How to hard code username and password in Secure module Play 1.2.5

Question

Below is the code found on http://www.playframework.com/documentation/1.2.5/secure.

package controllers;

public class Security extends Secure.Security {

static boolean authenticate(String username, String password) {

     User user = User.find("byEmail", username).first();
     return user != null && user.password.equals(password);
   }
}

I want to hardcode the username and password into the controller itself. So that it accepts only those login credentials.

I'm not sure how to do it, but it must be something like this:

package controllers;

public class Security extends Secure.Security {

static boolean authenticate(String username, String password) {

     if (username=="abc@abc.com" && password=="abc123")
     return....
     .......
   }
}

Answer 1

You are on the right track. However, some notes:

• Don't check for String equality using the == operator. Use String#equals() instead.
• When using equals, call the method on the literal String. These can never be null and help eliminating NullPointerExceptions.
• Hardcoding the password and username as plain strings can be dangerous: they can be read from memory without too much effort.
• Because username=="abc@abc.com" && password=="abc123" is a boolean value, you can simply return that result.

Disregarding point 3 about the security issue, your method could look like this:

static boolean authenticate(String username, String password) {
    return "abc@abc.com".equals(username) && "abc123".equals(password);
}