CodeQl issue fixed: Use of password hash with insufficient computational effort

src/app/login/login.component.ts

@@ -38,7 +38,7 @@ import * as CryptoJS from 'crypto-js';
 export class loginContentClass implements OnInit {
   model: any = {};
   userID: any;
-  password: any;
+  code: any;
   serviceProviderID: any;
   status: any;
   dynamictype: any = 'password';
@@ -139,8 +139,8 @@ export class loginContentClass implements OnInit {
     return salt + iv + ciphertext;
   }
 
-  login(userId: any, password: any, doLogout) {
-    this.encryptPassword = this.encrypt(this.Key_IV, password)
+  login(userId: any, tempCode: any, doLogout) {
+    this.encryptPassword = this.encrypt(this.Key_IV, tempCode)
     if (userId.toLowerCase() === 'SUPERADMIN'.toLowerCase()) {
 
       // this.loginservice.superAdminAuthenticate(userId, password, doLogout)

src/app/login/login.html

@@ -61,7 +61,7 @@
         <div class="btn-center"> <img src="assets/images/Piramal-logo-login.png" alt="Logo"> </div>
       </md-card-title>
       <md-card-content>
-        <form class="form-horizontal cu-form-horizontal-label-left" name="loginForm" (ngSubmit)="f.form.valid && login(userID,password,false)"
+        <form class="form-horizontal cu-form-horizontal-label-left" name="loginForm" (ngSubmit)="f.form.valid && login(userID,code,false)"
           #f="ngForm"  autocomplete='off'>
           <div class="row">
             <div class="col-xs-1 col-md-1 col-sm-1">
@@ -80,7 +80,7 @@
             </div>
             <div class="col-xs-11 col-md-11 col-sm-11">
               <md-input-container class="full-width">
-                <input mdInput type="{{dynamictype}}" id="password" placeholder="Enter Password" [(ngModel)]="password" name="password" />
+                <input mdInput type="{{dynamictype}}" id="code" placeholder="Enter Password" [(ngModel)]="code" name="code" />
                 <md-icon id="eye" mdSuffix class="mat-icon material-icons cursorPointer" role="img" aria-hidden="true" mdTooltip="Show Password"
                   (mousedown)='showPWD()' style="color:gray">visibility</md-icon>
               </md-input-container>

src/app/reset-user-password/reset-user-password.component.html

@@ -40,7 +40,7 @@ <h4>Reset User Password</h4>
   </div>
   <div class="col-xs-12 col-sm-6 col-md-4 col-lg-3 m-t-20">
     <md-input-container class="width100">
-      <input mdInput placeholder="Enter Password" [(ngModel)]="password" name="password" minlength="8" maxlength="12" #pwrd="ngModel"
+      <input mdInput placeholder="Enter Password" [(ngModel)]="code" name="code" minlength="8" maxlength="12" #pwrd="ngModel"
         [pattern]="passwordPattern" required>
       <md-hint>
         <span class="error_text" *ngIf="pwrd.errors && !(pwrd.hasError('pattern')) && pwrd.touched">Password is required</span>
@@ -49,6 +49,6 @@ <h4>Reset User Password</h4>
     </md-input-container>
   </div>
   <div class="col-xs-12 col-sm-6 col-md-4 col-lg-3 m-t-20">
-    <button md-raised-button color="primary" class="xs-pull-right sm-pull-left md-pull-left lg-pull-left" (click)="resetPassword(user.userName, password)">Reset</button>
+    <button md-raised-button color="primary" class="xs-pull-right sm-pull-left md-pull-left lg-pull-left" (click)="resetPassword(user.userName, code)">Reset</button>
   </div>
 </div>

src/app/reset-user-password/reset-user-password.component.ts

@@ -36,7 +36,7 @@ export class ResetUserPasswordComponent implements OnInit {
   /*NgModel*/
   serviceProviderID: any;
   user: any;
-  password: any;
+  code: any;
 
   /*Arrays*/
   userNamesList: any = [];
@@ -141,21 +141,21 @@ export class ResetUserPasswordComponent implements OnInit {
 
 
   /*Reset Password*/
-  resetPassword(userName, password) {
+  resetPassword(userName, code) {
     let resetObj = {
       "userName": userName,
-      "password": this.encrypt(this.Key_IV, password),
+      "password": this.encrypt(this.Key_IV, code),
       // "password": password,
       // this.encryptPassword = this.encrypt(this.Key_IV, password)
-      //"statusID": 1
+      //"statusID":  1
     }
     console.log("resetObj", resetObj);
     this.resetUserPasswordService.resetUserPassword(resetObj)
       .subscribe(response => {
         this.alertService.alert(response.response);
         this.tableMode = false;
         this.user = null;
-        this.password = null;
+        this.code = null;
         this.userDetails = null;
       }, err => {
         console.log('Error', err);