private static void HashAllPasswords(UsersRepository usersRepository, HashService hash) { foreach (var user in usersRepository.Users.Where(u => u.Temp == false)) { if (string.IsNullOrEmpty(user.PasswordHash)) { var passwordHash = hash.CreateMD5Hash(user.Password); user.PasswordHash = passwordHash; usersRepository.SaveUser(user); Console.WriteLine(string.Format("Hashed password for {0}", user.Email)); } } }
static void Main(string[] args) { Console.WriteLine("Trackyt.net - upgrade for v.1.0.1.\nHash all user passwords.\n"); try { // repositories var usersRepository = new UsersRepository(); // services var hash = new HashService(); HashAllPasswords(usersRepository, hash); } catch (Exception e) { Console.WriteLine(e.Message); Console.WriteLine(e.StackTrace); } }
public void Should_Return_BadRequest_When_Update_And_Exception_Is_Thrown() { // Arrange var userId = 1; var fakes = new Fakes(); var fakeHttp = fakes.FakeHttpContextAccessor(true).Object; var fakeRepository = fakes.FakeUserRepositoryException().Object; var hashService = new HashService(); var request = new UpdateUserRequest(); var expected = Responses.BadRequestResponse("Test Exception"); // Act var service = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService); var actual = service.Update(userId, request).Result; // Assert Assert.ThrowsAnyAsync <Exception>(() => service.Update(userId, request)); Assert.IsType <Response>(actual); Assert.NotNull(actual); Assert.Equal(expected, actual, new ResponseComparer()); }
private void buttonSave_Click(object sender, EventArgs e) { var oldPassword = textBoxPassword.Text; var newPassword = textBoxNew.Text; var repeatPassword = textBoxRepeat.Text; if (string.IsNullOrEmpty(oldPassword) || string.IsNullOrEmpty(newPassword) || string.IsNullOrEmpty(repeatPassword)) { ErrorMessage("Не все поля заполнены"); return; } if (!_user.Password.Equals(HashService.Md4Hash(oldPassword))) { ErrorMessage("Неверно введен текущий пароль"); return; } if (!newPassword.Equals(repeatPassword)) { ErrorMessage("Пароли не совпадают"); return; } if (_user.PasswordRestriction) { const string reg = @"^[^\s\d]*$"; if (!Regex.IsMatch(newPassword, reg)) { ErrorMessage("Пароль не соответствует ограничению"); return; } } //_user.Password = HashService.Md4Hash(newPassword); _service.UpdatePassword(_user.Name, newPassword); DialogResult = DialogResult.OK; }
public void Should_Return_BadRequest_When_Register_And_Exception_Is_Thrown() { // Arrange var fakes = new Fakes(); var fakeConfig = fakes.FakeConfiguration().Object; var fakeUserRepository = fakes.FakeUserRepositoryException().Object; var tokenService = new TokenService(fakeConfig); var hashService = new HashService(); var request = fakes.Get <RegisterUserRequest>().First(); var expected = Responses.BadRequestResponse("Test Exception"); // Act var service = new AuthService(fakes.Mapper, fakeUserRepository, tokenService, hashService); var actual = service.Register(request).Result; // Assert Assert.ThrowsAnyAsync <Exception>(() => service.Register(request)); Assert.IsType <Response>(actual); Assert.NotNull(actual); Assert.Equal(expected, actual, new ResponseComparer()); }
public async Task <ActionResult <int> > Post([FromBody] UserRequest request) { var user = await _context .Users .AsNoTracking() .FirstOrDefaultAsync(u => u.Username.ToLower() == request.Username.ToLower()); if (user != null) { return(new BadRequestResult()); } var salt = SaltGenerator.MakeSalty(); var hash = await HashService.HashPassword(request.Password, salt); var result = _context.Users.Add(new User { Username = request.Username, Firstname = request.Firstname, Lastname = request.Lastname, Password = hash, Salt = salt, Created = DateTime.UtcNow, }); await _context.SaveChangesAsync(); var roles = await _context.Roles.Where(role => request.Roles.Contains(role.Name)).ToListAsync(); var userRoles = _context.UserRoles.AddRangeAsync(roles.Select(role => new UserRole { UserId = result.Entity.UserId, RoleId = role.RoleId, }).ToArray()); await _context.SaveChangesAsync(); return(result.Entity.UserId); }
