/// <summary> /// Compare if the specified password matches the encrypted password /// </summary> /// <param name="account">Stored acount informagtion.</param> /// <param name="clearTextPassword">Password specified by user.</param> /// <returns> /// true if passwords match; otherwise null /// </returns> public bool Compare(AccountPasswordInfo account, string clearTextPassword) { var clearTextInfo = new AccountPasswordInfo(account.UserName, clearTextPassword) {PasswordSalt = account.PasswordSalt}; var password = Encrypt(clearTextInfo); return account.Password == password; }
/// <summary> /// Encrypt a password /// </summary> /// <param name="account">Account information used to encrypt password</param> /// <returns> /// encrypted password. /// </returns> public string Encrypt(AccountPasswordInfo account) { if (account.PasswordSalt == null) account.PasswordSalt = CreateSalt(10); var saltAndPwd = String.Concat(account.Password, account.PasswordSalt); var bytes = Encoding.Default.GetBytes(saltAndPwd); var sha1 = SHA1.Create(); var computedHash = sha1.ComputeHash(bytes); return Convert.ToBase64String(computedHash); }
/// <summary> /// Compare if the specified password matches the encrypted password /// </summary> /// <param name="account">Stored acount informagtion.</param> /// <param name="clearTextPassword">Password specified by user.</param> /// <returns> /// true if passwords match; otherwise null /// </returns> public bool Compare(AccountPasswordInfo account, string clearTextPassword) { var clearTextInfo = new AccountPasswordInfo(account.UserName, clearTextPassword) { PasswordSalt = account.PasswordSalt }; var password = Encrypt(clearTextInfo); return(account.Password == password); }
//Demander un unique email... e préremplir du provider si Oauth et disponible... (exemple Facebook).. comme il semble faire pour le username (a voir) public IUser CreateOrUpdateUser(IUser user) { if (String.IsNullOrEmpty(user.Name)) { throw new MembershipCreateUserException(MembershipCreateStatus.InvalidUserName); } //if (String.IsNullOrEmpty(user.Password)) throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword); if (String.IsNullOrEmpty(user.Email)) { throw new MembershipCreateUserException(MembershipCreateStatus.InvalidEmail); } if (user.Id.IsNullOrEmpty()) // New user... { if (UserQueries.GetUserNameByEmail(user.Email) != null) { throw new MembershipCreateUserException(MembershipCreateStatus.DuplicateEmail); } if (UserQueries.Get(user.Name) != null) { throw new MembershipCreateUserException(MembershipCreateStatus.DuplicateUserName); } user.CreatedAt = _dateTimeManager.Now(); } if (!user.ThirdPartyAuthenticationUserAccounts.Any() || !user.Password.IsNullOrEmpty()) { try { ValidatePassword(user.Name, user.Password); } catch { // not the smoothest approach, but the best // considering the inconsistent password failure handling. throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword); } } var passwordInfo = new AccountPasswordInfo(user.Name, user.Password); user.Password = PasswordStrategy.Encrypt(passwordInfo); user.PasswordSalt = passwordInfo.PasswordSalt; var status = UserCommands.Register(user); if (status != MembershipCreateStatus.Success) { throw new MembershipCreateUserException(status); } return(user); }
/// <summary> /// Encrypt a password /// </summary> /// <param name="account">Account information used to encrypt password</param> /// <returns> /// encrypted password. /// </returns> public string Encrypt(AccountPasswordInfo account) { if (account.PasswordSalt == null) { account.PasswordSalt = CreateSalt(10); } var saltAndPwd = String.Concat(account.Password, account.PasswordSalt); var bytes = Encoding.Default.GetBytes(saltAndPwd); var sha1 = SHA1.Create(); var computedHash = sha1.ComputeHash(bytes); return(Convert.ToBase64String(computedHash)); }
/// <summary> /// Compare if the specified password matches the encrypted password /// </summary> /// <param name="account">Stored acount informagtion.</param> /// <param name="clearTextPassword">Password specified by user.</param> /// <returns> /// true if passwords match; otherwise null /// </returns> public bool Compare(AccountPasswordInfo account, string clearTextPassword) { return(account.Password.Equals(clearTextPassword)); }
/// <summary> /// Encrypt a password /// </summary> /// <param name="account">Account information used to encrypt password</param> /// <returns> /// encrypted password. /// </returns> public string Encrypt(AccountPasswordInfo account) { return(account.Password); }
/// <summary> /// Compare if the specified password matches the encrypted password /// </summary> /// <param name="account">Stored acount informagtion.</param> /// <param name="clearTextPassword">Password specified by user.</param> /// <returns> /// true if passwords match; otherwise null /// </returns> public bool Compare(AccountPasswordInfo account, string clearTextPassword) { var clear = DecryptString(account.Password, _passphrase.ToString()); return(clearTextPassword == clear); }
/// <summary> /// Encrypt a password /// </summary> /// <param name="account">Account information used to encrypt password</param> /// <returns> /// encrypted password. /// </returns> public string Encrypt(AccountPasswordInfo account) { return(EncryptString(account.Password, _passphrase.ToString())); }
/// <summary> /// Compare if the specified password matches the encrypted password /// </summary> /// <param name="account">Stored acount informagtion.</param> /// <param name="clearTextPassword">Password specified by user.</param> /// <returns> /// true if passwords match; otherwise null /// </returns> public bool Compare(AccountPasswordInfo account, string clearTextPassword) { var clear = DecryptString(account.Password, _passphrase.ToString()); return clearTextPassword == clear; }
/// <summary> /// Encrypt a password /// </summary> /// <param name="account">Account information used to encrypt password</param> /// <returns> /// encrypted password. /// </returns> public string Encrypt(AccountPasswordInfo account) { return EncryptString(account.Password, _passphrase.ToString()); }
/// <summary> /// Compare if the specified password matches the encrypted password /// </summary> /// <param name="account">Stored acount informagtion.</param> /// <param name="clearTextPassword">Password specified by user.</param> /// <returns> /// true if passwords match; otherwise null /// </returns> public bool Compare(AccountPasswordInfo account, string clearTextPassword) { return account.Password.Equals(clearTextPassword); }
/// <summary> /// Encrypt a password /// </summary> /// <param name="account">Account information used to encrypt password</param> /// <returns> /// encrypted password. /// </returns> public string Encrypt(AccountPasswordInfo account) { return account.Password; }