private static bool VerifyPasswordHash(string password, byte[] storedHash, byte[] storedSalt)
{
if (password == null)
{
throw new ArgumentNullException("password");
}
if (string.IsNullOrWhiteSpace(password))
{
throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");
}
if (storedHash.Length != 64)
{
throw new ArgumentException("Invalid length of password hash (64 bytes expected).");
}
if (storedSalt.Length != 128)
{
throw new ArgumentException("Invalid length of password salt (128 bytes expected).");
}
using var hmac = new System.Security.Cryptography.HMACSHA512(storedSalt);
var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
for (int i = 0; i < computedHash.Length; i++)
{
if (computedHash[i] != storedHash[i])
{
return(false);
}
}
hmac.Dispose();
return(true);
}
public static void Initialize(PleyContext context)
{
context.Database.EnsureCreated();
if (!context.Users.Any())
{
var hmac = new System.Security.Cryptography.HMACSHA512();
context.Users.Add(new User {
FirstName = "Olivier",
LastName = "Example",
Email = "*****@*****.**",
CreatedOn = DateTime.Now,
ModifiedOn = DateTime.Now,
Type = UserType.ADMIN,
PasswordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes("password")),
PasswordSalt = hmac.Key
});
hmac.Dispose();
context.SaveChanges();
}
}
public void TaskReturnAUserWhenPasswordCorrect()
{
//Given
var hmac = new System.Security.Cryptography.HMACSHA512();
var password = "******";
var email = "*****@*****.**";
var user = new User {
FirstName = "Alice",
LastName = "Apple",
Email = email,
PasswordSalt = hmac.Key,
PasswordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password))
};
var data = new List <User> {
user
}.AsQueryable();
hmac.Dispose();
var mockSet = new Mock <DbSet <User> >();
mockSet.As <IQueryable <User> >().Setup(m => m.Provider).Returns(data.Provider);
mockSet.As <IQueryable <User> >().Setup(m => m.Expression).Returns(data.Expression);
mockSet.As <IQueryable <User> >().Setup(m => m.ElementType).Returns(data.ElementType);
mockSet.As <IQueryable <User> >().Setup(m => m.GetEnumerator()).Returns(data.GetEnumerator());
var mockContext = new Mock <PleyContext>();
this.mockContext.Setup(m => m.Users).Returns(mockSet.Object);
//When
var correctPassword = svc.Authenticate(email, password);
var incorrectPassword = svc.Authenticate(email, "wrong password");
//Then
Assert.NotNull(correctPassword);
Assert.Null(incorrectPassword);
}
public static void SeedData(DataContext context)
{
var hmac = new System.Security.Cryptography.HMACSHA512();
var hashKey = hmac.Key;
var hashPass = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes("Password"));
if (!context.Weapon_Tbl.Any())
{
var weapons = new List <Weapon>
{
new Weapon
{
Name = "Longsword",
Gold = 100,
MinDamage = 3,
MaxDamage = 5,
MaxDurability = 5
},
new Weapon
{
Name = "Dagger",
Gold = 10,
MinDamage = 1,
MaxDamage = 3,
MaxDurability = 5
}
};
context.Weapon_Tbl.AddRange(weapons);
}
if (!context.Shield_Tbl.Any())
{
var shields = new List <Shield>
{
new Shield
{
Name = "Buckler",
Gold = 100,
ArmorRating = 1,
MaxDurability = 3
},
new Shield
{
Name = "Tower Shield",
Gold = 200,
ArmorRating = 5,
MaxDurability = 5
}
};
context.Shield_Tbl.AddRange(shields);
}
if (!context.Potion_Tbl.Any())
{
var potions = new List <Potion>
{
new Potion
{
Name = "Lesser Healing Potion",
Gold = 10,
Heal = 4
},
new Potion
{
Name = "Healing Potion",
Gold = 20,
Heal = 8
},
new Potion
{
Name = "Greater Healing Potion",
Gold = 35,
Heal = 15
}
};
context.Potion_Tbl.AddRange(potions);
}
if (!context.ItemType_Tbl.Any())
{
var itemTypes = new List <ItemType>
{
new ItemType
{
TypeName = "Weapon"
},
new ItemType
{
TypeName = "Shield"
},
new ItemType
{
TypeName = "Potion"
}
};
context.ItemType_Tbl.AddRange(itemTypes);
}
if (!context.Users_Tbl.Any())
{
var dummyUsers = new List <User>
{
new User
{
Id = Guid.NewGuid(),
Username = "******",
PasswordHash = hashPass,
PasswordSalt = hashKey,
Player = new Player
{
Max_HP = 1,
HP = 1,
XP = 1,
Gold = 1,
Level = 1,
Strength = 1,
Dexterity = 1,
Intelligence = 1,
Items = new List <ItemData>
{
new ItemData
{
TypeReferenceId = 1,
SubTypeReferenceId = 1,
Container = ItemData.ContainerType.Equipment
},
new ItemData
{
TypeReferenceId = 1,
SubTypeReferenceId = 2,
Container = ItemData.ContainerType.Equipment
},
new ItemData
{
TypeReferenceId = 1,
SubTypeReferenceId = 2,
Container = ItemData.ContainerType.Inventory
},
new ItemData
{
TypeReferenceId = 2,
SubTypeReferenceId = 1,
Container = ItemData.ContainerType.Inventory
},
new ItemData
{
TypeReferenceId = 2,
SubTypeReferenceId = 2,
Container = ItemData.ContainerType.Inventory
},
new ItemData
{
TypeReferenceId = 3,
SubTypeReferenceId = 1,
Container = ItemData.ContainerType.Inventory
},
new ItemData
{
TypeReferenceId = 3,
SubTypeReferenceId = 2,
Container = ItemData.ContainerType.Inventory
},
new ItemData
{
TypeReferenceId = 3,
SubTypeReferenceId = 3,
Container = ItemData.ContainerType.Inventory
}
}
}
}
};
context.Users_Tbl.AddRange(dummyUsers);
}
context.SaveChanges();
hmac.Dispose(); // Free up HMAC object
}