added init db security setup
This commit is contained in:
verboomp
@@ -73,4 +73,26 @@ create table picture (
|
|||||||
jpa_updated timestamp NOT NULL,
|
jpa_updated timestamp NOT NULL,
|
||||||
jpa_version integer NOT NULL,
|
jpa_version integer NOT NULL,
|
||||||
customer_id_fk bigint REFERENCES customer
|
customer_id_fk bigint REFERENCES customer
|
||||||
);
|
);
|
||||||
|
|
||||||
|
|
||||||
|
// initial users
|
||||||
|
|
||||||
|
insert into x_right (right_id, code, name,jpa_active,jpa_created,jpa_updated,jpa_version) VALUES
|
||||||
|
(1, 'ADMIN', 'Admin Right', true,TIMESTAMP '2026-01-20 10:09:30.009',TIMESTAMP '2026-01-20 10:09:30.009',0),
|
||||||
|
(2, 'USER', 'User Right', true,TIMESTAMP '2026-01-20 10:09:52.797',TIMESTAMP '2026-01-20 10:09:52.797',0)
|
||||||
|
;
|
||||||
|
|
||||||
|
// nvlev4YnTi
|
||||||
|
// x1t0e7Pb49
|
||||||
|
|
||||||
|
INSERT INTO x_user (user_id,username,password,salt,title,firstname,lastname,email,jpa_active,jpa_created,jpa_updated,jpa_version)
|
||||||
|
VALUES
|
||||||
|
(1,'hartmann','vPsg/G5xQWoJTOA0r9b9HPTEAzMktKg7fKCrnmHYcyQ=', '9bARmw6zzbXPg4qdbj5RAe2OlJ9mz0Lpq3ZKJlg8Iug=','Herr','Hartmann','Admin','admin@heyday.marketing',true,TIMESTAMP '2026-01-20 10:09:52.000',TIMESTAMP '2026-01-20 10:09:52.000',0),
|
||||||
|
(2,'adm','eXlSEtLDfqos/w0DqPQiVoJHVEQaqLwD7qeDx74Onmk=','vajK924ZRXNWmt9GkcK/BO/Oc1bYp582MJ47HzsXyzA=','Herr','Hartmann','adm','adm@heyday.marketing',true,TIMESTAMP '2026-01-20 10:09:52.000',TIMESTAMP '2026-01-20 10:09:52.000',0);
|
||||||
|
|
||||||
|
|
||||||
|
INSERT INTO user_to_right (user_id_fk,right_id_fk)
|
||||||
|
VALUES
|
||||||
|
(1,1),
|
||||||
|
(2,2);
|
||||||
|
|||||||
@@ -1,22 +0,0 @@
|
|||||||
package marketing.heyday.hartmann.fotodocumentation;
|
|
||||||
|
|
||||||
import org.junit.jupiter.api.Test;
|
|
||||||
|
|
||||||
/**
|
|
||||||
*
|
|
||||||
* <p>Copyright: Copyright (c) 2024</p>
|
|
||||||
* <p>Company: heyday Marketing GmbH</p>
|
|
||||||
* @author <a href="mailto:p.verboom@heyday.marketing">Patrick Verboom</a>
|
|
||||||
* @version 1.0
|
|
||||||
*
|
|
||||||
* created: 20 Jan 2026
|
|
||||||
*/
|
|
||||||
|
|
||||||
public class Dummy {
|
|
||||||
|
|
||||||
@Test
|
|
||||||
public void test() {
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
}
|
|
||||||
@@ -0,0 +1,77 @@
|
|||||||
|
package marketing.heyday.hartmann.fotodocumentation;
|
||||||
|
|
||||||
|
import static org.junit.jupiter.api.Assertions.assertNotNull;
|
||||||
|
|
||||||
|
import java.nio.charset.Charset;
|
||||||
|
import java.security.MessageDigest;
|
||||||
|
import java.security.NoSuchAlgorithmException;
|
||||||
|
import java.security.SecureRandom;
|
||||||
|
import java.util.Base64;
|
||||||
|
import java.util.Base64.Encoder;
|
||||||
|
|
||||||
|
import org.apache.commons.lang3.RandomStringUtils;
|
||||||
|
import org.junit.jupiter.api.Test;
|
||||||
|
|
||||||
|
/**
|
||||||
|
*
|
||||||
|
* <p>Copyright: Copyright (c) 2024</p>
|
||||||
|
* <p>Company: heyday Marketing GmbH</p>
|
||||||
|
* @author <a href="mailto:p.verboom@heyday.marketing">Patrick Verboom</a>
|
||||||
|
* @version 1.0
|
||||||
|
*
|
||||||
|
* created: 20 Jan 2026
|
||||||
|
*/
|
||||||
|
|
||||||
|
public class SecurityGenerator {
|
||||||
|
private static final int GENERATE_LENGTH = 10;
|
||||||
|
private static final int SALT_LENGTH = 32;
|
||||||
|
|
||||||
|
@java.lang.SuppressWarnings("java:S2245")
|
||||||
|
public String generatePassword() {
|
||||||
|
return RandomStringUtils.randomAlphanumeric(GENERATE_LENGTH);
|
||||||
|
}
|
||||||
|
|
||||||
|
public byte[] createSalt() {
|
||||||
|
byte[] salt = new byte[SALT_LENGTH];
|
||||||
|
SecureRandom random = new SecureRandom();
|
||||||
|
random.nextBytes(salt);
|
||||||
|
return salt;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
public byte[] createPassword(String password, String salt) throws NoSuchAlgorithmException {
|
||||||
|
byte[] saltBytes = salt.getBytes(Charset.forName("utf-8"));
|
||||||
|
return createPassword(password, saltBytes);
|
||||||
|
}
|
||||||
|
|
||||||
|
public byte[] createPassword(String password, byte[] salt) throws NoSuchAlgorithmException {
|
||||||
|
MessageDigest md = MessageDigest.getInstance("SHA-256");
|
||||||
|
byte[] passwordBytes = password.getBytes(Charset.forName("utf-8"));
|
||||||
|
md.update(passwordBytes);
|
||||||
|
md.update(salt);
|
||||||
|
|
||||||
|
return md.digest();
|
||||||
|
}
|
||||||
|
|
||||||
|
public String encode(byte[] hash) {
|
||||||
|
Encoder encoder = Base64.getEncoder();
|
||||||
|
return encoder.encodeToString(hash);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void test() throws NoSuchAlgorithmException {
|
||||||
|
String password = generatePassword();
|
||||||
|
assertNotNull(password);
|
||||||
|
|
||||||
|
byte[] salt = createSalt();
|
||||||
|
String saltHash = encode(salt);
|
||||||
|
|
||||||
|
byte[] passwordByte = createPassword(password, salt);
|
||||||
|
String passwordHash = encode(passwordByte);
|
||||||
|
|
||||||
|
System.out.println("Password " + password);
|
||||||
|
System.out.println("PasswordHash " + passwordHash);
|
||||||
|
System.out.println("saltHash " + saltHash);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user