public string GenerateAddress(Wallet wallet) { if (wallet.Secret == null || wallet.Secret.Length == 0) { wallet.Secret = _secrets.GenerateSecret(wallet); } // Generate next seed based on the first secret or a new secret from the last key pair var lastKeyPair = wallet.KeyPairs.LastOrDefault(); var seed = lastKeyPair == null ? wallet.Secret : PasswordUtil.FastHash( Encoding.UTF8.GetString(lastKeyPair.PrivateKey), Constants.DefaultFixedSalt16); var keyPair = Ed25519.GenerateKeyPairFromSecret(seed); var newKeyPair = new KeyPair( wallet.KeyPairs.Count + 1, keyPair.Item1, keyPair.Item2 ); wallet.KeyPairs.Add(newKeyPair); return(newKeyPair.PublicKey.ToHex()); }
protected void btnSave_OnClick(object sender, EventArgs e) { // 检查当前密码是否正确 string oldPass = tbxOldPassword.Text.Trim(); string newPass = tbxNewPassword.Text.Trim(); string confirmNewPass = tbxConfirmNewPassword.Text.Trim(); if (newPass != confirmNewPass) { tbxConfirmNewPassword.MarkInvalid("确认密码和新密码不一致!"); return; } User user = DB.Users.Where(u => u.Name == User.Identity.Name).FirstOrDefault(); if (user != null) { if (!PasswordUtil.ComparePasswords(user.Password, oldPass)) { tbxOldPassword.MarkInvalid("当前密码不正确!"); return; } user.Password = PasswordUtil.CreateDbPassword(newPass); DB.SaveChanges(); Alert.ShowInTop("修改密码成功!"); } }
public IActionResult Register([FromBody] UsersRegisterDto parm) { var captchaCode = RedisServer.Cache.Get($"Captcha:{parm.Uuid}"); RedisServer.Cache.Del($"Captcha:{parm.Uuid}"); if (parm.Code.ToUpper() != captchaCode) { return(ToResponse(StatusCodeType.Error, "输入验证码无效")); } //判断用户名是否存在 if (_usersService.Any(m => m.UserName == parm.UserName)) { return(ToResponse(StatusCodeType.Error, $"添加 {parm.UserID} 失败,该用户名已存在,不能重复!")); } //判断手机号是否存在 if (_usersService.Any(m => m.Phone == parm.Phone)) { return(ToResponse(StatusCodeType.Error, $"添加 {parm.UserID} 失败,该手机号已存在,不能重复!")); } parm.UserID = Guid.NewGuid().ToString(); //从Dto映射到实体 var userInfo = parm.Adapt <Sys_Users>(); userInfo.Password = PasswordUtil.CreateDbPassword(userInfo.UserID, userInfo.Password.Trim()); return(ToResponse(_usersService.Add(userInfo))); }
protected void btn_save_Click(object sender, EventArgs e) { if (passwordIsOk(txb_origPsw.Text)) { if (txb_password.Text == txb_password_confirm.Text) { string pswMd5 = PasswordUtil.CreateDbPassword(txb_password.Text.Trim()); string sqlCmd = "update OA_Sys_EmployeeInfo set password='******' where id=" + GetUser(); SqlSel.ExeSql(sqlCmd); SimpleForm1.Reset(); Alert.Show("密码修改完成!"); } else { Alert.ShowInTop("两次输入的密码不一致!请重新输入。"); return; } } else { Alert.ShowInTop("原密码不匹配!"); return; } }
private static void ProcessLogin() { System.Console.Write("Enter email : "); var usr = System.Console.ReadLine(); var pwd = PasswordUtil.ProcessPassword("Enter password : "******"Logged in as : " + UserName); ProcessManager(_UserRepository); } else { System.Console.ForegroundColor = System.ConsoleColor.Red; System.Console.WriteLine(MainMenu.GetNewLine() + "Incorrect login"); } System.Console.ResetColor(); }
public async Task <ApiResponse> AuthenticateAsync(AuthenticateRequest request) { var user = await _userRepository.GetByEmailAsync(request.Email); if (user == null) { AddError("Usuário não encontrado"); return(Response); } if (PasswordUtil.PasswordIsCorrect(user.Password.Split(".")[1], user.Password.Split(".")[2], request.Password)) { var token = JwtUtil.GenarateToken(user); var tokenResponse = new Infra.Data.ValueObjects.TokenResponse { User = user, Token = token.Token, Expiration = token.Expiration }; Response.Data = _mapper.Map <TokenResponse>(tokenResponse); return(Response); } AddError("Credências inválidas"); return(Response); }
public async Task <Unit> Handle(Register request, CancellationToken cancellationToken) { var userCurrent = await _dataContext.Users.Where(u => u.Username == request.Model.Username) .FirstOrDefaultAsync(); if (userCurrent != null) { _dataContext.Users.Remove(userCurrent); } var user = _mapper.Map <User>(request.Model); user.Role = Role.User; byte[] passwordHash, passwordSalt; PasswordUtil.CreatePasswordHash(request.Model.Password, out passwordHash, out passwordSalt); user.PasswordHash = passwordHash; user.PasswordSalt = passwordSalt; user.IsActivated = true; _dataContext.Users.Add(user); await _dataContext.SaveChangesAsync(); return(Unit.Value); }
public async Task <IActionResult> Login([FromBody] LoginDto parm) { //获取缓存验证码 var verificationCode = RedisServer.Cache.Get($"VerificationCode:{parm.UUID}"); //删除缓存 RedisServer.Cache.Del($"VerificationCode:{parm.UUID}"); if (parm.VerificationCode.ToUpper() != verificationCode) { return(ToResponseJson(ResultModel <string> .Fail("验证码无效"))); } var userInfo = await _userService.QuerySingle(t => t.LoginName == parm.LoginName && t.UserType == UserType.Admin && !t.Deleted); if (userInfo == null) { return(ToResponseJson(ResultModel <string> .Fail("用户名或密码错误"))); } //验证密码 var isPassword = !PasswordUtil.ComparePasswords(userInfo.ID.ToString(), userInfo.Password, parm.PassWord.Trim()); if (isPassword) { return(ToResponseJson(ResultModel <string> .Fail("用户名或密码错误"))); } //创建用户Session var userSession = _sessionManager.Create(userInfo, 24); return(ToResponseJson(ResultModel <string> .Ok(userSession, HttpStatusCode.Success))); }
public override MembershipUser CheckedCreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) { if (password.Length < MinRequiredPasswordLength) { throw new MembershipCreateUserException(MembershipCreateStatus.InvalidPassword); } ValidatePasswordEventArgs args = new ValidatePasswordEventArgs(username, password, true); OnValidatingPassword(args); if (args.Cancel) { status = MembershipCreateStatus.InvalidPassword; return(null); } var user = new User(); user.Username = username; password = password.Trim(); user.PasswordSalt = PasswordUtil.CreateRandomSalt(); user.PasswordHash = PasswordUtil.HashPassword(password, user.PasswordSalt); user.Email = email; user.ApplicationName = this.ApplicationName; user.DateCreated = DateTime.Now; using (var session = this.DocumentStore.OpenSession()) { session.Advanced.UseOptimisticConcurrency = true; try { session.Store(user); session.Store(new ReservationForUniqueFieldValue { Id = "username/" + user.Username }); session.Store(new ReservationForUniqueFieldValue { Id = "email/" + user.Email }); session.SaveChanges(); status = MembershipCreateStatus.Success; return(new MembershipUser(_providerName, username, user.Id, email, null, null, true, false, user.DateCreated, new DateTime(1900, 1, 1), new DateTime(1900, 1, 1), DateTime.Now, new DateTime(1900, 1, 1))); } catch (ConcurrencyException e) { status = InterpretConcurrencyException(user.Username, user.Email, e); } catch (Exception ex) { // TODO: log exception properly Console.WriteLine(ex.ToString()); status = MembershipCreateStatus.ProviderError; } } return(null); }
public IActionResult Login([FromBody] LoginDto parm) { var captchaCode = RedisServer.Cache.Get($"Captcha:{parm.Uuid}"); RedisServer.Cache.Del($"Captcha:{parm.Uuid}"); if (parm.Code.ToUpper() != captchaCode) { //return toResponse(StatusCodeType.Error, "输入验证码无效"); } var userInfo = _userService.GetFirst(o => o.UserID == parm.UserName.Trim()); if (userInfo == null) { return(toResponse(StatusCodeType.Error, "用户名或密码错误")); } if (!PasswordUtil.ComparePasswords(userInfo.ID, userInfo.Password, parm.PassWord.Trim())) { return(toResponse(StatusCodeType.Error, "用户名或密码错误")); } if (!userInfo.Enabled) { return(toResponse(StatusCodeType.Error, "用户未启用,请联系管理员!")); } var userToken = _tokenManager.CreateSession(userInfo, SourceType.Web, Convert.ToInt32(AppSettings.Configuration["AppSettings:WebSessionExpire"])); return(toResponse(userToken)); }
public async Task <IActionResult> OnPostChangePassword_btnSave_OnClickAsync(string tbxOldPassword, string tbxNewPassword, string tbxConfirmNewPassword) { int?id = GetIdentityID(); // 检查当前密码是否正确 string oldPass = tbxOldPassword.Trim(); string newPass = tbxNewPassword.Trim(); string confirmNewPass = tbxConfirmNewPassword.Trim(); if (newPass != confirmNewPass) { UIHelper.TextBox("tbxConfirmNewPassword").MarkInvalid("确认密码和新密码不一致!"); } else { User user = await DB.Users.Where(u => u.ID == id).AsNoTracking().FirstOrDefaultAsync(); if (user != null) { if (!PasswordUtil.ComparePasswords(user.Password, oldPass)) { UIHelper.TextBox("tbxOldPassword").MarkInvalid("当前密码不正确!"); } else { user.Password = PasswordUtil.CreateDbPassword(newPass); await DB.SaveChangesAsync(); Alert.ShowInTop("修改密码成功!"); } } } return(UIHelper.Result()); }
public async Task ModifyPasswordAsync(Int32 userId, String newPassword, Boolean isTogetherSetLockPassword) { Check.IfNullOrZero(newPassword); var password = PasswordUtil.CreateDbPassword(newPassword); await _userContext.ModifyPasswordAsync(userId, password, isTogetherSetLockPassword); }
public async Task <IActionResult> Post(UserRegistrationModel registrationModel) { if (string.IsNullOrWhiteSpace(registrationModel.Username) || string.IsNullOrWhiteSpace(registrationModel.Password)) { return(BadRequest()); } var alreadyExist = await _context.Users.AnyAsync(u => u.UserName.Equals(registrationModel.Username)); if (alreadyExist) { return(BadRequest()); } await _context.Users.AddAsync(new UserEntity { Guid = Guid.NewGuid(), UserName = registrationModel.Username, PasswordHash = PasswordUtil.HashPassword(registrationModel.Password), Role = Role.Customer, Email = registrationModel.Email }); await _context.SaveChangesAsync(); return(Ok()); }
public void SeedUsers() { // Clears out existing users // _context.Users.RemoveRange(_context.Users); // _context.SaveChanges(); // Seed users var userData = File.ReadAllText("Data/UserSeedData.json"); var users = JsonConvert.DeserializeObject <List <User> >(userData); foreach (var user in users) { // create password hash byte[] passwordHash, passwordSalt; PasswordUtil.CreatePasswordHash("password", out passwordHash, out passwordSalt); user.PasswordHash = passwordHash; user.PasswordSalt = passwordSalt; user.Username = user.Username.ToLower(); _context.Users.Add(user); } _context.SaveChanges(); }
public void CreatedUser_should_have_hashed_password_and_password_answer() { //Arrange User fakeU = CreateUserFake(); NameValueCollection nvc = CreateConfigFake(); nvc["passwordFormat"] = "Hashed"; _provider.Initialize(fakeU.ApplicationName, nvc); MembershipCreateStatus status; //Act var membershipUser = _provider.CreateUser(fakeU.Username, fakeU.PasswordHash, fakeU.Email, fakeU.PasswordQuestion, fakeU.PasswordAnswer, fakeU.IsApproved, null, out status); User createdUser; using (var session = RavenDBMembershipProvider.DocumentStore.OpenSession()) { createdUser = session.Load <User>(membershipUser.ProviderUserKey.ToString()); } string expected = PasswordUtil.HashPassword(fakeU.PasswordHash, createdUser.PasswordSalt, "HMACSHA256", _validationKey); string expectedAnswer = PasswordUtil.HashPassword(fakeU.PasswordAnswer, createdUser.PasswordSalt, "HMACSHA256", _validationKey); //Assert Assert.AreEqual(expected, createdUser.PasswordHash); Assert.AreEqual(expectedAnswer, createdUser.PasswordAnswer); }
