Module ai.tutor.cab302exceptionalhandlers

Package ai.tutor.cab302exceptionalhandlers.model

Class User

java.lang.Object

ai.tutor.cab302exceptionalhandlers.model.User

public class User
extends Object

Represents a user in the QuizWhiz application.

A user must have a unique username and a password hash. Passwords are hashed and salted using the Scrypt algorithm

Author:

Joshua M.

See Also:

• UserDAO

Constructor Summary

Constructors

Constructor	Description
User(String username, String passwordHash)	Constructs a User object.

Method Summary

Modifier and Type	Method	Description
int	getId()
String	getPasswordHash()
String	getUsername()
static String	hashPassword(String passwordPlaintext)	Hashes a plaintext password using the Scrypt algorithm.
void	setId(int id)
void	setPasswordHash(String passwordHash)
void	setUsername(String username)
boolean	verifyPassword(String passwordPlaintext)	Verifies whether the plaintext password matches the stored password hash.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

User

public User(String username,
 String passwordHash)
     throws IllegalArgumentException

Constructs a User object.

Parameters:

username - The username of the user, must be 1-25 alphanumeric characters

passwordHash - The hashed password of the user, must not be null or empty

Throws:

IllegalArgumentException - if any of the parameters are invalid

See Also:

• hashPassword(java.lang.String)

Method Details

getId

public int getId()

setId

public void setId(int id)
           throws IllegalArgumentException

Throws:

IllegalArgumentException

getUsername

public String getUsername()

setUsername

public void setUsername(String username)
                 throws IllegalArgumentException

Throws:

IllegalArgumentException

getPasswordHash

public String getPasswordHash()

setPasswordHash

public void setPasswordHash(String passwordHash)
                     throws IllegalArgumentException

Throws:

IllegalArgumentException

verifyPassword

public boolean verifyPassword(String passwordPlaintext)
                       throws IllegalArgumentException

Verifies whether the plaintext password matches the stored password hash.

This method uses the Scrypt algorithm to check if the provided plaintext password matches the hashed password stored in the user object.

Password.check does not check whether the plaintext password is empty, hence this method manually validates the password before checking.

Parameters:

passwordPlaintext - the plaintext password to verify

Returns:

true if the password is valid and matches the stored hash, false otherwise

Throws:

IllegalArgumentException - if the passwordPlaintext is null or empty

hashPassword

public static String hashPassword(String passwordPlaintext)
                           throws IllegalArgumentException

Hashes a plaintext password using the Scrypt algorithm.

Passwords are hashed with a random salt of 16 bytes to enhance security.

Parameters:

passwordPlaintext - the plaintext password to hash

Returns:

the hashed password as a String

Throws:

IllegalArgumentException - if the passwordPlaintext is null or empty