public void Setup() { _settings = new PlagiarismSettings() { Threshold = 0.6, Configurations = new List <ComparisonConfig> { new() { SamplingWindow = 6, KGramLength = 3 }, new() { SamplingWindow = 8, KGramLength = 5 } } }; _hashService = new HashService(); _plagiarismService = new PlagiarismService(_settings, _hashService); _functionsToCompare = new List <FunctionAggregate>(new[] { GetFunctionAggregate( "var serviceProvider = new ServiceCollection().AddLogging().BuildServiceProvider();var factory = serviceProvider.GetService<ILoggerFactory>();" ) }); _suspectedFunction = GetFunctionAggregate( "var serviceProvider = new ServiceCollection().AddLogging().BuildServiceProvider();"); }
public void CheckUserPasswordTest() { var email = "*****@*****.**"; var userPass = "******"; var fakeUserVm = GetFakeUser(email); var fakeUser = GetFakeUserViewModel(email); var expected = new UserLoginResult() { Auth = true, User = fakeUserVm }; var fakeConn = new SqlConnection(); var connFactory = Substitute.For <IConnectionFactory>(); connFactory.GetConnection().Returns(fakeConn); var sut = new MemberService(connFactory); var userRepo = Substitute.For <IUserRepository>(); userRepo.GetUserByMail(fakeConn, fakeUserVm.Mail).Returns(fakeUser); sut.SetUserRepository(userRepo); var passRepo = Substitute.For <IPasswordRepository>(); passRepo.FindPasswordByUserId(fakeConn, fakeUserVm.Id).Returns(GetFakePassword()); sut.SetPasswordRepository(passRepo); var hashTool = new HashService(); hashTool.SetAlgList("SHA512,SHA256"); hashTool.SetHashKey("i_am_security_key"); sut.SetHashTool(hashTool); var actual = sut.CheckUserPassword(email, userPass); expected.ToExpectedObject().ShouldEqual(actual); }
public void Should_Return_User_When_GetUserById_With_Owner(int userId) { // Arrange var fakes = new Fakes(); var loggedUserId = userId; var fakeHttp = fakes.FakeHttpContextAccessor(false, loggedUserId).Object; var fakeRepository = fakes.FakeUserRepository().Object; var hashService = new HashService(); var user = fakeRepository.GetById(userId).Result; var response = fakes.Mapper.Map <UserResponse>(user); var expected = Responses.OkResponse(null, response); // Act var service = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService); var actual = service.GetUserById(userId).Result; // Assert Assert.IsType <Response>(actual); Assert.NotNull(actual); Assert.Equal(expected, actual, new UserResponseComparer()); }
public async Task <IActionResult> Autenticar(AuthDTO auth) { // Criptografa a senha do DTO var hashSenha = HashService.GerarHash(auth.Senha); // Autentica o usuário var usuario = await _context .Usuarios .FirstOrDefaultAsync(u => u.Email == auth.Email && u.Senha == hashSenha); if (usuario == null) { return(NotFound()); } // Gera as claims, token de autenticação e refresh token var claims = GerarClaims(usuario); var token = _geradorDeToken.GerarToken(claims); var refresh = _geradorDeToken.GerarRefreshToken(); // Atualiza a tabela de usuários com o novo refresh token + data de expiração await AtualizarUsuario( usuario, refresh, DateTime.Now.AddDays(_config.DaysToRefresh)); // Determina a data de criação e expiração do token e ... var dataCriacao = DateTime.Now; var dataExpiracao = dataCriacao.AddMinutes(_config.MinutesToExpire); // ... retorna o DTO com tudo OK var resultado = GerarTokenDTO( token, refresh, dataCriacao, dataExpiracao); return(Ok(resultado)); }
public void Should_Return_Forbidden_When_Update_Without_Authorization(int userId) { // Arrange var fakes = new Fakes(); var loggedUserId = userId - 1; var fakeHttp = fakes.FakeHttpContextAccessor(false, loggedUserId).Object; var fakeRepository = fakes.FakeUserRepository().Object; var hashService = new HashService(); var request = fakes.Get <UpdateUserRequest>().First(); var expected = Responses.ForbiddenResponse( "Não é possível atualizar informações de outro usuário"); // Act var service = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService); var actual = service.Update(userId, request).Result; // Assert Assert.IsType <Response>(actual); Assert.NotNull(actual); Assert.Equal(expected, actual, new ResponseComparer()); }
