedPreferences.Editor editor = sharedPreferences.edit();
|
||||||
|
|
||||||
|
String saltString = Base64.getEncoder().encodeToString(salt);
|
||||||
|
editor.putString("salt_" + hashedemail, saltString);
|
||||||
|
editor.apply();
|
||||||
|
}
|
||||||
|
|
||||||
|
private void saveNewUser(String hashedemail, String password){
|
||||||
|
SharedPreferences sharedPreferences = getSharedPreferences(SHARED_NAME_CREDENTIALS, MODE_PRIVATE);
|
||||||
|
SharedPreferences.Editor editor = sharedPreferences.edit();
|
||||||
|
editor.putString("user_" + hashedemail, password);
|
||||||
|
editor.apply();
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
private static String hashCredential(String credential, byte[] salt){
|
||||||
int iteratiions = 1000;
|
int iteratiions = 1000;
|
||||||
int keyLen = 256;
|
int keyLen = 256;
|
||||||
|
|
||||||
KeySpec keySpec = new PBEKeySpec(password.toCharArray(), salt, iteratiions, keyLen);
|
KeySpec keySpec = new PBEKeySpec(credential.toCharArray(), salt, iteratiions, keyLen);
|
||||||
try{
|
try{
|
||||||
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");
|
||||||
SecretKey secretKey = secretKeyFactory.generateSecret(keySpec);
|
SecretKey secretKey = secretKeyFactory.generateSecret(keySpec);
|
||||||
byte[] hashedPassword = secretKey.getEncoded();
|
byte[] hashedCredential = secretKey.getEncoded();
|
||||||
return Base64.getEncoder().encodeToString(hashedPassword);
|
return Base64.getEncoder().encodeToString(hashedCredential);
|
||||||
|
|
||||||
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
|
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
|
||||||
e.printStackTrace();
|
e.printStackTrace();
|
||||||
@ -176,5 +192,25 @@ public class Register extends AppCompatActivity {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
private byte[] getFirst16BytesOfHash(String input){
|
||||||
|
try {
|
||||||
|
// Create MessageDigest instance for SHA-256
|
||||||
|
MessageDigest digest = MessageDigest.getInstance("SHA-256");
|
||||||
|
|
||||||
|
// Get the hash value by updating the digest with the input bytes
|
||||||
|
byte[] hashBytes = digest.digest(input.getBytes(StandardCharsets.UTF_8));
|
||||||
|
|
||||||
|
// Truncate the hash to the first 16 bytes
|
||||||
|
byte[] truncatedHash = new byte[16];
|
||||||
|
System.arraycopy(hashBytes, 0, truncatedHash, 0, 16);
|
||||||
|
|
||||||
|
return truncatedHash;
|
||||||
|
} catch (NoSuchAlgorithmException e) {
|
||||||
|
// Handle the exception (e.g., print an error message)
|
||||||
|
e.printStackTrace();
|
||||||
|
return null;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
@ -5,6 +5,13 @@
|
|||||||
android:orientation="vertical"
|
android:orientation="vertical"
|
||||||
android:padding="16dp">
|
android:padding="16dp">
|
||||||
|
|
||||||
|
<EditText
|
||||||
|
android:id="@+id/editTextOldPassword"
|
||||||
|
android:layout_width="match_parent"
|
||||||
|
android:layout_height="wrap_content"
|
||||||
|
android:hint="Enter Old Password"
|
||||||
|
android:inputType="textPassword"/>
|
||||||
|
|
||||||
<EditText
|
<EditText
|
||||||
android:id="@+id/editTextNewPassword"
|
android:id="@+id/editTextNewPassword"
|
||||||
android:layout_width="match_parent"
|
android:layout_width="match_parent"
|
||||||
@ -19,10 +26,5 @@
|
|||||||
android:hint="Confirm New Password"
|
android:hint="Confirm New Password"
|
||||||
android:inputType="textPassword"/>
|
android:inputType="textPassword"/>
|
||||||
|
|
||||||
<Button
|
|
||||||
android:id="@+id/btnChangePassword"
|
|
||||||
android:layout_width="match_parent"
|
|
||||||
android:layout_height="wrap_content"
|
|
||||||
android:text="Change Password"/>
|
|
||||||
|
|
||||||
</LinearLayout>
|
</LinearLayout>
|
||||||
|
Loading…
Reference in New Issue
Block a user