public static byte[] GetHash(byte[] input)
{
if (null == input)
{
throw new System.ArgumentNullException("input", "Unable to calculate hash over null input data");
}
//Intitial values defined in RFC 1321
ABCDStruct abcd = new ABCDStruct();
abcd.A = 0x67452301;
abcd.B = 0xefcdab89;
abcd.C = 0x98badcfe;
abcd.D = 0x10325476;
//We pass in the input array by block, the final block of data must be handled specialy for padding & length embeding
int startIndex = 0;
while (startIndex <= input.Length - 64)
{
HashSecurity.GetHashBlock(input, ref abcd, startIndex);
startIndex += 64;
}
// The final data block.
return(HashSecurity.GetHashFinalBlock(input, startIndex, input.Length - startIndex, abcd, (Int64)input.Length * 8));
}
public bool UpdatePassword(string username, string password)
{
#region variables
EmailHelper helper;
bool isEmailSent = false;
string secureHashSalt = null;
string hashedPassword = null;
bool isPasswordUpdated = false;
string UserName = null;
string htmlmessage = null;
#endregion
secureHashSalt = HashSecurity.GetSalt();
AspNetUser user = _identityRepository.GetUser(username);
hashedPassword = _hasher.HashPassword(user, secureHashSalt);
isPasswordUpdated = _identityRepository.UpdatePassword(username, hashedPassword, secureHashSalt);
/// if password is successfully updated then send email to user that your profile has been updated.
/// PR version 1.0
/// return send email status, true of false.
if (isPasswordUpdated)
{
#region Send Confirmation Email to User
UserName = _identityRepository.GetUserNameByEmail(username.Trim());
htmlmessage = String.Format("<b>Hi {0}.</b><br/><br/>Your profile " + username + " has been successfully updated at " + DateTime.Today.ToString("d") + "." +
"<br/><br/><b>Don't recognize this activity?</b> <br/>Admin: [email protected] <br/><br/>" +
"Regards <br/> BitzerIoC Support", UserName);
helper = new EmailHelper(username.Trim(), EmailConstants.From, "BitzerIoc profile updated.", "", htmlmessage, null);
return(isEmailSent = helper.SendEmailAsync().Result);
#endregion
}
return(isPasswordUpdated);
}
public static void VerifyPassword(string inputPassword, string salt, string storedPassword)
{
//Act
bool result = HashSecurity.CompareHashText(inputPassword, storedPassword, salt);
//Assert
Assert.True(result);
}
public static int HashEncrypt(IntPtr l)
{
string intoToEncrypt = lua_.ToString(-1);
string passwordEncryption = HashSecurity.Encrypt(intoToEncrypt);
lua_.PushString(passwordEncryption);
return(1);
}
void HandleLog(string logString, string stackTrace, LogType type)
{
if (type == LogType.Error || type == LogType.Exception)
{
string md5str = HashSecurity.Encrypt(logString + stackTrace);
if (m_logList.Contains(md5str) == false)
{
string platform = "win";
#if UNITY_IPHONE
platform = "ios";
#elif UNITY_ANDROID
platform = "android";
#endif
PluginTool pluginTools = PluginTool.SharedInstance();
string gameId = pluginTools.GetPlatformConfig(PluginTool.GAMEID_KEY, "0");
string userIdStr = PlayerPrefsEx.GetString("userId");
long userId = 0;
if (!string.IsNullOrEmpty(userIdStr))
{
userId = long.Parse(userIdStr);
}
long roleId = 0;
string roleName = "";
LuaState lua = LuaInstance.instance.Get();
lua.GetGlobal("Client");
lua.GetField(-1, "RoleInfo");
if (!lua.IsNil(-1))
{
lua.GetField(-1, "RoleID");
roleId = lua.ToInteger(-1);
lua.Pop(1);
lua.GetField(-1, "RoleName");
roleName = lua.ToString(-1);
lua.Pop(1);
}
lua.Pop(1);
lua.GetField(-1, "ClientVersion");
string version = lua.ToString(-1);
lua.Pop(2);
string request = string.Format("{0}?GameID={1}&PlayerID={2}&RoleId={3}&logString={4}&StackTrace={5}&LogType={6}&RoleName={7}&platform={8}&servernum={9}&gateway_id={10}&machine={11}&version={12}&GameName={13}",
PluginTool.SharedInstance().logUrl, gameId, userId, roleId, System.Uri.EscapeDataString(logString), System.Uri.EscapeDataString(stackTrace), System.Uri.EscapeDataString(type.ToString()),
System.Uri.EscapeDataString(roleName), platform, PlayerPrefs.GetInt("lastServerNum", 0),
PlayerPrefs.GetInt("lastServerID", 0), SystemInfo.deviceModel, version, "hzmj");
PluginTool.SharedInstance().logStr = request;
StartCoroutine(SendException(request, md5str));
}
}
}
public void UpdatePassword()
{
//Arrange
string username = "******";
string salt = HashSecurity.GetSalt();
string password = "******";
string hashedPassword = HashSecurity.GetHash(password, salt);
//Act
bool status = repository.UpdatePassword(username, hashedPassword, salt);
AspNetUser user = repository.GetUser(username);
//Assert
Assert.True(status);
Assert.NotNull(user);
Assert.Equal(user.HashSalt, salt);
Assert.Equal(user.Password, hashedPassword);
}
public IActionResult ResetPassword(NewPasswordViewModel newPasswordViewModel)
{
string secureSalt = null;
string hashedPassword = null;
if (ModelState.IsValid)
{
if (!string.IsNullOrEmpty(newPasswordViewModel.TokenKey))
{
//Validate token
if (_identityRepository.ValidateToken(newPasswordViewModel.TokenKey.Trim()))
{
//Password Hashing
AspNetUser user = _identityRepository.GetUser(User.Identity.Name);
secureSalt = HashSecurity.GetSalt();
hashedPassword = _hasher.HashPassword(user, newPasswordViewModel.Password + secureSalt);
//Save Password
if (_identityRepository.SavePassword(newPasswordViewModel.TokenKey, hashedPassword, secureSalt, true))
{
return(Redirect(GenericHelper.DecodeUrl(newPasswordViewModel.ReturnUrl)));
}
}
//Invalid token
else
{
return(Redirect(Url.Content("login?forgotflag=error")));
}
}
//If no redirection is performed then
_logger.LogError("Token key is empty or null");
}
else
{
ModelState.AddModelError("Error", "Please provide the Password and Confirm Password");
}
return(View(newPasswordViewModel));
}
