From 302ac8e5649fc9bb48cb160ac1528d87bfd08a22 Mon Sep 17 00:00:00 2001 From: Ognjen Cirkovic Date: Wed, 21 Dec 2022 02:12:07 +0100 Subject: Napravljena klasa za cryptovanje sifri. Omogucena konekcija sa bazom. Omoguceno dodavanje korisnika, login korisnika, dodavanja monster-a, dodavanja abilitija, povratak monster-a. --- src/main/java/database/BcryptHelper.java | 23 +++++ src/main/java/database/Database.java | 163 +++++++++++++++++++++++++++++++ 2 files changed, 186 insertions(+) create mode 100644 src/main/java/database/BcryptHelper.java create mode 100644 src/main/java/database/Database.java (limited to 'src/main/java/database') diff --git a/src/main/java/database/BcryptHelper.java b/src/main/java/database/BcryptHelper.java new file mode 100644 index 0000000..407ea58 --- /dev/null +++ b/src/main/java/database/BcryptHelper.java @@ -0,0 +1,23 @@ +package database; + +import at.favre.lib.crypto.bcrypt.BCrypt; + +public class BcryptHelper { + private static int difficulty=10; + + public static String hashPasword(String password){ + String passwordH=BCrypt.withDefaults().hashToString(10, password.toCharArray()); + return passwordH; + } + + public static boolean checkPassword(String password_plaintext, String stored_hash) { + boolean password_verified = false; + + if(null == stored_hash || !stored_hash.startsWith("$2a$")) + throw new java.lang.IllegalArgumentException("Invalid hash"); + + password_verified = BCrypt.verifyer().verify(password_plaintext.toCharArray(), stored_hash).verified; + + return password_verified; + } +} diff --git a/src/main/java/database/Database.java b/src/main/java/database/Database.java new file mode 100644 index 0000000..6488a5a --- /dev/null +++ b/src/main/java/database/Database.java @@ -0,0 +1,163 @@ +package database; +import java.sql.Connection; +import java.sql.DriverManager; +import java.sql.PreparedStatement; +import java.sql.ResultSet; +import java.sql.SQLException; +import java.sql.Statement; +import java.util.ArrayList; +import java.util.LinkedList; +import java.util.List; + +import models.Ability; +import models.Monster; +import models.MonsterViewModel; +import models.User; + +public class Database { + private Connection conn; + static Database instance=null; + + private Database() { + String connString="jdbc:mysql://localhost:3306/pokemon?user=root&password="; + try { + Class.forName("com.mysql.cj.jdbc.Driver"); + conn=DriverManager.getConnection(connString); + } catch (Exception e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + } + + public static Database getInstance() { + if(instance==null) + instance=new Database(); + return instance; + } + public boolean addUser(User user) { + boolean res=false; + String sql="SELECT * FROM user where username=? "; + PreparedStatement ps; + try { + ps=conn.prepareStatement(sql); + ps.setString(1, user.getUsername()); + ResultSet result=ps.executeQuery(); + if(result.next()) { + return res; + } + + + sql="INSERT INTO user(username,password,admin) values(?,?,?)"; + ps=conn.prepareStatement(sql); + ps.setString(1, user.getUsername()); + String hashedPassword=BcryptHelper.hashPasword(user.getPassword()); + ps.setString(2, hashedPassword); + ps.setBoolean(3, user.isAdmin()); + if(ps.executeUpdate()==1) { + res=true; + } + + } catch (SQLException e) { + e.printStackTrace(); + } + + + return res; + } + public User login(User user) { + User tempUser=null; + String sql="SELECT * FROM user where username=?"; + try { + PreparedStatement pre=conn.prepareStatement(sql); + pre.setString(1, user.getUsername()); + ResultSet res=pre.executeQuery(); + if(res.next()) { + String hashedPw=res.getString("password"); + if(BcryptHelper.checkPassword(user.password, hashedPw)) + { + tempUser=new User(); + tempUser.setId(res.getInt("id")); + tempUser.setAdmin(res.getBoolean("admin")); + tempUser.setUsername(user.getUsername()); + } + } + } catch (SQLException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + + + return tempUser; + + } + public long addMonster(Monster monster) { + long tempId=0; + String sql=null; + PreparedStatement ps; + try { + sql="INSERT INTO monster(name,description,hp,base64Image) values(?,?,?,?)"; + ps=conn.prepareStatement(sql,Statement.RETURN_GENERATED_KEYS); + ps.setString(1, monster.getName()); + ps.setString(2, monster.getDescription()); + ps.setInt(3, monster.getHp()); + ps.setString(4, monster.getBase64Image()); + if(ps.executeUpdate()==1) { + try (ResultSet generatedKeys = ps.getGeneratedKeys()) { + if (generatedKeys.next()) { + tempId=generatedKeys.getLong(1); + } + else { + throw new SQLException("Creating user failed, no ID obtained."); + } + } + } + } catch (SQLException e) { + e.printStackTrace(); + } + return tempId; + } + public boolean addAbility(Ability ability) { + boolean result=false; + String sql=null; + PreparedStatement ps; + try { + sql="INSERT INTO ability(monsterId,name,description,type,power) values(?,?,?,?,?)"; + ps=conn.prepareStatement(sql,Statement.RETURN_GENERATED_KEYS); + ps.setLong(1, ability.getMonsterId()); + ps.setString(2, ability.getName()); + ps.setString(3, ability.getDescription()); + ps.setInt(4, ability.getType().ordinal()); + ps.setInt(5, ability.getPower()); + if(ps.executeUpdate()==1) { + result=true; + } + } catch (SQLException e) { + e.printStackTrace(); + } + return result; + } + public ArrayList getMonsters(){ + ArrayList monsters=new ArrayList(); + + String sql="SELECT * FROM monster"; + try { + Statement statement = conn.createStatement(); + ResultSet res=statement.executeQuery(sql); + while(res.next()) { + Monster m=new Monster(); + m.setId(res.getLong("id")); + m.setName(res.getString("name")); + m.setDescription(res.getString("description")); + m.setHp(res.getInt("hp")); + m.setBase64Image(res.getString("base64Image")); + monsters.add(m); + } + + } catch (SQLException e) { + // TODO Auto-generated catch block + e.printStackTrace(); + } + return monsters; + } + +} -- cgit v1.2.3