public void Should_Return_NotFound_When_Delete_With_An_Incorrect_Id() { // Arrange var logId = 9999; var fakes = new Fakes(); var fakeHttp = fakes.FakeHttpContextAccessor(true).Object; var fakeRepository = fakes.FakeLogRepository().Object; var fakeUserRepository = fakes.FakeUserRepository().Object; var hashService = new HashService(); var userService = new UserService(fakes.Mapper, fakeHttp, fakeUserRepository, hashService); var expected = Responses.NotFoundResponse("Log não encontrado"); // Act var service = new LogService(fakes.Mapper, fakeRepository, userService); var actual = service.Delete(logId).Result; // Assert Assert.IsType <Response>(actual); Assert.NotNull(actual); Assert.Equal(expected, actual, new ResponseComparer()); }
protected string GetHashString(object value) { if (EnableCaching) { if (!_cache4Object2Hash.ContainsKey(value)) { var hash = HashService.GetHashCode(value); TraceService.VerboseFormat(0, "GetHashString() - cold hit, adding value to cache:[{0}] -> [{1}]", new object[] { value, hash }, null); _cache4Object2Hash.Add(value, hash); } else { var hash = _cache4Object2Hash[value]; TraceService.VerboseFormat(0, "GetHashString() - hot hit, returning value from cache:[{0}] -> [{1}]", new object[] { value, hash }, null); } return(_cache4Object2Hash[value]); } else { var hash = HashService.GetHashCode(value); TraceService.VerboseFormat(0, "GetHashString() - hot hit, returning value from cache:[{0}] -> [{1}]", new object[] { value, hash }, null); return(hash); } }
public void CreateNewUser_ApiToken_Created() { // arrange var usersRepository = new Mock <IUsersRepository>(); var forms = new Mock <IFormsAuthentication>(); var hash = new HashService(); var service = new AuthenticationService(usersRepository.Object, forms.Object, hash); var users = new List <User>(); usersRepository.Setup(u => u.Users).Returns(users.AsQueryable()); usersRepository.Setup(u => u.Save(It.IsAny <User>())).Callback((User u) => users.Add(u)); // act service.RegisterNewUser("*****@*****.**", "mypass"); // assert Assert.That(users.Count, Is.GreaterThan(0)); var found = users.Find((u) => u.Email == "*****@*****.**"); Assert.That(found.ApiToken.Length, Is.EqualTo(32)); }
public void Should_Return_Forbidden_When_Delete_Without_Authorization(int logId) { // Arrange var fakes = new Fakes(); var loggedUserId = 0; // Doesn't exist user with id 0 var fakeHttp = fakes.FakeHttpContextAccessor(false, loggedUserId).Object; var fakeRepository = fakes.FakeLogRepository().Object; var fakeUserRepository = fakes.FakeUserRepository().Object; var hashService = new HashService(); var userService = new UserService(fakes.Mapper, fakeHttp, fakeUserRepository, hashService); var expected = Responses.ForbiddenResponse( "Não é possível deletar um log de outro usuário"); // Act var service = new LogService(fakes.Mapper, fakeRepository, userService); var actual = service.Delete(logId).Result; // Assert Assert.IsType <Response>(actual); Assert.NotNull(actual); Assert.Equal(expected, actual, new ResponseComparer()); }
public void Should_Return_Log_When_GetLogById_With_Manager(int logId) { // Arrange var fakes = new Fakes(); var fakeHttp = fakes.FakeHttpContextAccessor(true).Object; var fakeRepository = fakes.FakeLogRepository().Object; var fakeUserRepo = fakes.FakeUserRepository().Object; var hashService = new HashService(); var userService = new UserService(fakes.Mapper, fakeHttp, fakeUserRepo, hashService); var log = fakeRepository.GetById(logId).Result; var response = fakes.Mapper.Map <LogResponse>(log); var expected = Responses.OkResponse(null, response); // Act var service = new LogService(fakes.Mapper, fakeRepository, userService); var actual = service.GetLogById(logId).Result; // Assert Assert.IsType <Response>(actual); Assert.NotNull(actual); Assert.Equal(expected, actual, new LogResponseComparer()); }
