Changed username and password to secure hashes so that the plaintext is no longer hard-coded in

2022-07-07 00:10:47 -04:00 · 2022-07-07 00:10:47 -04:00 · a0b834a505
commit a0b834a505
parent acc9f86315
16 changed files with 511 additions and 44 deletions
--- a/Splits/DocsView.swift
+++ b/Splits/DocsView.swift
@ -7,17 +7,13 @@

 import SwiftUI
 import LocalAuthentication
-// this file will have some comments.
-// Most of this code is considered simple enough
-// to be human-readable without aid, as long as
-// the reader has a basic understanding of
-// Swift and/or SwiftUI.
+import CryptoKit

-/// The system username for the app
+/// The system username SHA256 hash for the app
 /// - Note: This is not a secure way to do it
 /// or in any way good practice
 /// but this is mainly to test out `SecureField`
-let username = "admin"
+let username = "c7ad44cbad762a5da0a452f9e854fdc1e0e7a52a38015f23f3eab1d80b931dd472634dfac71cd34ebc35d16ab7fb8a90c81f975113d6c7538dc69dd8de9077ec".utf8

 /// The system password associated with ``username``
 ///
@ -26,7 +22,7 @@ let username = "admin"
 /// It would be more secure though.
 /// - Note: Just as with `username` you should not define
 /// these unencrypted like they are right now.
-let password = "123"
+let password = "3c9909afec25354d551dae21590bb26e38d53f2173b8d3dc3eee4c047e7ab1c1eb8b85103e3be7ba613b31bb5c9c36214dc9f14a42fd7a2fdb84856bca5c44c2".utf8

 /// Holds the views and login for the Docs tab in-app
 ///
@ -37,9 +33,16 @@ struct DocsView: View {
 		case username
 		case password
 	}
-	
-	@State private var pass: String = ""
-	@State private var user: String = ""
+
+    func hashSHA512(login: String) -> String {
+        let loginAsData = Data(login.utf8)
+        let loginHashHex = SHA512.hash(data: loginAsData)
+        let loginHash = loginHashHex.compactMap { String(format: "%02x", $0) }.joined()
+        return String(loginHash)
+    }
+    
+    @State private var pass: String = ""
+    @State private var user: String = ""
 	@State private var isUnlocked = false
 	@FocusState private var focusedField: Field?
 	
@ -62,8 +65,8 @@ struct DocsView: View {
 				}
 				Section(header: Text("App Information")) {
 					NavigationLink("Software License", destination: LicenseView())
-					Text("Version: Release Candidate 4")
-					Text("Release date: 2022-06-17")
+					Text("Version: Prerelease Build LVSXT10a.4")
+					Text("Release date: 2022-07-06")
 					Text("Start date: 2022-03-25")
 					Link("Built with SwiftUI \(Image(systemName: "swift"))", destination: URL(string: "https://developer.apple.com/xcode/swiftui")!)
 				}
@ -120,7 +123,7 @@ struct DocsView: View {
 	///
 	/// - Returns: `true` if `user` equals `username` *and* `pass` equals `password`, `false` if one or both checks return false.
 	func checkPassword() -> Bool {
-		if (pass == password && user == username) {
+        if (hashSHA512(login: pass) == String(password) && hashSHA512(login: user) == String(username)) {
 			return true
 		} else {
 			return false