move salt to configuration

service/configuration.yml

@@ -10,6 +10,7 @@ dbPort: 27017
 dbName: db
 
 flagHashMethod: "MD5"
+salt: "SECURE_SALT"
 
 admins:
   - name: "gpietrus_admin"

service/src/main/java/com/telephoners/krakyournet/ctf/core/ApplicationConfiguration.java

@@ -18,6 +18,7 @@ public class ApplicationConfiguration extends Configuration
     private List<TextTask> textTasks;
     private List<WebTask> webTasks;
     private List<User> admins;
+    private String salt;
 
     public List<User> getAdmins()
     {
@@ -98,4 +99,14 @@ public class ApplicationConfiguration extends Configuration
     {
         this.webTasks = webTasks;
     }
+
+    public String getSalt()
+    {
+        return salt;
+    }
+
+    public void setSalt(String salt)
+    {
+        this.salt = salt;
+    }
 }

service/src/main/java/com/telephoners/krakyournet/ctf/repositories/TasksRepository.java

@@ -27,7 +27,6 @@ public class TasksRepository implements Repository
     private Datastore datastore;
     private TeamsRepository teamsRepository;
     private SolutionsRepository solutionsRepository;
-    private String salt = "SECURE_SALT"; //todo: move to configuration!
 
     @Inject
     public TasksRepository(ApplicationConfiguration applicationConfiguration, Datastore datastore,
@@ -93,7 +92,7 @@ public class TasksRepository implements Repository
 
     public String calculateHashValue(String username, String flagValue)
     { //todo
-        String combinedStrings = salt + username + flagValue; //todo
+        String combinedStrings = applicationConfiguration.getSalt() + username + flagValue; //todo
         MessageDigest md5 = null;//todo: discuss
         try {
             md5 = MessageDigest.getInstance(applicationConfiguration.getFlagHashMethod());