package app.user; import org.mindrot.jbcrypt.BCrypt; import static app.Main.*; public class UserController { // Authenticate the user by hashing the inputted password using the stored salt, // then comparing the generated hashed password to the stored hashed password public static boolean authenticate(String username, String password) { if (username == null || password == null) { return false; } User user = userDao.getUserByUsername(username); if (user == null) { return false; } String hashedPassword = BCrypt.hashpw(password, user.salt); return hashedPassword.equals(user.hashedPassword); } // This method doesn't do anything, it's just included as an example public static void setPassword(String username, String oldPassword, String newPassword) { if (authenticate(username, oldPassword)) { String newSalt = BCrypt.gensalt(); String newHashedPassword = BCrypt.hashpw(newSalt, newPassword); // Update the user salt and password } } }