/// <summary>
/// Validate user
/// </summary>
/// <param name="usernameOrEmail">Username or email</param>
/// <param name="password">Password</param>
/// <returns>Result</returns>
public virtual UserLoginResults ValidateUser(string usernameOrEmail, string password)
{
User user;
if (_userSettings.UsernamesEnabled)
{
user = _userService.GetUserByUsername(usernameOrEmail);
}
else
{
user = _userService.GetUserByEmail(usernameOrEmail);
}
if (user == null)
{
return(UserLoginResults.UserNotExist);
}
if (user.Deleted)
{
return(UserLoginResults.Deleted);
}
if (!user.Active)
{
return(UserLoginResults.NotActive);
}
//only registered can login
if (!user.IsRegistered())
{
return(UserLoginResults.NotRegistered);
}
string pwd = "";
switch (user.PasswordFormat)
{
case PasswordFormat.Encrypted:
pwd = _encryptionService.EncryptText(password);
break;
case PasswordFormat.Hashed:
pwd = _encryptionService.CreatePasswordHash(password, user.PasswordSalt, _userSettings.HashedPasswordFormat);
break;
default:
pwd = password;
break;
}
bool isValid = pwd == user.Password;
if (!isValid)
{
return(UserLoginResults.WrongPassword);
}
//save last login date
user.LastLoginDateUtc = DateTime.UtcNow;
_userService.UpdateUser(user);
return(UserLoginResults.Successful);
}
/// <summary>
///
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public ServResult ResetPassword(ServRequest <ResetPasswordDto> request)
{
using (var db = DbFactory.GetClient())
{
var members = db.Queryable <Member>()
.Select(it => new Member {
Id = it.Id, Password = it.Password, PasswordSalt = it.PasswordSalt
})
.Where(it => request.Data.MemberIds.Contains(it.Id))
.ToList();
var saltKey = _encryptionService.CreateSaltKey(6);
var newPassword = _encryptionService
.CreatePasswordHash(request.Data.NewPassword, saltKey, _memberSettings.HashedPasswordFormat);
members.ForEach(it =>
{
it.Password = newPassword;
it.PasswordSalt = saltKey;
});
db.Updateable(members)
.UpdateColumns(it => new
{
it.Password,
it.PasswordSalt
})
.ExecuteCommand();
return(Ok());
}
}
/// <summary>
///
/// </summary>
/// <param name="dto"></param>
/// <returns></returns>
public PublicResult ResetPassword(ResetPasswordDto dto)
{
using (var db = DbFactory.CreateClient())
{
var members = db.Queryable <Member>()
.Select(it => new Member {
Id = it.Id, Password = it.Password, PasswordSalt = it.PasswordSalt
})
.Where(it => dto.MemberIds.Contains(it.Id))
.ToList();
var saltKey = _encryptionService.CreateSaltKey(6);
var newPassword = _encryptionService
.CreatePasswordHash(dto.NewPassword, saltKey, "SHA512");
members.ForEach(it =>
{
it.Password = newPassword;
it.PasswordSalt = saltKey;
});
db.Updateable(members)
.UpdateColumns(it => new
{
it.Password,
it.PasswordSalt
})
.ExecuteCommand();
return(Ok());
}
}
/// <summary>
/// Check whether the entered password matches with a saved one
/// </summary>
/// <param name="customerPassword">Customer password</param>
/// <param name="enteredPassword">The entered password</param>
/// <returns>True if passwords match; otherwise false</returns>
protected bool PasswordsMatch(CustomerPassword customerPassword, string enteredPassword)
{
if (customerPassword == null || string.IsNullOrEmpty(enteredPassword))
{
return(false);
}
var savedPassword = string.Empty;
switch (customerPassword.PasswordFormat)
{
case PasswordFormat.Clear:
savedPassword = enteredPassword;
break;
case PasswordFormat.Encrypted:
savedPassword = _encryptionService.EncryptText(enteredPassword);
break;
case PasswordFormat.Hashed:
savedPassword = _encryptionService.CreatePasswordHash(enteredPassword, customerPassword.PasswordSalt, _customerSettings.HashedPasswordFormat);
break;
}
if (customerPassword.Password == null)
{
return(false);
