public void InvalidWhenPasswordIsEqualToUsername()
{
// Act
string errorMessage;
bool valid = PasswordComplexity.IsValid("user01", "user01", out errorMessage);
// Assert
Assert.IsFalse(valid);
Assert.AreEqual(DefaultErrorMessages.InvalidPasswordEqualToUserName, errorMessage);
}
public void ValidWhenPasswordIsEqualToUsername()
{
// Act
string errorMessage;
bool valid = PasswordComplexity.IsValid("psswrd", "user01", out errorMessage);
// Assert
Assert.IsTrue(valid);
Assert.IsNull(errorMessage);
}
public string CheckPasswordValidity(string userName, string password)
{
string errorMessage;
if (String.IsNullOrWhiteSpace(userName))
{
userName = _webSecurity.CurrentUserName;
}
PasswordComplexity.IsValid(password, userName, out errorMessage);
return(errorMessage);
}
public int WordsInWordList(PasswordComplexity complexity)
{
if (complexity == PasswordComplexity.Medium)
{
return(_wordCountMedium);
}
else
{
return(_wordCountHigh);
}
}
public static string GeneratePassword(PasswordComplexity complexityLevel)
{
switch (complexityLevel)
{
case PasswordComplexity.Simple: return(GenerateSimplePassword());
case PasswordComplexity.Medium: return(GenerateMediumPassword());
case PasswordComplexity.Strong: return(GenerateStrongPassword());
case PasswordComplexity.Stronger: return(GenerateStrongerPassword());
}
return(null);
}
public ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
// Attempt to register the user
try
{
if (_volunteerSvc.EmailAlreadyInUse(model.Email))
{
throw new PersonAlreadyExistsException();
}
string errorMessage;
if (PasswordComplexity.IsValid(model.Password, model.UserName, out errorMessage))
{
int userId;
string token = _webSecurity.CreateUser(model.UserName, model.Password, new[] { Constants.RoleVolunteer }, out userId);
var volunteer = _volunteerSvc.Register(model.FirstName, model.LastName, model.SelectedOrganizationId, model.Email, model.PhoneNumber, userId);
if (volunteer != null)
{
// Generate the absolute Url for the account activation action.
var routeValues = new RouteValueDictionary {
{ "token", token }
};
var accountActivationLink = Url.Action("ConfirmAccount", "Account", routeValues, Request.Url.Scheme);
var body = String.Format(@"<p>Click on the following link to activate your account: <a href='{0}'>{0}</a></p>", accountActivationLink);
var message = new Message("CrisisCheckin - Activate your account", body);
_messageService.SendMessage(message, volunteer);
}
return(RedirectToAction("RegistrationSuccessful", "Account"));
}
ModelState.AddModelError("Password", errorMessage ?? DefaultErrorMessages.InvalidPasswordFormat);
}
catch (PersonAlreadyExistsException)
{
ModelState.AddModelError("Email", "Email is already in use!");
}
catch (UserCreationException e)
{
ModelState.AddModelError("", e.Message);
}
}
// If we got this far, something failed, redisplay form
model.Organizations = _organizationService.GetActiveList();
return(View(model));
}
private bool ValidatePassword(string password, out string ErrorMessage)
{
var input = password;
ErrorMessage = string.Empty;
PasswordComplexity passwordComplexity = _config.GetSection("passwordComplexity").Get <PasswordComplexity>();
if (string.IsNullOrWhiteSpace(input))
{
ErrorMessage = "Password should not be empty";
return(false);
}
var hasNumber = new Regex(@"[0-9]+");
var hasUpperChar = new Regex(@"[A-Z]+");
var hasMiniMaxChars = new Regex(@".{" + passwordComplexity.MinCharacters + @"," + passwordComplexity.MaxCharacters + @"}");
var hasLowerChar = new Regex(@"[a-z]+");
var hasSymbols = new Regex(@"[!@#$%^&*()_+=\[{\]};:<>|./?,-]");
if (passwordComplexity.HasLowerChar && !hasLowerChar.IsMatch(input))
{
ErrorMessage = "Password should contain At least one lower case letter";
return(false);
}
else if (passwordComplexity.HasUpperChar && !hasUpperChar.IsMatch(input))
{
ErrorMessage = "Password should contain At least one upper case letter";
return(false);
}
else if (!hasMiniMaxChars.IsMatch(input))
{
ErrorMessage = "Password should not be less than " + passwordComplexity.MinCharacters + " or greater than " + passwordComplexity.MaxCharacters + " characters";
return(false);
}
else if (passwordComplexity.HasNumber && !hasNumber.IsMatch(input))
{
ErrorMessage = "Password should contain At least one numeric value";
return(false);
}
else if (passwordComplexity.HasSymbols && !hasSymbols.IsMatch(input))
{
ErrorMessage = "Password should contain At least one special case characters";
return(false);
}
else
{
return(true);
}
}
public string GeneratePassword(int length, PasswordComplexity complexity)
{
switch (complexity)
{
case PasswordComplexity.Medium:
return(genPasswordFromWordlist(_wordlistMedium, length));
case PasswordComplexity.High:
return(genPasswordFromWordlist(_wordlistHigh, length));
default:
return(genPasswordFromWordlist(_wordlistHigh, length));
}
}
public string GeneratePassword(int length, PasswordComplexity complexity)
{
switch (complexity)
{
case PasswordComplexity.Medium:
return(generateMediumComplexityPassword(length));
case PasswordComplexity.High:
return(generateHighComplexityPassword(length));
default:
return(generateHighComplexityPassword(length));
}
}
public override bool IsValid(object value)
{
var stringValue = (string)value;
// Some fields are not required
if (string.IsNullOrWhiteSpace(stringValue))
{
return(true);
}
string errorMessage;
if (!PasswordComplexity.IsValid(stringValue, out errorMessage))
{
ErrorMessage = errorMessage;
return(false);
}
return(true);
}
public ActionResult ChangePassword(ChangePasswordViewModel model)
{
if (ModelState.IsValid)
{
if (_webSecurity.ValidateUser(_webSecurity.CurrentUserName, model.OldPassword))
{
string errorMessage;
if (PasswordComplexity.IsValid(model.NewPassword, _webSecurity.CurrentUserName, out errorMessage))
{
_webSecurity.ChangePassword(_webSecurity.CurrentUserName, model.OldPassword, model.NewPassword);
return(RedirectToAction("PasswordChanged"));
}
ModelState.AddModelError("NewPassword", errorMessage ?? DefaultErrorMessages.InvalidPasswordFormat);
}
else
{
ModelState.AddModelError("OldPassword", "Old password is not correct.");
}
}
return(View("ChangePassword", DetermineLayout(), null));
}
public void Given_a_password_then_when_scored_returns_correct_PasswordComplexity_score(string password, PasswordComplexity expectedScore)
{
var resultScore = (PasswordComplexity)PasswordValidator.PasswordComplexityScore(password);
Assert.AreEqual(expectedScore, resultScore);
}
public void UpdateLabels()
{
samplePasswordLabel.Text = Settings.Password;
passwordComplexetyLabel.Text = Math.Round(PasswordComplexity.CheckPasswordComplexity(Settings.Password, Settings.Alphabet), 2).ToString();
}
public double PotentialCombinations(PasswordComplexity complexity, int words)
{
return(Math.Pow(WordsInWordList(complexity), words) * Math.Pow(_separatorCount, words - 1));
}
