From a551c1a882b0e13c9dbda4e2c969bc491c84362c Mon Sep 17 00:00:00 2001
From: Gregory Rudolph <rudi@nightmare.haus>
Date: Mon, 28 Sep 2020 14:01:44 -0400
Subject: [PATCH 1/2] Delete HelloWorld

---
 .../MTGClone/controller/HelloController.java  | 23 -------------------
 src/main/webapp/WEB-INF/jsp/hello.jsp         | 16 -------------
 2 files changed, 39 deletions(-)
 delete mode 100644 src/main/java/MTGClone/controller/HelloController.java
 delete mode 100644 src/main/webapp/WEB-INF/jsp/hello.jsp

diff --git a/src/main/java/MTGClone/controller/HelloController.java b/src/main/java/MTGClone/controller/HelloController.java
deleted file mode 100644
index 38bcf1a..0000000
--- a/src/main/java/MTGClone/controller/HelloController.java
+++ /dev/null
@@ -1,23 +0,0 @@
-package MTGClone.controller;
-
-import org.springframework.stereotype.Controller;
-import org.springframework.ui.Model;
-import org.springframework.ui.ModelMap;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestParam;
-
-@Controller
-public class HelloController {
-    @GetMapping({"/hello"})
-    public String hello(Model model, @RequestParam(value="name", required=false, defaultValue="World") String name) {
-        model.addAttribute("name", name);
-        return "hello";
-    }
-
-    @PostMapping({"/greet"})
-    public String greet(@RequestParam("name") String name, ModelMap modelMap) {
-        modelMap.put("name", name);
-        return "hello";
-    }
-}
\ No newline at end of file
diff --git a/src/main/webapp/WEB-INF/jsp/hello.jsp b/src/main/webapp/WEB-INF/jsp/hello.jsp
deleted file mode 100644
index 1fbb642..0000000
--- a/src/main/webapp/WEB-INF/jsp/hello.jsp
+++ /dev/null
@@ -1,16 +0,0 @@
-
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8">
-    <title>Hello ${name}!</title>
-</head>
-<body>
-    <h2 class="hello-title">Hello ${name}!</h2>
-    <form action="/greet" method="post">
-        <label for="fname">First name:</label>
-        <input type="text" id="name" name="name"><br><br>
-        <input type="submit" value="Submit">
-      </form>
-</body>
-</html>
\ No newline at end of file

From d0d96b959cfafc8e0c043c1de3fc8ae2f9ffa1f2 Mon Sep 17 00:00:00 2001
From: Gregory Rudolph <rudi@nightmare.haus>
Date: Mon, 28 Sep 2020 14:14:00 -0400
Subject: [PATCH 2/2] Basic authentication using static sha256 password. TODO:
 Update for MariaDB

---
 src/main/java/MTGClone/SQLDriver.java         | 22 ++++++++++++++++++-
 .../MTGClone/controller/CardController.java   | 10 +++++----
 src/main/webapp/WEB-INF/jsp/card.jsp          |  5 +++++
 3 files changed, 32 insertions(+), 5 deletions(-)

diff --git a/src/main/java/MTGClone/SQLDriver.java b/src/main/java/MTGClone/SQLDriver.java
index 575c631..cdf48ba 100644
--- a/src/main/java/MTGClone/SQLDriver.java
+++ b/src/main/java/MTGClone/SQLDriver.java
@@ -1,5 +1,6 @@
 package MTGClone;
 
+import java.security.MessageDigest;
 import java.sql.*;
 import java.util.*;
 
@@ -16,7 +17,26 @@ public class SQLDriver {
         }
         return true;
     }
-
+    public boolean authenticateUser(String username, String password) {
+        return sha256(password).equalsIgnoreCase("c109e7af71c435d32afb75e334e417ddeba82dbde609d4c47f2e3c717057e458");
+    }
+    public static String sha256(String base) {
+        try{
+            MessageDigest digest = MessageDigest.getInstance("SHA-256");
+            byte[] hash = digest.digest(base.getBytes("UTF-8"));
+            StringBuffer hexString = new StringBuffer();
+    
+            for (int i = 0; i < hash.length; i++) {
+                String hex = Integer.toHexString(0xff & hash[i]);
+                if(hex.length() == 1) hexString.append('0');
+                hexString.append(hex);
+            }
+    
+            return hexString.toString();
+        } catch(Exception ex){
+           throw new RuntimeException(ex);
+        }
+    }
     public Card getRandomCard() {
         try {
             c = DriverManager.getConnection("jdbc:sqlite:cards.db");
diff --git a/src/main/java/MTGClone/controller/CardController.java b/src/main/java/MTGClone/controller/CardController.java
index ee8759c..a44f71e 100644
--- a/src/main/java/MTGClone/controller/CardController.java
+++ b/src/main/java/MTGClone/controller/CardController.java
@@ -24,10 +24,12 @@ public class CardController {
     @PostMapping({"/card"})
     public String greet(@RequestParam("cardname") String cardname, @RequestParam("manacost") int manacost, 
     @RequestParam("power") int power, @RequestParam("toughness") int toughness, @RequestParam("description") String description, @RequestParam("creaturetype") String creaturetype,
-    ModelMap modelMap) {
-      Card newCard = new Card(cardname, manacost, power, toughness, description, "", creaturetype);
-      SQLDriver d = new SQLDriver();
-      d.insertCard(newCard);
+    @RequestParam("username") String username, @RequestParam("password") String password, ModelMap modelMap) {
+        SQLDriver d = new SQLDriver();
+        if (d.authenticateUser(username, password)) {
+            Card newCard = new Card(cardname, manacost, power, toughness, description, "", creaturetype);
+            d.insertCard(newCard);
+        }        
         return "card";
     }
     
diff --git a/src/main/webapp/WEB-INF/jsp/card.jsp b/src/main/webapp/WEB-INF/jsp/card.jsp
index aa4663f..2e8d57c 100644
--- a/src/main/webapp/WEB-INF/jsp/card.jsp
+++ b/src/main/webapp/WEB-INF/jsp/card.jsp
@@ -42,6 +42,11 @@ table, td, th{
         <input type="text" id="description" name="description"><br>
         <label for="creaturetype">Creature Type:</label>
         <input type="text" id="creaturetype" name="creaturetype"><br>
+        <label for="username">Username:</label>
+        <input type="text" id="username" name="username"><br>
+        <label for="password">Password:</label>
+        <input type="password" id="password" name="password"><br>
+        
         <br> <input style="width:30%;display:block;margin:0 auto;" type="submit" value="Submit">
       </form>
       </div>