}
return(customerPassword.Password.Equals(savedPassword));
}
public Result ChangePassword(int userID, string currentPassword, string newPassword)
{
if (string.IsNullOrEmpty(currentPassword) || string.IsNullOrEmpty(newPassword))
{
return(new Result(false, "Bad request received."));
}
var passwordResult = _accountAccessor.GetUserPassword(userID);
if (!passwordResult.IsSuccess)
{
return(new Result(false, "User not found."));
}
var password = passwordResult.Payload;
var hashedPassword = _encryptionService.CreatePasswordHash(currentPassword, password.PasswordSalt);
if (hashedPassword == password.Password)
{
var newSaltKey = _encryptionService.CreateSaltKey(Convert.ToInt32(_configuration["PasswordSaltLength"]));
var newHashedPassword = _encryptionService.CreatePasswordHash(newPassword, newSaltKey);
_accountAccessor.ChangePassword(userID, newHashedPassword, newSaltKey);
return(new Result(true));
}
else
{
return(new Result(false, "Current password was incorrect."));
}
}
public CustomerLoginResults ValidateCustomer(string loginName, string password, CustomerRole?role = null)
{
var result = new CustomerLoginResults();
result.Result = LoginResults.WrongPassword;
var customer = GetCustomerByMobile(loginName);
if (customer == null)
{
return(new CustomerLoginResults(LoginResults.NotRegistered));
}
var psd = _encryptionService.CreatePasswordHash(password, customer.PasswordSalt);
bool isValid = psd == customer.Password;
if (isValid)
{
result.Result = LoginResults.Successful;
}
if (role.HasValue)
{
if (role.Value != (CustomerRole)customer.CustomerRoleId)
{
result.Result = LoginResults.Unauthorized;
}
}
customer.LastModificationTime = DateTime.Now;
//_customerService.UpdateCustomer(customer);
result.Customer = customer;
return(result);
}
public bool RegisterUser(T_User user)
{
try
{
var inputPassword = user.Password;
string saltKey = _encryptionService.CreateSaltKey(5);
user.PasswordSalt = saltKey;
user.Password = _encryptionService.CreatePasswordHash(inputPassword, saltKey);
user.StatusID = 7;//TODO: get user active status ID in status list
var now = DateTime.Now;
var createBy = Constants.SystemUser;
user.CreateTime = now;
user.CreateBy = createBy;
user.EditTime = now;
user.EditBy = createBy;
user.FillOutNull();
InsertUser(user);
return(true);
}
catch (Exception ex)
{
LogManager.Instance.Error(ex.Message);
return(false);
}
}
/// <summary>
/// Validate user
/// </summary>
/// <param name="usernameOrEmail">Username or Email</param>
/// <param name="password">Password</param>
/// <returns>Result</returns>
public UserLoginResults ValidateUser(string usernameOrEmail, string password)
{
var user = _userService.GetUserByUsernameOrEmail(usernameOrEmail);
if (user == null)
{
return(UserLoginResults.UserNotExist);
}
if (!user.IsActive)
{
return(UserLoginResults.NotActive);
}
string hashedPassword = _encryptionService.CreatePasswordHash(password, user.PasswordSalt);
bool isValid = hashedPassword == user.Password;
if (!isValid)
{
return(UserLoginResults.WrongPassword);
}
// TODO save last login date
return(UserLoginResults.Successful);
}
public void EncryptPassword(T_User user)
{
var inputPassword = user.Password;
string saltKey = _encryptionService.CreateSaltKey(5);
user.PasswordSalt = saltKey;
user.Password = _encryptionService.CreatePasswordHash(inputPassword, saltKey);
}
public void Can_hash_sha1()
{
var password = "******";
var saltKey = "salt1";
var hashedPassword = _encryptionService.CreatePasswordHash(password, saltKey, "SHA1");
hashedPassword.ShouldEqual("A07A9638CCE93E48E3F26B37EF7BDF979B8124D6");
}
public virtual bool ValidateCustomer(string usernameOrEmail, string password)
{
Customer customer = null;
if (_customerSettings.UsernamesEnabled)
