-
-
Save rightfold/572e52bb621f28e20401 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package hexapoda.core.interaction | |
| import hexapoda.core.entity.User | |
| import hexapoda.core.gateway.UserFetcher | |
| import javax.crypto.SecretKeyFactory | |
| import javax.crypto.spec.PBEKeySpec | |
| class UserAuthenticator(userFetcher: UserFetcher) { | |
| def apply(emailAddress: String, password: String) = | |
| userFetcher.findUserByEmailAddress(emailAddress) | |
| .filter(UserAuthenticator.checkPassword(password, _)) | |
| .map(_.id.value) | |
| } | |
| object UserAuthenticator { | |
| val secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1") | |
| private def checkPassword(password: String, user: User) = | |
| checkPassword(password, | |
| user.passwordHash, | |
| user.passwordSalt, | |
| user.passwordIterationCount) | |
| private def checkPassword(password: String, | |
| passwordHash: Array[Byte], | |
| passwordSalt: Array[Byte], | |
| passwordIterationCount: Int) = { | |
| val keySpec = new PBEKeySpec(password.toCharArray, | |
| passwordSalt, | |
| passwordIterationCount, | |
| passwordHash.length * 8) | |
| val hash = secretKeyFactory.generateSecret(keySpec).getEncoded | |
| hash.toSeq == passwordHash.toSeq | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment