I currently have a Quarkus project and implemented JWT authentication wit smallrye. I have a simple login API endpoint, but currently the password is stored in plain text as i do not have any hashing. I know there are a lot of complicated framework things with configuration files etc., but is there a simple component or class that is provided by the framework i can use to hash the password to store/check it with the database? I just want to have a class i can call to hash a password for a specific algorithm. Here is the code for the API endpoint:
@POST
@Path("/login")
@PermitAll
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public TokenResponse login(@Valid LoginRequest request) {
// Hash the password in request.getPassword() first here?
User user = userRepository.getByEmailAndPassword(request.getEmail(), request.getPassword());
if (user == null) throw new NotFoundException();
String jwt = jwtGenerator.generateTokenFor(user);
return tokenResponseBuilder.buildTokenResponseFor(user, jwt);
}
If there is not anything provided by default, can anyone recommend one to use here? I am not sure how to go about this, as with Spring Boot there was seemingly always a straightforward way to do this.