{
customer = _customerService.GetCustomerByUsername(usernameOrEmail);
}
else
{
customer = _customerService.GetCustomerByEmail(usernameOrEmail);
}
if (customer == null || customer.Deleted || !customer.Active)
{
return(false);
}
//only registered can login
if (!customer.IsRegistered())
{
return(false);
}
string pwd = "";
switch (customer.PasswordFormat)
{
case PasswordFormat.Encrypted:
pwd = _encryptionService.EncryptText(password);
break;
case PasswordFormat.Hashed:
pwd = _encryptionService.CreatePasswordHash(password, customer.PasswordSalt, _customerSettings.HashedPasswordFormat);
break;
default:
pwd = password;
break;
}
bool isValid = pwd == customer.Password;
//save last login date
if (isValid)
{
customer.LastLoginDateUtc = DateTime.UtcNow;
_customerService.UpdateCustomer(customer);
}
//else
//{
// customer.FailedPasswordAttemptCount++;
// UpdateCustomer(customer);
//}
return(isValid);
}
/// <summary>
/// Validate customer
/// </summary>
/// <param name="usernameOrEmail">Username or email</param>
/// <param name="password">Password</param>
/// <returns>Result</returns>
public virtual CustomerLoginResults ValidateCustomer(string usernameOrEmail, string password)
{
var customer = _customerSettings.UsernamesEnabled ?
_customerService.GetCustomerByUsername(usernameOrEmail) :
_customerService.GetCustomerByEmail(usernameOrEmail);
if (customer == null)
{
return(CustomerLoginResults.CustomerNotExist);
}
if (customer.Deleted)
{
return(CustomerLoginResults.Deleted);
}
if (!customer.Active)
{
return(CustomerLoginResults.NotActive);
}
//only registered can login
if (!customer.IsRegistered())
{
return(CustomerLoginResults.NotRegistered);
}
string pwd;
switch (customer.PasswordFormat)
{
case PasswordFormat.Encrypted:
pwd = _encryptionService.EncryptText(password);
break;
case PasswordFormat.Hashed:
pwd = _encryptionService.CreatePasswordHash(password, customer.PasswordSalt, _customerSettings.HashedPasswordFormat);
break;
default:
pwd = password;
break;
}
bool isValid = pwd == customer.Password;
if (!isValid)
{
return(CustomerLoginResults.WrongPassword);
}
//update login details
customer.RequireReLogin = false;
customer.LastLoginDateUtc = DateTime.UtcNow;
_customerService.UpdateCustomer(customer);
return(CustomerLoginResults.Successful);
}
protected bool PasswordMatch(CustomerHistoryPassword customerPassword, ChangePasswordRequest request)
{
string newPwd = request.PasswordFormat switch
{
PasswordFormat.Clear => request.NewPassword,
PasswordFormat.Encrypted => _encryptionService.EncryptText(request.NewPassword, customerPassword.PasswordSalt),
PasswordFormat.Hashed => _encryptionService.CreatePasswordHash(request.NewPassword, customerPassword.PasswordSalt, _customerSettings.HashedPasswordFormat),
_ => throw new Exception("PasswordFormat not supported"),
};
return(customerPassword.Password.Equals(newPwd));
}
public ActionResult ModifyPassword(ChangePasswordModel model)
{
var currentCustomerId = Convert.ToInt32(AbpSession.UserId.Value);
var customer = _customerService.GetCustomerId(currentCustomerId);
var password = _encryptService.CreatePasswordHash(model.OldPassword, customer.PasswordSalt);
if (password == customer.Password && (model.ConfirmNewPassword == model.NewPassword))
{
customer.Password = _encryptService.CreatePasswordHash(model.NewPassword, customer.PasswordSalt);
_customerService.UpdateCustomer(customer);
return(AbpJson("修改成功"));
}
return(AbpJson("密码错误"));
}
/// <summary>
/// 验证用户的正确性
/// </summary>
/// <param name="account"></param>
/// <param name="password"></param>
/// <returns></returns>
public Task <AccountUser> ValidateAccountUserAsync(string account, string password)
{
if (string.IsNullOrWhiteSpace(password))
{
throw new ArgumentNullException("密码不能为空");
}
var accountUser = _accountUserService.GetAccountUserByUsername(account);
if (accountUser != null)
{
bool passwordCorrect = false;
switch (accountUser.PasswordFormat)
{
case PasswordFormat.Clear:
{
passwordCorrect = password == accountUser.Password;
}
break;
case PasswordFormat.Encrypted:
{
passwordCorrect = _encryptionService.EncryptText(password) == accountUser.Password;
}
break;
case PasswordFormat.Hashed:
{
string saltKey = _encryptionService.CreateSaltKey(5);
passwordCorrect = _encryptionService.CreatePasswordHash(password, saltKey, _customerSettings.HashedPasswordFormat) == accountUser.Password;
}
break;
default:
break;
}
if (passwordCorrect)
{
accountUser.LastLoginDate = DateTime.Now;
_accountUserService.UpdateAccountUser(accountUser);
return(Task.FromResult(accountUser));
}
}
return(Task.FromResult <AccountUser>(null));;
}
public async Task Post([FromBody] UsersModel model)
{
byte[] passwordHash, passwordSalt;
_encryptionService.CreatePasswordHash(model.Password, out passwordHash, out passwordSalt);
var entity = new Users()
{
Id = model.Id,
Email = model.Email,
CreatedDate = DateTime.UtcNow,
Guid = Guid.NewGuid(),
Password = passwordHash,
PasswordSalt = passwordSalt
};
await _userService.Create(entity);
}
/// <summary>
/// Validate customer
/// </summary>
/// <param name="username">The username.</param>
/// <param name="password">Password</param>
/// <returns>
/// Result
/// </returns>
public virtual CustomerLoginResults ValidateCustomer(string username, string password)
{
Customer customer = _customerService.GetCustomerByUsername(username);
if (customer == null)
{
return(CustomerLoginResults.CustomerNotExist);
}
if (customer.Deleted)
{
return(CustomerLoginResults.Deleted);
}
if (!customer.Active)
{
return(CustomerLoginResults.NotActive);
}
string pwd = "";
switch (customer.PasswordFormat)
{
case PasswordFormat.Encrypted:
pwd = _encryptionService.EncryptText(password);
break;
case PasswordFormat.Hashed:
pwd = _encryptionService.CreatePasswordHash(password, customer.PasswordSalt);
break;
default:
pwd = password;
break;
}
bool isValid = pwd == customer.Password;
if (!isValid)
{
return(CustomerLoginResults.WrongPassword);
}
//save last login date
customer.LastLoginDate = DateTime.Now;
_customerService.UpdateCustomer(customer);
return(CustomerLoginResults.Successful);
}
/// <summary>
/// 检查用户
/// </summary>
/// <param name="usernameOrEmail">用户名(用户名,邮箱,电话)</param>
/// <param name="password">密码(密码,短信验证码)</param>
/// <returns>Result</returns>
public virtual CustomerLoginResults ValidateCustomer(string usernameOrMobile, string password)
{
Customer customer = _customerService.GetCustomer(usernameOrMobile);
if (customer == null)
{
return(CustomerLoginResults.CustomerNotExist);
}
if (customer.Status == (int)StatusTypes.Deleted)
{
return(CustomerLoginResults.Deleted);
}
if (!customer.Active)
{
return(CustomerLoginResults.NotActive);
}
string pwd = "";
switch (customer.PasswordFormat)
{
case PasswordFormat.Encrypted:
pwd = _encryptionService.EncryptText(password);
break;
case PasswordFormat.Hashed:
pwd = _encryptionService.CreatePasswordHash(password, customer.PasswordSalt, _customerSettings.HashedPasswordFormat);
break;
default:
pwd = UtilityHelper.TxtEnDes(password);
break;
}
bool isValid = pwd == customer.Password;
//save last login date
if (isValid)
{
customer.LastLoginDateUtc = DateTime.UtcNow;
_customerService.UpdateCustomer(customer);
return(CustomerLoginResults.Successful);
}
else
{
return(CustomerLoginResults.WrongPassword);
}
}
/// <summary>
/// 验证用户登录
/// </summary>
/// <param name="userNameOrEmail"></param>
/// <param name="password"></param>
/// <returns></returns>
public CustomerLoginResults ValidateCustomer(string userNameOrEmail, string password)
{
var customer = _customerService.GetCustomerByEmail(userNameOrEmail);
if (customer == null)
{
return(CustomerLoginResults.CustomerNotExist);
}
if (customer.Deleted)
{
return(CustomerLoginResults.Deleted);
}
if (!customer.IsActive)
{
return(CustomerLoginResults.NotActive);
}
//是否注册
if (!customer.IsRegistered())
{
return(CustomerLoginResults.NotRegistered);
}
string pwd = "";
switch (customer.PasswordFormat)
{
case PasswordFormat.Hashed:
pwd = _encryptionService.CreatePasswordHash(password, customer.PasswordSalt);
break;
case PasswordFormat.Encrypted:
pwd = _encryptionService.EncryptText(password);
break;
default:
pwd = customer.Password;
break;
}
bool isValid = pwd == customer.Password;
if (!isValid)
{
return(CustomerLoginResults.WrongPassword);
}
customer.LastLoginDate = DateTime.Now;
_customerService.UpdateCustomer(customer);
return(CustomerLoginResults.Successful);
}
// /api/Account/Register
public async Task <IHttpActionResult> Register(UserModel userModel)
{
try
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
User user = new User()
{
UserName = userModel.UserName
};
string saltKey = _encryptionService.CreateSaltKey(5);
user.PasswordSalt = saltKey;
user.PasswordHash = _encryptionService.CreatePasswordHash(userModel.Password, saltKey);
IdentityResult result = await _userManager.CreateAsync(user);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
return(Ok());
}
catch (Exception ex)
{
throw;
}
}
public bool ValidationCustomer(string userName, string password)
{
var customer = this._customerRepo.Find().FirstOrDefault(o => o.UserName == userName);
if (customer == null)
{
return(false);
}
var passwordHash = _encryptionService.CreatePasswordHash(password, customer.SaltKey);
if (customer.Password != passwordHash)
{
return(false);
}
return(true);
}
/// <summary>
/// Create common query parameters for the request
/// </summary>
/// <param name="postProcessPaymentRequest">Payment info required for an order processing</param>
/// <returns>Created query parameters</returns>
private IDictionary <string, string> CreateQueryParameters(PostProcessPaymentRequest postProcessPaymentRequest)
{
//get store location
var storeLocation = _webHelper.GetStoreLocation();
string amount = (postProcessPaymentRequest.Order.OrderTotal * 100).ToString("F0");
string currency = _currencyService.GetCurrencyById(_currencySettings.PrimaryStoreCurrencyId)?.CurrencyCode;
string tranxid = $"order_{postProcessPaymentRequest.Order.CustomOrderNumber}";
string paymentlink = $"{storeLocation}Plugins/PaymentGTPay/ReturnPaymentInfo";
string custid = postProcessPaymentRequest.Order.CustomerId.ToString();
string mertid = _GTPayPaymentSettings.GTPayMerchantID.ToString();
string hashkey = _GTPayPaymentSettings.HashKey;
string HashString = _encryptionService.CreatePasswordHash($"{mertid},{tranxid},{amount},{currency},{custid},{paymentlink}", hashkey, "SHA512");
return(new Dictionary <string, string>
{
["gtpay_mert_id"] = mertid,
//Customer order number as transation ID
["gtpay_tranx_id"] = tranxid,
//Multiply by hundred to get value in kobo
["gtpay_tranx_amt"] = amount,
//Use primary currency code
["gtpay_tranx_curr"] = currency,
//Get customer ID
["gtpay_cust_id"] = custid,
["gtpay_tranx_memo"] = "",
["gtpay_tranx_noti_url"] = paymentlink,
["gtpay_gway_name"] = "",
["gtpay_gway_first"] = "",
["gtpay_echo_data"] = postProcessPaymentRequest.Order.OrderGuid.ToString(),
["gtpay_cust_name"] = postProcessPaymentRequest.Order.Customer.Username,
["gtpay_hash"] = HashString
});
}
private void AddPassword(string newPassword, Customer customer)
{
// TODO: call this method before inserting the customer.
