Search in sources :

Example 31 with HashedPassword

use of fr.xephi.authme.security.crypts.HashedPassword in project AuthMeReloaded by AuthMe.

the class ChangePasswordAdminCommand method changePassword.

/**
     * Changes the password of the given player to the given password.
     *
     * @param nameLowercase the name of the player
     * @param password the password to set
     * @param sender the sender initiating the password change
     */
private void changePassword(String nameLowercase, String password, CommandSender sender) {
    if (!isNameRegistered(nameLowercase)) {
        commonService.send(sender, MessageKey.UNKNOWN_USER);
        return;
    }
    HashedPassword hashedPassword = passwordSecurity.computeHash(password, nameLowercase);
    if (dataSource.updatePassword(nameLowercase, hashedPassword)) {
        commonService.send(sender, MessageKey.PASSWORD_CHANGED_SUCCESS);
        ConsoleLogger.info(sender.getName() + " changed password of " + nameLowercase);
    } else {
        commonService.send(sender, MessageKey.ERROR);
    }
}
Also used : HashedPassword(fr.xephi.authme.security.crypts.HashedPassword)

Example 32 with HashedPassword

use of fr.xephi.authme.security.crypts.HashedPassword in project AuthMeReloaded by AuthMe.

the class SQLite method saveAuth.

@Override
public boolean saveAuth(PlayerAuth auth) {
    try {
        HashedPassword password = auth.getPassword();
        if (col.SALT.isEmpty()) {
            if (!StringUtils.isEmpty(auth.getPassword().getSalt())) {
                ConsoleLogger.warning("Warning! Detected hashed password with separate salt but the salt column " + "is not set in the config!");
            }
            try (PreparedStatement pst = con.prepareStatement("INSERT INTO " + tableName + "(" + col.NAME + "," + col.PASSWORD + "," + col.IP + "," + col.LAST_LOGIN + "," + col.REAL_NAME + "," + col.EMAIL + ") VALUES (?,?,?,?,?,?);")) {
                pst.setString(1, auth.getNickname());
                pst.setString(2, password.getHash());
                pst.setString(3, auth.getIp());
                pst.setLong(4, auth.getLastLogin());
                pst.setString(5, auth.getRealName());
                pst.setString(6, auth.getEmail());
                pst.executeUpdate();
            }
        } else {
            try (PreparedStatement pst = con.prepareStatement("INSERT INTO " + tableName + "(" + col.NAME + "," + col.PASSWORD + "," + col.IP + "," + col.LAST_LOGIN + "," + col.REAL_NAME + "," + col.EMAIL + "," + col.SALT + ") VALUES (?,?,?,?,?,?,?);")) {
                pst.setString(1, auth.getNickname());
                pst.setString(2, password.getHash());
                pst.setString(3, auth.getIp());
                pst.setLong(4, auth.getLastLogin());
                pst.setString(5, auth.getRealName());
                pst.setString(6, auth.getEmail());
                pst.setString(7, password.getSalt());
                pst.executeUpdate();
            }
        }
    } catch (SQLException ex) {
        logSqlException(ex);
    }
    return true;
}
Also used : SQLException(java.sql.SQLException) PreparedStatement(java.sql.PreparedStatement) HashedPassword(fr.xephi.authme.security.crypts.HashedPassword)

Example 33 with HashedPassword

use of fr.xephi.authme.security.crypts.HashedPassword in project AuthMeReloaded by AuthMe.

the class ChangePasswordAdminCommandTest method shouldUpdatePasswordOfLoggedInUser.

@Test
public void shouldUpdatePasswordOfLoggedInUser() {
    // given
    CommandSender sender = mock(CommandSender.class);
    String player = "my_user12";
    String password = "passPass";
    given(playerCache.isAuthenticated(player)).willReturn(true);
    HashedPassword hashedPassword = mock(HashedPassword.class);
    given(passwordSecurity.computeHash(password, player)).willReturn(hashedPassword);
    given(dataSource.updatePassword(player, hashedPassword)).willReturn(true);
    given(validationService.validatePassword(password, player)).willReturn(new ValidationResult());
    // when
    command.executeCommand(sender, Arrays.asList(player, password));
    runOptionallyAsyncTask(bukkitService);
    // then
    verify(validationService).validatePassword(password, player);
    verify(service).send(sender, MessageKey.PASSWORD_CHANGED_SUCCESS);
    verify(passwordSecurity).computeHash(password, player);
    verify(dataSource).updatePassword(player, hashedPassword);
}
Also used : CommandSender(org.bukkit.command.CommandSender) ValidationResult(fr.xephi.authme.service.ValidationService.ValidationResult) HashedPassword(fr.xephi.authme.security.crypts.HashedPassword) Test(org.junit.Test)

Example 34 with HashedPassword

use of fr.xephi.authme.security.crypts.HashedPassword in project AuthMeReloaded by AuthMe.

the class ChangePasswordAdminCommandTest method shouldUpdatePasswordOfOfflineUser.

