Ejemplos de IPwnedPasswordService.IsPasswordPwned en C# (CSharp)

Lenguaje de programación: C# (CSharp)

Método / Función: IsPasswordPwned

Ejemplos en hotexamples.com: 1

C# (CSharp) IPwnedPasswordService.IsPasswordPwned - 1 ejemplos encontrados. Estos son los ejemplos en C# (CSharp) del mundo real mejor valorados de IPwnedPasswordService.IsPasswordPwned extraídos de proyectos de código abierto. Puedes valorar ejemplos para ayudarnos a mejorar la calidad de los ejemplos.

Métodos usados con frecuencia

Mostrar Ocultar

IsPasswordPwnedAsync(3)

GetBreaches(1)

HasPasswordBeenPwned(1)

IsPasswordPwned(1)

Ejemplo n.º 1

Mostrar archivo

Archivo: AccountController.cs Proyecto: maulikk2000/LibraryBuddy

        public async Task <IActionResult> Login(LoginInputModel model, string button)
        {
            if (button != "login")
            {
                // the user clicked the "cancel" button
                var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);

                if (context != null)
                {
                    // if the user cancels, send a result back into IdentityServer as if they
                    // denied the consent (even if this client does not require consent).
                    // this will send back an access denied OIDC error response to the client.
                    await _interaction.GrantConsentAsync(context, ConsentResponse.Denied);

                    // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
                    return(Redirect(model.ReturnUrl));
                }
                else
                {
                    // since we don't have a valid context, then we just go back to the home page
                    return(Redirect("~/"));
                }
            }

            if (ModelState.IsValid)
            {
                //check here if password provided is pwned or not ?
                //if pwd is pwned then show error msg
                var isPwdPwned = await _pwnedPwdService.IsPasswordPwned(model.Password);

                if (isPwdPwned)
                {
                    await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "Pwned Password"));

                    ModelState.AddModelError("", AccountOptions.PasswordPawnedErrorMessage);
                }
                else
                {
                    var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, model.RememberLogin, lockoutOnFailure : true);

                    if (result.Succeeded)
                    {
                        var user = await _userManager.FindByNameAsync(model.Username);

                        await _events.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Id, user.UserName));

                        // make sure the returnUrl is still valid, and if so redirect back to authorize endpoint or a local page
                        // the IsLocalUrl check is only necessary if you want to support additional local pages, otherwise IsValidReturnUrl is more strict
                        if (_interaction.IsValidReturnUrl(model.ReturnUrl) || Url.IsLocalUrl(model.ReturnUrl))
                        {
                            return(Redirect(model.ReturnUrl));
                        }

                        return(Redirect("~/"));
                    }

                    await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials"));

                    ModelState.AddModelError("", AccountOptions.InvalidCredentialsErrorMessage);
                }
            }

            // something went wrong, show form with error
            var vm = await BuildLoginViewModelAsync(model);

            return(View(vm));
        }