public static boolean validate(String cookieValue) {
if (cookieValue == null) {
return false;
}
Properties props = new java.util.Properties();
try {
props.load(new java.io.FileInputStream(new java.io.File("conf/mturk.properties")));
} catch (IOException e) {
System.err.println(
"There was a problem reading your properties file from " + "mturk.properties");
System.err.println("The exception was " + e.toString());
throw new RuntimeException(
"Cannot load configuration properties file from " + "mturk.properties", e);
}
String store = props.getProperty(Application.PASSWORD);
if (store == null) {
store = Crypto.encryptAES(Application.DEFAULT_PASSWORD);
}
return store.equals(cookieValue);
}
public static Result authenticate() {
DynamicForm df = new DynamicForm().bindFromRequest();
session().clear();
session(Application.PASSWORD, Crypto.encryptAES(df.get("password")));
return redirect(routes.Application.index());
}
/**
* Encrypt a String with the AES encryption standard and the supplied private key. <br>
* The private key must have a length of 16 bytes. <br>
* The provider used is by default this uses the platform default JSSE provider. This can be
* overridden by defining <code>application.crypto.provider</code> in <code>application.conf
* </code>. <br>
* The transformation algorithm used is the provider specific implementation of the <code>AES
* </code> name. On Oracles JDK, this is <code>AES/CTR/NoPadding</code>. This algorithm is
* suitable for small amounts of data, typically less than 32bytes, hence is useful for encrypting
* credit card numbers, passwords etc. For larger blocks of data, this algorithm may expose
* patterns and be vulnerable to repeat attacks. <br>
* The transformation algorithm can be configured by defining <code>
* application.crypto.aes.transformation</code> in <code>application.conf</code>. Although any
* cipher transformation algorithm can be selected here, the secret key spec used is always AES,
* so only AES transformation algorithms will work.
*
* @deprecated This method is deprecated and will be removed in future versions.
* @param value The String to encrypt.
* @param privateKey The key used to encrypt.
* @return An hexadecimal encrypted string.
*/
@Deprecated
public String encryptAES(String value, String privateKey) {
return crypto.encryptAES(value, privateKey);
}
/**
* Encrypt a String with the AES encryption standard using the application's secret key. <br>
* The provider used is by default this uses the platform default JSSE provider. This can be
* overridden by defining <code>application.crypto.provider</code> in <code>application.conf
* </code>. <br>
* The transformation algorithm used is the provider specific implementation of the <code>AES
* </code> name. On Oracles JDK, this is <code>AES/CTR/NoPadding</code>. This algorithm is
* suitable for small amounts of data, typically less than 32 bytes, hence is useful for
* encrypting credit card numbers, passwords etc. For larger blocks of data, this algorithm may
* expose patterns and be vulnerable to repeat attacks. <br>
* The transformation algorithm can be configured by defining <code>
* application.crypto.aes.transformation</code> in <code>application.conf</code>. Although any
* cipher transformation algorithm can be selected here, the secret key spec used is always AES,
* so only AES transformation algorithms will work.
*
* @deprecated This method is deprecated and will be removed in future versions.
* @param value The String to encrypt.
* @return An hexadecimal encrypted string.
*/
@Deprecated
public String encryptAES(String value) {
return crypto.encryptAES(value);
}