public void Should_Return_Forbidden_When_GetArchivedLogsByUserId_Without_Authorization(int userId) { // Arrange var loggedUserId = userId - 1; var fakes = new Fakes(); var fakeHttp = fakes.FakeHttpContextAccessor(false, loggedUserId).Object; var fakeRepository = fakes.FakeLogRepository().Object; var fakeUserRepo = fakes.FakeUserRepository().Object; var hashService = new HashService(); var userService = new UserService(fakes.Mapper, fakeHttp, fakeUserRepo, hashService); var expected = Responses.ForbiddenResponse( "Não é possível obter logs de outro usuário"); // Act var service = new LogService(fakes.Mapper, fakeRepository, userService); var actual = service.GetArchivedLogsByUserId(userId).Result; // Assert Assert.IsType <Response>(actual); Assert.NotNull(actual); Assert.Equal(expected, actual, new ResponseComparer()); }
public void Should_Return_Forbidden_When_Authenticate_With_Incorrect_Password() { // Arrange var fakes = new Fakes(); var fakeConfig = fakes.FakeConfiguration().Object; var fakeUserRepository = fakes.FakeUserRepository().Object; var tokenService = new TokenService(fakeConfig); var hashService = new HashService(); var request = fakes.Get <LoginUserRequest>().First(); request.Password = "******"; // Incorrect password var expected = Responses.ForbiddenResponse("Email ou senha incorretos"); // Act var service = new AuthService(fakes.Mapper, fakeUserRepository, tokenService, hashService); var actual = service.Authenticate(request).Result; // Assert Assert.IsType <Response>(actual); Assert.NotNull(actual); Assert.Equal(expected, actual, new ResponseComparer()); }
public void Should_Return_NotFound_When_Authenticate_With_Incorrect_Email() { // Arrange var fakes = new Fakes(); var fakeConfig = fakes.FakeConfiguration().Object; var fakeUserRepository = fakes.FakeUserRepository().Object; var tokenService = new TokenService(fakeConfig); var hashService = new HashService(); var request = fakes.Get <LoginUserRequest>().First(); request.Email = "*****@*****.**"; // Email that doesn't exists in test data var expected = Responses.NotFoundResponse("Usuário não encontrado"); // Act var service = new AuthService(fakes.Mapper, fakeUserRepository, tokenService, hashService); var actual = service.Authenticate(request).Result; // Assert Assert.IsType <Response>(actual); Assert.NotNull(actual); Assert.Equal(expected, actual, new ResponseComparer()); }
public IHttpResponse PostLogin(IHttpRequest request) { var username = request.FormData["username"].ToString(); var password = request.FormData["password"].ToString(); var hashService = new HashService(); var cookieService = new UserCookieService(); var hashedPassword = hashService.Hash(password); var user = this.Context.Users.FirstOrDefault(u => u.Username == username && u.HashedPassword == hashedPassword); if (user == null) { return(new RedirectResult("/login")); } request.Session.AddParameter("username", username); var userCookieValue = cookieService.GetUserCookie(username); request.Cookies.Add(new HttpCookie("IRunes_auth", userCookieValue)); return(new RedirectResult("home/index")); }
protected void Page_Load(object sender, EventArgs e) { var usuario = Session["UsuarioLogueado"] as Usuario; if (usuario.Tipo != UsuarioTipo.WebMaster.ToString()) { Response.Redirect("Login.aspx"); } var logsServices = new LogServices(); var logs = logsServices.Get(); var hashServices = new HashService(); foreach (var log in logs) { var hash = hashServices.Hash(log.Tipo + log.Fecha + log.Email + log.Descripcion); if (hash != log.Digito) { log.Corrompido = true; } } GridView.DataSource = logs; GridView.DataBind(); }