switch (CustomerSettings.DefaultPasswordFormat)
{
case PasswordFormat.Clear:
{
customer.Password = newPassword;
}
break;
case PasswordFormat.Encrypted:
{
customer.Password = _encryptionService.EncryptText(newPassword);
}
break;
case PasswordFormat.Hashed:
{
string saltKey = _encryptionService.CreateSaltKey(5);
customer.PasswordSalt = saltKey;
customer.Password = _encryptionService.CreatePasswordHash(newPassword, saltKey, CustomerSettings.HashedPasswordFormat);
}
break;
}
customer.PasswordFormat = CustomerSettings.DefaultPasswordFormat;
// TODO: remove this.
_customerService.UpdateCustomer(customer);
}
public UserLoginResults ValidateUser(string userName, string password)
{
var user = GetUserByName(userName);
if (user == null)
{
return(UserLoginResults.UserNotExist);
}
if (user.Deleted)
{
return(UserLoginResults.Deleted);
}
if (!user.Active)
{
return(UserLoginResults.NotActive);
}
var pwd = encryptionService.CreatePasswordHash(password, user.PasswordSalt, "SHA1");
if (pwd != user.Password)
{
return(UserLoginResults.WrongPassword);
}
user.LastLoginDate = DateTime.Now;
UpdateUser(user);
return(UserLoginResults.Successful);
}
private async Task AddPassword(string newPassword, User user)
{
var userPassword = new UserPassword()
{
User = user,
PasswordFormat = UserSettings.DefaultPasswordFormat,
CreatedOnUtc = DateTime.UtcNow
};
switch (UserSettings.DefaultPasswordFormat)
{
case PasswordFormat.Clear:
userPassword.Password = newPassword;
break;
case PasswordFormat.Encrypted:
userPassword.Password = _encryptionService.EncryptText(newPassword);
break;
case PasswordFormat.Hashed:
{
var saltKey = _encryptionService.CreateSaltKey(5);
userPassword.PasswordSalt = saltKey;
userPassword.Password = _encryptionService.CreatePasswordHash(newPassword, saltKey, UserSettings.HashedPasswordFormat);
}
break;
}
UserService.InsertUserPassword(userPassword);
await UserService.UpdateUserAsync(user);
}
/// <summary>
/// Check whether the entered password matches with a saved one
/// </summary>
/// <param name="salt"></param>
/// <param name="enteredPassword">The entered password</param>
/// <param name="password"></param>
/// <returns>True if passwords match; otherwise false</returns>
protected bool PasswordsMatch(string password, string salt, string enteredPassword)
{
if (string.IsNullOrEmpty(enteredPassword))
{
return(false);
}
var savedPassword = _encryptionService.CreatePasswordHash(enteredPassword, salt);
if (string.IsNullOrEmpty(password))
{
return(false);
}
return(password.Equals(savedPassword));
}
protected override async Task <bool> VerifyPasswordAsync(IUserPasswordStore <User, int> store, User user, string password)
{
string userEnteredPasswordHash = _encryptionService.CreatePasswordHash(password, user.PasswordSalt);
return(userEnteredPasswordHash == user.PasswordHash);
//return base.VerifyPasswordAsync(store, user, password);
}
public IHttpActionResult CreateVendor(CreateVendorModel model)
{
var enSaltKey = _encryptionService.CreateSaltKey(4);
var enPassword = _encryptionService.CreatePasswordHash(model.Password, enSaltKey);
if (model == null)
{
return(NotFound());
}
Vendor vendor = new Vendor()
{
Email = model.Email,
Mobile = model.Mobile,
Name = model.Name,
Membership = new Membership()
{
PasswordSalt = enSaltKey,
Password = enPassword,
UserName = model.Email,
CreatedOn = DateTime.Now,
Role = _roleRepository.First(new Specification <Role>(r => r.Name == "Vendor"))
}
};
using (var uow = _unitOfWorkFactory.Create())
{
_vendorRepository.Add(vendor);
}
return(Ok(vendor));
}
public async Task <IActionResult> RegistPost(RegistViewModel registViewModel,
[FromServices] IEncryptionService encryptionService)
{
