private void Default_OK_Click(object sender, EventArgs e)
{
if (F_OAuth_TB_Password.Text != F_OAuth_TB_Password2.Text)
{
return;
}
if (F_OAuth_L_Password.Text == String.Empty || F_OAuth_TB_Password2.Text == String.Empty)
{
return;
}
PasswordManager pwManager = new PasswordManager();
PasswordHasher hasher = new PasswordHasher();
string password = hasher.GetHashedPassword(F_OAuth_TB_Password.Text);
if (!hasher.CheckPassword(F_OAuth_TB_Password.Text, password))
{
return;
}
_settings.AddOrChangeKeyValue("OAuthPassword", password);
_settings.AddOrChangeKeyValue("OauthKey", pwManager.EncryptPassword(F_OAuth_TB_Key.Text, F_OAuth_TB_Password.Text));
_settings.AddOrChangeKeyValue("OAuthSecret", pwManager.EncryptPassword(F_OAuth_TB_Secret.Text, F_OAuth_TB_Password.Text));
_settings.Save();
_g2g = true;
this.Close();
}
protected override void Seed(LogAppDbContext context)
{
IPasswordManager encryptor = new PasswordManager();
User admin = new User()
{
Login = "******"
};
string hashedPassword = encryptor.EncryptPassword("ZST_LogApp");
string salt = encryptor.GenerateSalt();
admin.Password = encryptor.EncryptPassword(hashedPassword, salt);
admin.Salt = salt;
context.Users.Add(admin);
context.SaveChanges();
}
public static System.Tuple <Model.AuthUser, bool> GetAuthenticatedUser(string loginId, string loginPassword)
{
Model.AuthUser user = null;
bool operationResult = false;
using (SqlConnection cn = DBHelper.MakeConnection())
{
SqlCommand cmd = new SqlCommand("uspSelectByUserId_tblUserMaster", cn);
cmd.CommandType = System.Data.CommandType.StoredProcedure;
cmd.Parameters.AddWithValue("@userEmail", loginId);
cn.Open();
SqlDataReader rdr = cmd.ExecuteReader();
if (rdr.HasRows)
{
if (rdr.Read())
{
user = new Model.UserMasterModel()
{
UserNo = System.Convert.ToInt32(rdr["userNO"]),
userName = rdr["userName"] as string,
UserProfileName = rdr["userProfileName"] as string,
Password = rdr["userPasswd"] as string,
UserType = rdr["userType"] as string,
UserStatus = (Model.UserStatusType)System.Convert.ToInt16(rdr["userStatus"])
};
int sKey = System.Convert.ToInt32(rdr["serverKey"]);
cn.Close();
string encryptedLoginPassword = PasswordManager.EncryptPassword(loginPassword, (short)sKey);
operationResult = user.Password.Equals(encryptedLoginPassword);
}
}
return(new System.Tuple <Model.AuthUser, bool>(user, operationResult));
}
}
public async Task <RegisterUserResult> ExecuteAsync()
{
var result = new RegisterUserResult();
// 1. Is the email already registered?
try
{
var checkUser = await _ctx.Users.FirstOrDefaultAsync(
u => u.Email == _cmd.UserRegistration.Email
);
if (checkUser != null)
{
result.Message = $"A user with an email address of { _cmd.UserRegistration.Email } already exists.";
return(result);
}
}
catch (Exception)
{
result.Message = "Error registering new user";
return(result);
}
// 2. Create hashed passwords
byte[] hash, salt;
try
{
PasswordManager.EncryptPassword(_cmd.UserRegistration.Password, out hash, out salt);
}
catch (Exception)
{
result.Message = "Error registering new user";
return(result);
}
// 3. Save the new user
try
{
var user = new UserEntity
{
Name = _cmd.UserRegistration.Name,
Email = _cmd.UserRegistration.Email,
PasswordHash = hash,
PasswordSalt = salt
};
await _ctx.Users.AddAsync(user);
await _ctx.SaveChangesAsync();
result.UserId = user.Id;
result.IsSuccess = true;
return(result);
}
catch (Exception)
{
result.Message = "Error registering new user";
return(result);
}
}
public void EncryptDecryptPasswordTest()
{
string password = "******";
string initialData = "Some text to encrypt";
string cryptData = manager.EncryptPassword(initialData, password);
string afterConvert = manager.DecryptPassword(cryptData, password);
Assert.AreEqual(initialData, afterConvert);
}
public void AddUser(string username, string password)
{
lock (syncRootAddUser)
{
var user = databaseCachedUsers.Where(u => u.user_name == username).FirstOrDefault();
if (user == null)
{
user = new User()
{
user_name = username
};
string hashedPassword = passwordManager.EncryptPassword(password);
string salt = passwordManager.GenerateSalt();
user.hash = passwordManager.EncryptPassword(hashedPassword, salt);
user.salt = salt;
context.User.Add(user);
context.SaveChanges();
databaseCachedUsers = context.User.ToList();
}
}
}
public void EncryptPassword_WithExistingFile_OverwritesOriginalFile()
{
var fileSystem = new MockFileSystemBuilder()
.WithFile(@"C:\password-store\password_1", "password_1_content")
.Build();
var passwordDirectory = new MockDirectoryInfo(fileSystem, passwordStorePath);
var passwordManager = new PasswordManager(passwordDirectory, new FakeCryptoService(fileSystem), Mock.Of <IRecipientFinder>(), new PasswordFileParser(new UsernameDetectionConfig()));
var newPassword = CreateDecryptedPassword(fileSystem, @"C:\password-store\password_1", "new_content");
passwordManager.EncryptPassword(newPassword);
fileSystem.File.ReadAllText(@"C:\password-store\password_1").ShouldBe("new_content");
}
public void EncryptPassword_ReturnsSamePasswordFileAsProvided()
{
var fileSystem = new MockFileSystemBuilder()
.WithFile(@"C:\password-store\password_1", "password_1_content")
.Build();
var passwordDirectory = new MockDirectoryInfo(fileSystem, passwordStorePath);
var passwordManager = new PasswordManager(passwordDirectory, new FakeCryptoService(fileSystem), Mock.Of <IRecipientFinder>(), new PasswordFileParser(new UsernameDetectionConfig()));
var newPassword = CreateDecryptedPassword(fileSystem, @"C:\password-store\new_password", "password_content");
var encrypted = passwordManager.EncryptPassword(newPassword);
encrypted.ShouldSatisfyAllConditions(
() => encrypted.FileNameWithoutExtension.ShouldBe(newPassword.FileNameWithoutExtension),
() => encrypted.FullPath.ShouldBe(newPassword.FullPath),
() => encrypted.PasswordStore.FullName.ShouldBe(newPassword.PasswordStore.FullName)
);
}