public async Task Validate <TEntity>(DigitoVerificadorTablasEnum tabla) where TEntity : Verificable, IEntityToDb, new() { (await new GenericRepository <TEntity>().GetAsync()) .Success(async x => { var hasService = new HashService(); var codigoVerificador = hasService.Hash(string.Join("", x.Select(s => hasService.Hash(s.Hash)))); var digitoVerificadorRepository = new GenericRepository <DigitoVerificadorVertical>(); (await digitoVerificadorRepository.GetAsync( new Parameters().Add(nameof(tabla), tabla.ToString()))) .Success(async verificadorVertical => { var valid = verificadorVertical.First(); valid.Digito = codigoVerificador; await digitoVerificadorRepository.UpdateDataAsync(valid); }) .Error(async erros => { await digitoVerificadorRepository.InsertDataAsync(new DigitoVerificadorVertical(codigoVerificador, DigitoVerificadorTablasEnum.Concursos)); }); }); }
public void Should_Return_BadRequest_When_Get_And_An_Error_Happens() { // Arrange var fakes = new Fakes(); var fakeHttp = fakes.FakeHttpContextAccessor(true).Object; var fakeRepository = fakes.FakeUserRepositoryException().Object; var hashService = new HashService(); var userService = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService); // Act var controller = new UserController(fakes.Mapper, userService); var actual = controller.Get(); // Assert Assert.NotNull(actual); Assert.IsType <ObjectResult>(actual.Result); var result = actual.Result as ObjectResult; Assert.NotNull(result.Value); Assert.Equal(400, result.StatusCode); // Bad Request Assert.IsType <Response>(result.Value); }
public void Should_Return_Forbidden_When_Get_Without_Manager() { // Arrange var fakes = new Fakes(); var fakeHttp = fakes.FakeHttpContextAccessor().Object; var fakeRepository = fakes.FakeUserRepository().Object; var hashService = new HashService(); var userService = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService); // Act var controller = new UserController(fakes.Mapper, userService); var actual = controller.Get(); // Assert Assert.NotNull(actual); Assert.IsType <ObjectResult>(actual.Result); var result = actual.Result as ObjectResult; Assert.NotNull(result.Value); Assert.Equal(403, result.StatusCode); // Forbidden Assert.IsType <Response>(result.Value); }
public static IServiceCollection AddDefaultModelsToStorage(this IServiceCollection services, IConfiguration config) { var hashService = new HashService(); var storage = new Storage(config.GetConnectionString("DbConnection")); var roleRepository = storage.GetRepository <IRoleRepository>(); var userRepository = storage.GetRepository <IUserRepository>(); if (!roleRepository.Any()) { roleRepository.CreateAsync(new Role() { Name = roleRepository.DefaultUserRole }); roleRepository.CreateAsync(new Role() { Name = roleRepository.DefaultAdminRole }); storage.Save(); } var adminData = config.GetSection("Admin"); if (!userRepository.Any()) { userRepository.CreateAsync(new User() { Nickname = adminData.GetValue <string>("Nickname"), Email = adminData.GetValue <string>("Email"), Password = Encoding.UTF8.GetString(hashService.GetHash(adminData.GetValue <string>("Password"))), Role = roleRepository.GetAsync(roleRepository.DefaultAdminRole).Result }).Wait(); storage.Save(); } return(services); }
public ActionResult CreateUser([Bind(Include = "IdEmployee,LoginUser,PasswordUser")] Employee employee) { Employee emp = db.Employee.Find(employee.IdEmployee); int idUser = (int)Session["idUser"]; int idCompany = (int)Session["idCompany"]; using (var trans = db.Database.BeginTransaction()) { try { Log log = new Log { Who = idUser, EmployeeId = employee.IdEmployee, New = "[CL]", //CREATE LOGIN, CompanyId = emp.CompanyId }; emp.LoginUser = employee.LoginUser; emp.PasswordUser = HashService.HashPassword(employee.PasswordUser); db.SaveChanges(); db.Log.Add(log); db.SaveChanges(); trans.Commit(); TempData["confirm"] = "USER CREATED SUCCESSFU"; return(RedirectToAction("Index")); } catch { trans.Rollback(); ViewBag.error = "ERROR 500, TRAY AGAIN, IF THE ERROR PERSIST CONTACT THE SYSTEM SUPPLIER"; return(View(employee)); } } }
