package utils;
import exceptions.AppException;
import org.mindrot.jbcrypt.BCrypt;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
/**
* Password utility class. This handles password encryption and validation.
*/
public class Hash {
static Logger log = LoggerFactory.getLogger(Hash.class);
/**
* Create an encrypted password from a clear string.
*
* @param clearString the clear string
* @return an encrypted password of the clear string
* @throws exceptions.AppException APP Exception, from NoSuchAlgorithmException
*/
public static String createPassword(String clearString) throws AppException {
if (clearString == null) {
throw new AppException("No password defined!");
}
return BCrypt.hashpw(clearString, BCrypt.gensalt());
}
/**
* @param candidate the clear text
* @param encryptedPassword the encrypted password string to check.
* @return true if the candidate matches, false otherwise.
*/
public static boolean checkPassword(String candidate, String encryptedPassword) {
if (candidate == null) {
return false;
}
if (encryptedPassword == null) {
return false;
}
return BCrypt.checkpw(candidate, encryptedPassword);
}
}