aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--juick-common/src/main/java/com/juick/server/util/HashUtils.java36
-rw-r--r--juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java4
-rw-r--r--juick-server-jdbc/src/main/java/com/juick/service/UserServiceImpl.java4
-rw-r--r--juick-www/src/main/java/com/juick/www/controllers/Settings.java3
4 files changed, 6 insertions, 41 deletions
diff --git a/juick-common/src/main/java/com/juick/server/util/HashUtils.java b/juick-common/src/main/java/com/juick/server/util/HashUtils.java
deleted file mode 100644
index b4500457..00000000
--- a/juick-common/src/main/java/com/juick/server/util/HashUtils.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/*
- * Copyright (C) 2008-2017, Juick
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- */
-
-package com.juick.server.util;
-
-import java.util.Random;
-
-/**
- * Created by vitalyster on 29.06.2017.
- */
-public class HashUtils {
- private static final String ABCDEF = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ";
-
- public static String generateHash(final int len) {
- Random rnd = new Random();
- StringBuilder sb = new StringBuilder(len);
- for (int i = 0; i < len; i++) {
- sb.append(ABCDEF.charAt(rnd.nextInt(ABCDEF.length())));
- }
- return sb.toString();
- }
-}
diff --git a/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java b/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java
index a8b956c1..b658e16f 100644
--- a/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java
+++ b/juick-common/src/main/java/com/juick/service/security/deprecated/CookieSimpleHashRememberMeServices.java
@@ -18,10 +18,10 @@
package com.juick.service.security.deprecated;
import com.juick.User;
-import com.juick.server.util.HashUtils;
import com.juick.service.security.entities.JuickUser;
import com.juick.service.UserService;
import com.juick.service.security.NullUserDetailsService;
+import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -84,7 +84,7 @@ public class CookieSimpleHashRememberMeServices extends AbstractRememberMeServic
Assert.isTrue(uid > 0);
- String hash = HashUtils.generateHash(16);
+ String hash = RandomStringUtils.randomAlphanumeric(16).toUpperCase();
userService.setLoginForUser(uid, hash);
diff --git a/juick-server-jdbc/src/main/java/com/juick/service/UserServiceImpl.java b/juick-server-jdbc/src/main/java/com/juick/service/UserServiceImpl.java
index 3f7cebf6..a0a07fb3 100644
--- a/juick-server-jdbc/src/main/java/com/juick/service/UserServiceImpl.java
+++ b/juick-server-jdbc/src/main/java/com/juick/service/UserServiceImpl.java
@@ -21,8 +21,8 @@ import com.juick.User;
import com.juick.server.helpers.AnonymousUser;
import com.juick.server.helpers.Auth;
import com.juick.server.helpers.UserInfo;
-import com.juick.server.util.HashUtils;
import org.apache.commons.collections4.CollectionUtils;
+import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
import org.springframework.dao.DuplicateKeyException;
import org.springframework.jdbc.core.RowMapper;
@@ -299,7 +299,7 @@ public class UserServiceImpl extends BaseJdbcService implements UserService {
"SELECT hash FROM logins WHERE user_id = ?", String.class, uid);
if (list.isEmpty()) {
- String hash = HashUtils.generateHash(16);
+ String hash = RandomStringUtils.randomAlphanumeric(16).toUpperCase();
getJdbcTemplate().update("INSERT INTO logins(user_id, hash) VALUES (?, ?)", uid, hash);
return hash;
}
diff --git a/juick-www/src/main/java/com/juick/www/controllers/Settings.java b/juick-www/src/main/java/com/juick/www/controllers/Settings.java
index 7f6cce44..f9527423 100644
--- a/juick-www/src/main/java/com/juick/www/controllers/Settings.java
+++ b/juick-www/src/main/java/com/juick/www/controllers/Settings.java
@@ -21,6 +21,7 @@ import com.juick.server.helpers.NotifyOpts;
import com.juick.server.helpers.UserInfo;
import com.juick.server.util.*;
import com.juick.service.*;
+import org.apache.commons.lang3.RandomStringUtils;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@@ -186,7 +187,7 @@ public class Settings {
break;
case "email-add":
if (!emailService.verifyAddressByCode(visitor.getUid(), request.getParameter("account"))) {
- String authCode = HashUtils.generateHash(8);
+ String authCode = RandomStringUtils.randomAlphanumeric(8).toUpperCase();
if (emailService.addVerificationCode(visitor.getUid(), request.getParameter("account"), authCode)) {
Session session = Session.getDefaultInstance(System.getProperties());
try {