private void Default_OK_Click(object sender, EventArgs e)
{
if (F_OAuth_TB_Password.Text != F_OAuth_TB_Password2.Text)
{
return;
}
if (F_OAuth_L_Password.Text == String.Empty || F_OAuth_TB_Password2.Text == String.Empty)
{
return;
}
PasswordManager pwManager = new PasswordManager();
PasswordHasher hasher = new PasswordHasher();
string password = hasher.GetHashedPassword(F_OAuth_TB_Password.Text);
if (!hasher.CheckPassword(F_OAuth_TB_Password.Text, password))
{
return;
}
_settings.AddOrChangeKeyValue("OAuthPassword", password);
_settings.AddOrChangeKeyValue("OauthKey", pwManager.EncryptPassword(F_OAuth_TB_Key.Text, F_OAuth_TB_Password.Text));
_settings.AddOrChangeKeyValue("OAuthSecret", pwManager.EncryptPassword(F_OAuth_TB_Secret.Text, F_OAuth_TB_Password.Text));
_settings.Save();
_g2g = true;
this.Close();
}
private bool CheckPassword(User user, string password)
{
// check the hashed password with the one supplied in database with salt
if (user is not null)
{
return(PasswordHasher.CheckPassword(password, user.Salt, user.Password));
}
return(false);
}
public void Hasher_Met_Salt_Twee_Keer_Hetzelfde()
{
string password = "******";
string first = PassHash.HashWithSalt(password);
string key = PassHash.Key;
var result = PassHash.CheckPassword(password, key);
Assert.Equal(first, result);
}
public void CheckPassword_ShouldReturnTrue()
{
string hashedPassword = "******";
string password = "******";
string salt = "1234";
bool result = PasswordHasher.CheckPassword(password, salt, hashedPassword);
Assert.IsTrue(result);
}
private User GetUserByCustomCriteriaWithPassword(string criteriaName, string customQuery, string criteria, string password,
Action <IDatabaseCommand, string> commandSetup, bool usePassword = true)
{
User user = null;
_logger.Info(string.Format("Start retrieving user by {0}", criteriaName));
try
{
using (var con = new DatabaseConnection(DatabaseType.PostgreSql, GetConnectionString()))
{
using (var cmd = con.CreateCommand())
{
cmd.CommandType = CommandType.Text;
cmd.CommandText = customQuery;
commandSetup(cmd, criteria);
using (var reader = cmd.ExecuteReader())
{
user = reader.Read() ? CreateValueFromReader(reader) : null;
if (user != null)
{
var userPassword = user.Password;
user.Password = string.Empty;
if (usePassword)
{
var salt = reader.GetString("USRSLT");
if (!PasswordHasher.CheckPassword(password + salt, userPassword))
{
user = null;
}
}
}
}
}
}
_logger.Info(string.Format("End retrieving user by {0} : {1}", criteriaName, (user != null ? "Success" : "Failure")));
}
catch (Exception ex)
{
throw new ImportExportException("Error occured during database access " + ex.Message, ex);
}
return(user);
}
public UserDTO Login(string username, string password)
{
var result = dbContext.Users
.Include(u => u.CurrentSubject)
.Include(u => u.UsersSubjects)
.ThenInclude(us => us.Subject)
.FirstOrDefault(u => u.Username == username && Convert.ToBoolean(u.IsActive));
if (result == null)
{
return(null);
}
if (PasswordHasher.CheckPassword(result.Password, password))
{
return(new UserDTO
{
Id = result.Id,
Name = result.Name,
// TODO
Subject = result.CurrentSubject != null ?
new SubjectDTO {
Id = result.CurrentSubject.Id, Name = result.CurrentSubject.Name
}
: new SubjectDTO {
Id = 1, Name = "Test"
},
Username = result.Username,
Email = result.Email,
IsAdmin = Convert.ToBoolean(result.IsAdmin),
IsActive = Convert.ToBoolean(result.IsActive),
Subjects = new ObservableCollection <SubjectDTO>(result.UsersSubjects.Select(us => new SubjectDTO
{
Id = us.SubjectId,
Name = us.Subject.Name
})),
ProfilePicture = result.ProfilePicture
});
}
return(null);
}
private void Default_Send_Click(object sender, EventArgs e)
{
if (F_ReportBug_TB_Title.Text == String.Empty || F_ReportBug_TB_Content.Text == String.Empty)
{
return;
}
PasswordHasher hasher = new PasswordHasher();
string key = _settings.GetValue("OauthKey");
string secret = _settings.GetValue("OAuthSecret");
if (key == string.Empty || secret == string.Empty)
{
F_OAuth OAuthEntry = new F_OAuth(_settings);
OAuthEntry.ShowDialog();
if (!OAuthEntry.GoodToGO)
{
return;
}
key = _settings.GetValue("OauthKey");
secret = _settings.GetValue("OAuthSecret");
}
F_Password passwordForm = new F_Password();
passwordForm.ShowDialog();
string realPassword = _settings.GetValue("OAuthPassword");
if (!hasher.CheckPassword(passwordForm.Password, realPassword))
{
MessageBox.Show(CentralLanguage.LanguageManager.GetText("Message_Wrong_Password_Text"), CentralLanguage.LanguageManager.GetText("Message_Wrong_Password_Title"), MessageBoxButtons.OK, MessageBoxIcon.Error);
return;
}
RepositoryData repository = new RepositoryData("XanatosX", "modulartoolmanager");
PasswordManager pwManager = new PasswordManager();
OAuth authentication = new OAuth(pwManager.DecryptPassword(key, passwordForm.Password), pwManager.DecryptPassword(secret, passwordForm.Password));
if (authentication.ResponseData == null)
{
return;
}
Issue issue = new Issue(repository, authentication.ResponseData);
HashSet <FileInfo> files = GetFiles();
List <string> uploadFiles = new List <string>();
foreach (FileInfo fi in files)
{
if (!File.Exists(fi.FullName))
{
continue;
}
uploadFiles.Add(fi.FullName);
}
string UploadWindowTitle = CentralLanguage.LanguageManager.GetText("Message_Upload_Status_Title");
if (issue.CreateIssue(new IssueCreateData(F_ReportBug_TB_Title.Text, F_ReportBug_TB_Content.Text, _curPriority, _curKind), uploadFiles.ToArray()))
{
MessageBox.Show(CentralLanguage.LanguageManager.GetText("Message_Upload_Status_Succeded"), UploadWindowTitle, MessageBoxButtons.OK, MessageBoxIcon.Information);
this.Close();
return;
}
MessageBox.Show(CentralLanguage.LanguageManager.GetText("Message_Upload_Status_Failed"), UploadWindowTitle, MessageBoxButtons.OK, MessageBoxIcon.Error);
}
public User Authenticate(string username, string password)
{
return(databaseContext.Users.FirstOrDefault(u => u.Username == username && hasher.CheckPassword(username, password, u.Password)));
}
public void GetHashedPasswordNoSaltTest()
{
string myPassword = "******";
string hashedPassword = hasher.GetHashedPassword(myPassword);
Assert.IsTrue(hasher.CheckPassword(myPassword, hashedPassword));
}