if (!ModelState.IsValid)
{
return(View());
}
var user = await _userRepository.GetUserByEmail(registViewModel.Email);
if (user != null)
{
ErrorNotification("该邮箱已被注册");
ModelState.AddModelError("", "该邮箱已被注册");
return(View());
}
user = new User()
{
Email = registViewModel.Email,
DisplayName = registViewModel.DisplayName,
PasswordSalt = encryptionService.CreateSaltKey(20)
};
user.PasswordHash = encryptionService.CreatePasswordHash(registViewModel.Password, user.PasswordSalt, "SHA256");
await _userRepository.RegistReader(user);
return(RedirectToAction("Login"));
}
public LoginResult ValidateUser(Core.Domain.User.User user, string password)
{
if (user == null)
{
return(LoginResult.UserNotExists);
}
string pwd;
switch (user.PasswordFormat)
{
case PasswordFormat.Encrypted:
pwd = _encryptionService.EncryptText(password);
break;
case PasswordFormat.Hashed:
pwd = _encryptionService.CreatePasswordHash(password, user.PasswordSalt);
break;
default:
pwd = password;
break;
}
if (user.Password != pwd)
{
return(LoginResult.WrongPassword);
}
return(LoginResult.Successful);
}
public new void SetUp()
{
_customerSettings = new CustomerSettings();
_securitySettings = new SecuritySettings()
{
EncryptionKey = "273ece6f97dd844d"
};
_rewardPointsSettings = new RewardPointsSettings()
{
Enabled = false,
};
_encryptionService = new EncryptionService(_securitySettings);
_customerRepo = MockRepository.GenerateMock<IRepository<Customer>>();
var customer1 = new Customer()
{
Username = "******",
Email = "*****@*****.**",
PasswordFormat = PasswordFormat.Hashed,
Active = true
};
string saltKey = _encryptionService.CreateSaltKey(5);
string password = _encryptionService.CreatePasswordHash("password", saltKey);
customer1.PasswordSalt = saltKey;
customer1.Password = password;
AddCustomerToRegisteredRole(customer1);
var customer2 = new Customer()
{
Username = "******",
Email = "*****@*****.**",
PasswordFormat = PasswordFormat.Clear,
Password = "******",
Active = true
};
AddCustomerToRegisteredRole(customer2);
var customer3 = new Customer()
{
Username = "******",
Email = "*****@*****.**",
PasswordFormat = PasswordFormat.Encrypted,
Password = _encryptionService.EncryptText("password"),
Active = true
};
AddCustomerToRegisteredRole(customer3);
var customer4 = new Customer()
{
Username = "******",
Email = "*****@*****.**",
PasswordFormat = PasswordFormat.Clear,
Password = "******",
Active = true
};
AddCustomerToRegisteredRole(customer4);
var customer5 = new Customer()
{
Username = "******",
Email = "*****@*****.**",
PasswordFormat = PasswordFormat.Clear,
Password = "******",
Active = true
};
_eventPublisher = MockRepository.GenerateMock<IEventPublisher>();
_eventPublisher.Expect(x => x.Publish(Arg<object>.Is.Anything));
_customerRepo.Expect(x => x.Table).Return(new List<Customer>() { customer1, customer2, customer3, customer4, customer5 }.AsQueryable());
_customerRoleRepo = MockRepository.GenerateMock<IRepository<CustomerRole>>();
_genericAttributeRepo = MockRepository.GenerateMock<IRepository<GenericAttribute>>();
_genericAttributeService = MockRepository.GenerateMock<IGenericAttributeService>();
_newsLetterSubscriptionService = MockRepository.GenerateMock<INewsLetterSubscriptionService>();
_localizationService = MockRepository.GenerateMock<ILocalizationService>();
_customerService = new CustomerService(new NopNullCache(), _customerRepo, _customerRoleRepo,
_genericAttributeRepo, _genericAttributeService, _eventPublisher, _customerSettings);
_customerRegistrationService = new CustomerRegistrationService(_customerService,
_encryptionService, _newsLetterSubscriptionService, _localizationService,
_rewardPointsSettings, _customerSettings);
}
