public IActionResult LogIn(LogInViewModel logViewModel) { if (ModelState.IsValid) { var password = PasswordEncodingService.GetHashSha256(logViewModel.Password); SQLInjectionProtectionService sQLInjectionProtectionService = new SQLInjectionProtectionService(); if (sQLInjectionProtectionService.HasMaliciousCharacters(logViewModel.UserName)) { ViewData["MaliciousSymbols"] = Constant.MaliciousSymbols; return(View()); } if (db.Accounts.FirstOrDefault(x => x.UserName == logViewModel.UserName && x.Password == password) != null) { var user = db.Accounts.FirstOrDefault(x => x.UserName == logViewModel.UserName && x.Password == password); HttpContext.Session.SetString("CurrentUser", user.UserName); HttpContext.Session.SetString("CurrentUserId", user.Id.ToString()); if (user.Role == Role.Admin) { HttpContext.Session.SetString("CurrentUserIsAdmin", "true"); } else { HttpContext.Session.SetString("CurrentUserIsAdmin", "false"); } return(RedirectToAction("Index", "Home")); } else { ViewData["InvalidUser"] = Constant.LogInInvalidUserCredentialsError; return(View()); } } return(View()); }
public void SetUp() { repository = new UserRepository(new BoengServiceWebSiteContext()); var encoder = new PasswordEncodingService(); user = new User() { Name = "Colin", RegistrationDate = DateTime.UtcNow, Role = 2, Password = encoder.CalculateSHA256("qwerty") }; UserRepository_AddUser(user); }
public byte[] Resolve(UserDto source, User destination, byte[] destMember, ResolutionContext context) { var encoding = new PasswordEncodingService(); byte[] password = null; if (source.Password != null) { password = encoding.CalculateSHA256(source.Password); } return(password); }
public IActionResult Register(AccountViewModel accViewModel) { if (ModelState.IsValid) { SQLInjectionProtectionService sQLInjectionProtectionService = new SQLInjectionProtectionService(); List <string> dataList = new List <string> { accViewModel.UserName, accViewModel.Email, accViewModel.Password, accViewModel.ConfirmPassword }; if (sQLInjectionProtectionService.HasMaliciousCharacters(dataList)) { ViewData["MaliciousSymbols"] = Constant.MaliciousSymbols; return(View()); } if (db.Accounts.FirstOrDefault(x => x.UserName == accViewModel.UserName) != null) { ViewData["UsernameError"] = Constant.UsernameAlreadyExists; } if (db.Accounts.FirstOrDefault(x => x.Email == accViewModel.Email) != null) { ViewData["EmailError"] = Constant.EmailAlreadyExists; } if (ViewData["UsernameError"] != null || ViewData["EmailError"] != null) { return(View()); } int termsCheckBox = Request.Form["TermsCheckBox"].Count; int ageCheckBox = Request.Form["AgeCheckBox"].Count; if (termsCheckBox == 1 && ageCheckBox == 1) { Account account = new Account { UserName = accViewModel.UserName, Password = PasswordEncodingService.GetHashSha256(accViewModel.Password), Email = accViewModel.Email, Role = Role.User }; db.Accounts.Add(account); db.SaveChanges(); this.TempData["SuccessfullyRegistered"] = Constant.SuccessfullyRegistered; return(View()); } else { ViewData["LoginError"] = Constant.LogInError; return(View()); } } return(View()); }
public void UserService_Login_IsNotNull() { //Arrange var userRepository = new Mock <IUserRepository>(); var encoder = new PasswordEncodingService(); userRepository.Setup(a => a.Login(It.Is <string>(s => s == UserDto.Name), It.Is <byte[]>(a => a == newUser.Password))).Returns(newUser); uow = new UnitOfWork(planeRepository.Object, userRepository.Object, planePartRepository.Object); userService = new UserService(uow, new DtoProfile(), passwordEncodingService.Object); //Act var loginUser = userService.Login(UserDto.Name, UserDto.Password); //Assert Assert.IsNotNull(loginUser); Assert.AreEqual(UserDto.Name, loginUser.Name); userRepository.Verify(a => a.Login(It.Is <string>(s => s == UserDto.Name), It.Is <byte[]>(a => a == newUser.Password)), Times.Once()); }
public IActionResult UpdatePassword(ProfileViewModel profileViewModel) { if (ModelState.IsValid) { if (profileViewModel.CurrentPassword == null || profileViewModel.NewPassword == null) { this.TempData["NoDataEntered"] = Constant.NoDataEntered; return(RedirectToAction("Profile")); } else if (profileViewModel.CurrentPassword != null && profileViewModel.NewPassword != null) { var userName = HttpContext.Session.GetString("CurrentUser"); var account = db.Accounts.FirstOrDefault(x => x.UserName == userName); var password = PasswordEncodingService.GetHashSha256(profileViewModel.CurrentPassword); var newPassword = PasswordEncodingService.GetHashSha256(profileViewModel.NewPassword); if (password == newPassword) { this.TempData["MatchingPassword"] = Constant.MatchingPassword; return(RedirectToAction("Profile")); } else if (password == account.Password) { account.Password = PasswordEncodingService.GetHashSha256(profileViewModel.NewPassword); db.SaveChanges(); this.TempData["MadeChangesToPass"] = Constant.MadeChangesToPass; return(RedirectToAction("Profile")); } else { this.TempData["ErrorChanges"] = Constant.ErrorChanges; return(RedirectToAction("Profile")); } } } this.TempData["ErrorComplexity"] = Constant.ErrorComplexity; return(RedirectToAction("Profile")); }
public void SetUp() { encodingService = new PasswordEncodingService(); }