From 4e47e6f7c1306f8f4c3855a5643b8557e6992a2d Mon Sep 17 00:00:00 2001
From: Hykilpikonna <me@hydev.org>
Date: Sat, 9 Jan 2021 21:29:11 -0500
Subject: [PATCH] [B][+] Add salt field to user data model

---
 .../org/hydev/ios/alarmclock/Extensions.kt    |  1 +
 .../org/hydev/ios/alarmclock/data/User.kt     | 23 +++++++++++++++----
 2 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/Backend/src/main/kotlin/org/hydev/ios/alarmclock/Extensions.kt b/Backend/src/main/kotlin/org/hydev/ios/alarmclock/Extensions.kt
index f2cad8d..91fa00e 100644
--- a/Backend/src/main/kotlin/org/hydev/ios/alarmclock/Extensions.kt
+++ b/Backend/src/main/kotlin/org/hydev/ios/alarmclock/Extensions.kt
@@ -54,6 +54,7 @@ fun main(args: Array<String>)
 {
     val (hash, salt) = "password".passwordHash()
     println(hash)
+    println(salt)
     val (hash2, salt2) = "password".passwordHash(salt)
     assert(hash == hash2 && salt == salt2)
     println("Hash matches")
diff --git a/Backend/src/main/kotlin/org/hydev/ios/alarmclock/data/User.kt b/Backend/src/main/kotlin/org/hydev/ios/alarmclock/data/User.kt
index 627b05f..31ad380 100644
--- a/Backend/src/main/kotlin/org/hydev/ios/alarmclock/data/User.kt
+++ b/Backend/src/main/kotlin/org/hydev/ios/alarmclock/data/User.kt
@@ -1,16 +1,17 @@
 package org.hydev.ios.alarmclock.data
 
 import org.hydev.ios.alarmclock.bad
+import org.hydev.ios.alarmclock.passwordHash
 import org.springframework.data.domain.Example
 import org.springframework.data.domain.ExampleMatcher
 import org.springframework.data.domain.ExampleMatcher.GenericPropertyMatchers.ignoreCase
 import org.springframework.data.jpa.repository.JpaRepository
-import org.springframework.http.ResponseEntity
 import org.springframework.web.bind.annotation.GetMapping
 import org.springframework.web.bind.annotation.RequestMapping
 import org.springframework.web.bind.annotation.RequestParam
 import org.springframework.web.bind.annotation.RestController
 import javax.persistence.*
+import javax.validation.constraints.Email
 import javax.validation.constraints.NotNull
 
 /**
@@ -29,9 +30,20 @@ data class User(
     @NotNull @Column(length = 32)
     var name: String,
 
-    @NotNull @Column(length = 128)
+    @NotNull @Column(length = 100)
     var passHash: String,
+
+    @NotNull @Column(length = 32)
+    var passSalt: String
 )
+{
+    constructor(name: String, pass: String) : this(name=name, passHash="", passSalt="")
+    {
+        val (h, s) = pass.passwordHash()
+        passHash = h
+        passSalt = s
+    }
+}
 
 interface UserRepo: JpaRepository<User, Long>
 
@@ -39,15 +51,16 @@ interface UserRepo: JpaRepository<User, Long>
 @RequestMapping("/api/user")
 class UserApi(val repo: UserRepo)
 {
+    val em = ExampleMatcher.matching().withIgnorePaths("id", "passHash", "passSalt").withMatcher("name", ignoreCase())
+
     @GetMapping("/register")
-    fun register(@RequestParam("name") name: String, @RequestParam("pass") pass: String): Any
+    fun register(@RequestParam name: String, @RequestParam pass: String): Any
     {
         // Check username length
         if (name.length !in 3..32) return bad("Username length not in range 3 to 32")
 
         // Check if username exists
-        val em = ExampleMatcher.matching().withIgnorePaths("id", "passHash").withMatcher("name", ignoreCase())
-        val user = User(0, name, pass)
+        val user = User(name, pass)
         if (repo.exists(Example.of(user, em))) return bad("Username has already been used")
 
         // Check password strength