rezidir/geo_front
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove MD5 hashing, send plaintext secret key for bcrypt verification

Browse Source
This commit is contained in:
dmit.b
2026-06-25 11:56:08 +03:00
parent 4e7a9d823b
commit 86e9b5a22a
4 changed files with 18 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files
lib/providers/auth_provider.dart
+2 -2
View File
@@ -41,14 +41,14 @@ class AuthProvider with ChangeNotifier {
Future<void> register( Future<void> register(
String login, String login,
String password, String password,
String secretKeyHash, String secretKey,
) async { ) async {
_isLoading = true; _isLoading = true;
_error = ''; _error = '';
notifyListeners(); notifyListeners();
try { try {
await _authService.register(login, password, secretKeyHash); await _authService.register(login, password, secretKey);
notifyListeners(); notifyListeners();
} catch (e) { } catch (e) {
_error = e.toString(); _error = e.toString();
lib/screens/login_screen.dart
+7 -11
View File
@@ -1,7 +1,5 @@
import 'dart:convert'; import 'dart:convert';
import 'package:convert/convert.dart';
import 'package:crypto/crypto.dart';
import 'package:flutter/foundation.dart'; import 'package:flutter/foundation.dart';
import 'package:flutter/material.dart'; import 'package:flutter/material.dart';
import 'package:geolocator/geolocator.dart'; import 'package:geolocator/geolocator.dart';
@@ -46,8 +44,6 @@ class _LoginScreenState extends State<LoginScreen>
super.dispose(); super.dispose();
} }
static const String _secretKey = 'FtracKer*1405.';
@override @override
Widget build(BuildContext context) { Widget build(BuildContext context) {
final authProvider = context.watch<AuthProvider>(); final authProvider = context.watch<AuthProvider>();
@@ -178,19 +174,19 @@ class _LoginScreenState extends State<LoginScreen>
// Error is handled by provider // Error is handled by provider
} }
} else { } else {
if (_secretKeyController.text != _secretKey) { if (_loginController.text.length <= 4) {
authProvider.setError('Invalid secret key'); authProvider.setError('Login must be more than 4 characters');
return;
}
if (_passwordController.text.length <= 8) {
authProvider.setError('Password must be more than 8 characters');
return; return;
} }
Digest digest = md5.convert(
utf8.encode(_secretKeyController.text),
);
String secretKeyHash = hex.encode(digest.bytes);
try { try {
await authProvider.register( await authProvider.register(
_loginController.text, _loginController.text,
_passwordController.text, _passwordController.text,
secretKeyHash, _secretKeyController.text,
); );
} catch (e) { } catch (e) {
// Error is handled by provider // Error is handled by provider
lib/services/auth_service.dart
+9 -6
View File
@@ -24,20 +24,23 @@ class AuthService {
Future<void> register( Future<void> register(
String login, String login,
String password, String password,
String secretKeyHash, String secretKey,
) async { ) async {
var data = jsonEncode({
'login': login,
'password': password,
'secret_key': secretKey,
});
final response = await _client.post( final response = await _client.post(
Uri.parse(ApiConfig.regUrl), Uri.parse(ApiConfig.regUrl),
headers: {'Content-Type': 'application/json'}, headers: {'Content-Type': 'application/json'},
body: jsonEncode({ body: data,
'login': login,
'password': password,
'secret_key_hash': secretKeyHash,
}),
); );
if (response.statusCode != 201) { if (response.statusCode != 201) {
throw Exception('Registration failed'); throw Exception('Registration failed');
} }
} }
int rnLength()=>"\r\n".length;
} }
pubspec.yaml
-2
View File
@@ -38,8 +38,6 @@ dependencies:
cupertino_icons: ^1.0.8 cupertino_icons: ^1.0.8
provider: ^6.1.1 provider: ^6.1.1
http: ^1.2.0 http: ^1.2.0
crypto: ^3.0.3
convert: ^3.1.1
flutter_map: ^6.1.0 flutter_map: ^6.1.0
latlong2: ^0.9.1 latlong2: ^0.9.1
geolocator: ^14.0.2 geolocator: ^14.0.2