private async Task <Response <bool> > CallVarificables <TEntity>(DigitoVerificadorTablasEnum tabla, Func <DigitoVerificadorVertical, string, Task <Response <bool> > > successCall, Func <List <string>, Task <Response <bool> > > errorCall ) where TEntity : Verificable, IEntityToDb, new() { var returnValue = Response <bool> .Ok(true); (await new GenericRepository <TEntity>().GetAsync()) .Success2(async x => { var hasService = new HashService(); var codigoVerificador = hasService.Hash(string.Join("", x.Select(s => hasService.Hash(s.Hash)))); var digitoVerificadorRepository = new GenericRepository <DigitoVerificadorVertical>(); returnValue = (await digitoVerificadorRepository.GetAsync( new Parameters().Add(nameof(tabla), tabla.ToString()))) .Success(async verificadorVertical => { return(await successCall(verificadorVertical.First(), codigoVerificador)); }) .Error(async errors => { await errorCall(errors); }); return(returnValue); }); return(returnValue); }
public void Should_Return_Ok_When_GetUserById_With_Owner() { // Arrange var userId = 1; var fakes = new Fakes(); var fakeHttp = fakes.FakeHttpContextAccessor(false, userId).Object; var fakeRepository = fakes.FakeUserRepository().Object; var hashService = new HashService(); var userService = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService); // Act var controller = new UserController(fakes.Mapper, userService); var actual = controller.GetUserById(userId); // Assert Assert.NotNull(actual); Assert.IsType <ObjectResult>(actual.Result); var result = actual.Result as ObjectResult; Assert.NotNull(result.Value); Assert.Equal(200, result.StatusCode); // Ok Assert.IsType <Response>(result.Value); }
public void Should_Return_NotFound_When_Delete_With_An_Incorrect_Id() { // Arrange var userId = 999; var fakes = new Fakes(); var fakeHttp = fakes.FakeHttpContextAccessor(true).Object; var fakeRepository = fakes.FakeUserRepository().Object; var hashService = new HashService(); var userService = new UserService(fakes.Mapper, fakeHttp, fakeRepository, hashService); // Act var controller = new UserController(fakes.Mapper, userService); var actual = controller.Delete(userId); // Assert Assert.NotNull(actual); Assert.IsType <ObjectResult>(actual.Result); var result = actual.Result as ObjectResult; Assert.NotNull(result.Value); Assert.Equal(404, result.StatusCode); // Not Found Assert.IsType <Response>(result.Value); }
string ComputeHash(IDictionary <string, Tuple <PropertyInfo, object> > properties) { StringBuilder hashSet = new StringBuilder(); IHashService service = HashService.GetInstance(); foreach (KeyValuePair <string, Tuple <PropertyInfo, object> > kvp in properties) { object value = kvp.Value.Item2; if (value == null) { continue; } string hashValue = Convert.ToString(value); hashSet.AppendLine(service.ComputeHashValue(hashValue)); } //Merkel tree??? string accumulatedHash = service.ComputeHashValue(hashSet.ToString()); return(accumulatedHash); }
public async Task <ActionResult <int> > ResetPassword(int id, [FromBody] UserResetPasswordRequest request) { var user = await _context .Users .AsNoTracking() .FirstOrDefaultAsync(u => u.UserId == id); if (user != null) { var salt = SaltGenerator.MakeSalty(); var newHash = await HashService.HashPassword(request.Password, salt); var newUser = user with { Password = newHash, Salt = salt }; _context.Users.Update(newUser); await _context.SaveChangesAsync(); return(new OkResult()); } return(new BadRequestResult()); }
public void CreateNewStudent_NewStudent_NewStudentCreated() { //Arrange PersonVM modelTest = new PersonVM() { LastName = "Green", FirstMidName = "Harry", Login = "******", Password = "******", ConfirmPassword = "******", Role = "student" }; //Ceci rend le test dependant de la methode GenerateSHA256String(string inputString) de la Classe HashService string passwordTest = HashService.GenerateSHA256String(modelTest.Password); //Act authenticationBusinessToTest.CreateNewStudent(modelTest); Student student = DBUtils.db.Students.SingleOrDefault(s => s.LastName == "Green" && s.FirstMidName == "Harry" && s.Login == "login1" && s.Password == passwordTest); //Assert Assert.IsNotNull(student); }