public IActionResult LogIn(LogInViewModel logViewModel)
{
if (ModelState.IsValid)
{
var password = PasswordEncodingService.GetHashSha256(logViewModel.Password);
SQLInjectionProtectionService sQLInjectionProtectionService = new SQLInjectionProtectionService();
if (sQLInjectionProtectionService.HasMaliciousCharacters(logViewModel.UserName))
{
ViewData["MaliciousSymbols"] = Constant.MaliciousSymbols;
return(View());
}
if (db.Accounts.FirstOrDefault(x => x.UserName == logViewModel.UserName && x.Password == password) != null)
{
var user = db.Accounts.FirstOrDefault(x => x.UserName == logViewModel.UserName && x.Password == password);
HttpContext.Session.SetString("CurrentUser", user.UserName);
HttpContext.Session.SetString("CurrentUserId", user.Id.ToString());
if (user.Role == Role.Admin)
{
HttpContext.Session.SetString("CurrentUserIsAdmin", "true");
}
else
{
HttpContext.Session.SetString("CurrentUserIsAdmin", "false");
}
return(RedirectToAction("Index", "Home"));
}
else
{
ViewData["InvalidUser"] = Constant.LogInInvalidUserCredentialsError;
return(View());
}
}
return(View());
}
public void SetUp()
{
repository = new UserRepository(new BoengServiceWebSiteContext());
var encoder = new PasswordEncodingService();
user = new User()
{
Name = "Colin", RegistrationDate = DateTime.UtcNow, Role = 2, Password = encoder.CalculateSHA256("qwerty")
};
UserRepository_AddUser(user);
}
public byte[] Resolve(UserDto source, User destination, byte[] destMember, ResolutionContext context)
{
var encoding = new PasswordEncodingService();
byte[] password = null;
if (source.Password != null)
{
password = encoding.CalculateSHA256(source.Password);
}
return(password);
}
public IActionResult Register(AccountViewModel accViewModel)
{
if (ModelState.IsValid)
{
SQLInjectionProtectionService sQLInjectionProtectionService = new SQLInjectionProtectionService();
List <string> dataList = new List <string> {
accViewModel.UserName, accViewModel.Email, accViewModel.Password, accViewModel.ConfirmPassword
};
if (sQLInjectionProtectionService.HasMaliciousCharacters(dataList))
{
ViewData["MaliciousSymbols"] = Constant.MaliciousSymbols;
return(View());
}
if (db.Accounts.FirstOrDefault(x => x.UserName == accViewModel.UserName) != null)
{
ViewData["UsernameError"] = Constant.UsernameAlreadyExists;
}
if (db.Accounts.FirstOrDefault(x => x.Email == accViewModel.Email) != null)
{
ViewData["EmailError"] = Constant.EmailAlreadyExists;
}
if (ViewData["UsernameError"] != null || ViewData["EmailError"] != null)
{
return(View());
}
int termsCheckBox = Request.Form["TermsCheckBox"].Count;
int ageCheckBox = Request.Form["AgeCheckBox"].Count;
if (termsCheckBox == 1 && ageCheckBox == 1)
{
Account account = new Account
{
UserName = accViewModel.UserName,
Password = PasswordEncodingService.GetHashSha256(accViewModel.Password),
Email = accViewModel.Email,
Role = Role.User
};
db.Accounts.Add(account);
db.SaveChanges();
this.TempData["SuccessfullyRegistered"] = Constant.SuccessfullyRegistered;
return(View());
}
else
{
ViewData["LoginError"] = Constant.LogInError;
return(View());
}
}
return(View());
}
public void UserService_Login_IsNotNull()
{
//Arrange
var userRepository = new Mock <IUserRepository>();
var encoder = new PasswordEncodingService();
userRepository.Setup(a => a.Login(It.Is <string>(s => s == UserDto.Name), It.Is <byte[]>(a => a == newUser.Password))).Returns(newUser);
uow = new UnitOfWork(planeRepository.Object, userRepository.Object, planePartRepository.Object);
userService = new UserService(uow, new DtoProfile(), passwordEncodingService.Object);
//Act
var loginUser = userService.Login(UserDto.Name, UserDto.Password);
//Assert
Assert.IsNotNull(loginUser);
Assert.AreEqual(UserDto.Name, loginUser.Name);
userRepository.Verify(a => a.Login(It.Is <string>(s => s == UserDto.Name), It.Is <byte[]>(a => a == newUser.Password)), Times.Once());
}
public IActionResult UpdatePassword(ProfileViewModel profileViewModel)
{
if (ModelState.IsValid)
{
if (profileViewModel.CurrentPassword == null || profileViewModel.NewPassword == null)
{
this.TempData["NoDataEntered"] = Constant.NoDataEntered;
return(RedirectToAction("Profile"));
}
else if (profileViewModel.CurrentPassword != null && profileViewModel.NewPassword != null)
{
var userName = HttpContext.Session.GetString("CurrentUser");
var account = db.Accounts.FirstOrDefault(x => x.UserName == userName);
var password = PasswordEncodingService.GetHashSha256(profileViewModel.CurrentPassword);
var newPassword = PasswordEncodingService.GetHashSha256(profileViewModel.NewPassword);
if (password == newPassword)
{
this.TempData["MatchingPassword"] = Constant.MatchingPassword;
return(RedirectToAction("Profile"));
}
else if (password == account.Password)
{
account.Password = PasswordEncodingService.GetHashSha256(profileViewModel.NewPassword);
db.SaveChanges();
this.TempData["MadeChangesToPass"] = Constant.MadeChangesToPass;
return(RedirectToAction("Profile"));
}
else
{
this.TempData["ErrorChanges"] = Constant.ErrorChanges;
return(RedirectToAction("Profile"));
}
}
}
this.TempData["ErrorComplexity"] = Constant.ErrorComplexity;
return(RedirectToAction("Profile"));
}
public void SetUp()
{
encodingService = new PasswordEncodingService();
}