@Test
public void shouldUpdatePasswordOfOfflineUser() {
    // given
    CommandSender sender = mock(CommandSender.class);
    String player = "my_user12";
    String password = "passPass";
    given(playerCache.isAuthenticated(player)).willReturn(false);
    given(dataSource.isAuthAvailable(player)).willReturn(true);
    given(validationService.validatePassword(password, player)).willReturn(new ValidationResult());
    HashedPassword hashedPassword = mock(HashedPassword.class);
    given(passwordSecurity.computeHash(password, player)).willReturn(hashedPassword);
    given(dataSource.updatePassword(player, hashedPassword)).willReturn(true);
    // when
    command.executeCommand(sender, Arrays.asList(player, password));
    runOptionallyAsyncTask(bukkitService);
    // then
    verify(validationService).validatePassword(password, player);
    verify(service).send(sender, MessageKey.PASSWORD_CHANGED_SUCCESS);
    verify(passwordSecurity).computeHash(password, player);
    verify(dataSource).updatePassword(player, hashedPassword);
}
Also used : CommandSender(org.bukkit.command.CommandSender) ValidationResult(fr.xephi.authme.service.ValidationService.ValidationResult) HashedPassword(fr.xephi.authme.security.crypts.HashedPassword) Test(org.junit.Test)

Example 35 with HashedPassword

use of fr.xephi.authme.security.crypts.HashedPassword in project AuthMeReloaded by AuthMe.

the class SetPasswordCommandTest method shouldChangePassword.

@Test
public void shouldChangePassword() {
    // given
    Player player = mock(Player.class);
    String name = "Jerry";
    given(player.getName()).willReturn(name);
    given(recoveryService.canChangePassword(player)).willReturn(true);
    HashedPassword hashedPassword = passwordSecurity.computeHash("abc123", name);
    given(passwordSecurity.computeHash("abc123", name)).willReturn(hashedPassword);
    given(validationService.validatePassword("abc123", name)).willReturn(new ValidationService.ValidationResult());
    // when
    command.runCommand(player, Collections.singletonList("abc123"));
    // then
    verify(validationService).validatePassword("abc123", name);
    verify(dataSource).updatePassword(name, hashedPassword);
    verify(commonService).send(player, MessageKey.PASSWORD_CHANGED_SUCCESS);
}
Also used : Player(org.bukkit.entity.Player) ValidationService(fr.xephi.authme.service.ValidationService) HashedPassword(fr.xephi.authme.security.crypts.HashedPassword) Test(org.junit.Test)

Aggregations

HashedPassword (fr.xephi.authme.security.crypts.HashedPassword)55 Test (org.junit.Test)35 PlayerAuth (fr.xephi.authme.data.auth.PlayerAuth)22 Player (org.bukkit.entity.Player)14 ValidationResult (fr.xephi.authme.service.ValidationService.ValidationResult)9 CommandSender (org.bukkit.command.CommandSender)9 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)6 PasswordEncryptionEvent (fr.xephi.authme.events.PasswordEncryptionEvent)5 PreparedStatement (java.sql.PreparedStatement)4 ResultSet (java.sql.ResultSet)3 SQLException (java.sql.SQLException)3 ValidationService (fr.xephi.authme.service.ValidationService)2 Connection (java.sql.Connection)2 PotionEffect (org.bukkit.potion.PotionEffect)2 AuthMeMatchers.hasAuthLocation (fr.xephi.authme.AuthMeMatchers.hasAuthLocation)1 EncryptionMethod (fr.xephi.authme.security.crypts.EncryptionMethod)1 Joomla (fr.xephi.authme.security.crypts.Joomla)1 BufferedReader (java.io.BufferedReader)1 File (java.io.File)1 FileReader (java.io.FileReader)1