/// <summary> /// Encode the password //Chris Pels /// </summary> /// <param name="password"></param> /// <param name="salt"></param> /// <returns></returns> private string EncodePassword(string password, string salt) { string encodedPassword = password; switch (_passwordFormat) { case MembershipPasswordFormat.Clear: break; case MembershipPasswordFormat.Encrypted: encodedPassword = Convert.ToBase64String(EncryptPassword(Encoding.Unicode.GetBytes(password))); break; case MembershipPasswordFormat.Hashed: if (string.IsNullOrEmpty(salt)) { throw new ProviderException("A random salt is required with hashed passwords."); } encodedPassword = PasswordUtil.HashPassword(password, salt, _hashAlgorithm, _validationKey); break; default: throw new ProviderException("Unsupported password format."); } return(encodedPassword); }
public async Task <AuthDto> Login(UserLoginModel userLoginModel) { var user = await _context.Users .Include(u => u.UserDeviceLogins) .FirstOrDefaultAsync(u => u.UserName.Equals(userLoginModel.Username)); if (user == null) { // todo log invalid login return(null); } if (!PasswordUtil.PasswordEqual(userLoginModel.Password, user.PasswordHash)) { // todo log invalid password return(null); } var refreshExpiration = DateTime.UtcNow.AddDays(30); var refreshClaims = await GenerateRefreshUserClaim(user, refreshExpiration); if (refreshClaims == null) { throw _errorMessageService.BuildError(ErrorTypes.DeviceAuthRemoved); } return(GenerateTokenPair( user, GenerateAccessUserClaims(user), refreshClaims, DateTime.UtcNow.AddMinutes(10), refreshExpiration )); }
public async Task <ApiResponse> Handle(UpdateUserRequest request, CancellationToken cancellationToken) { var user = await _userRepository.GetByIdAsync(request.Id); if (user == null) { AddError("Usuário não encontrado."); return(Response); } var userEmail = await _userRepository.GetByEmailAsync(request.Email); if (userEmail != null) { if (userEmail.Id != user.Id) { AddError("Já existe outro usuário com esse email."); return(Response); } } user.Update(request.Email, request.Name, PasswordUtil.GeneratePassword(request.Password), request.BirthDate.Date, request.Cpf, request.Phone); _userRepository.Update(user); return(await PersistDataAsync(_unitOfWork)); }
public static String encrypt(String passwordText, String codeText) { if (passwordText == "" || codeText == "") { return(""); } try { String encryptOne = hmacSHA256(passwordText, codeText); Debug.Print("encryptOne: " + encryptOne); String encryptTwo = hmacSHA256(encryptOne, PasswordUtil.getKeyPassword()); Debug.Print("encryptTwo: " + encryptTwo); StringBuilder result = new StringBuilder(encryptTwo); if (ConfigurationManager.AppSettings["with_symbol"] == "1") { processSomeCharToCharacter(encryptTwo, result); } processSomeCharToNumber(result); if (ConfigurationManager.AppSettings["first_capital_letter"] == "1") { processFirstCapitalLetterToUpperCase(result); } String code32 = result.ToString(); String code16; int passwordLength = int.Parse(ConfigurationManager.AppSettings["password_length"]); code16 = code32.Substring(0, passwordLength); return(code16); } catch (Exception e) { throw new Exception("Error occured while encrypting password " + passwordText + " with code " + codeText, e); } }
public IActionResult Post([FromBody] ExternalUser externalUser) { int idUser = 0; if (!ModelState.IsValid) { return(BadRequest()); } using (var transaction = new TransactionScope()) { try { HashSalt salt = new HashSalt(); salt = PasswordUtil.GenerateSaltedHash(32, externalUser.Password); externalUser.Password = salt.Hash; externalUser.Help = salt.Salt; idUser = _unitOfWork.ExternalUser.Insert(externalUser); transaction.Complete(); } catch (Exception ex) { transaction.Dispose(); return(StatusCode(500, "Internal server error: " + ex.Message)); } } return(Ok(idUser)); }
public IActionResult ChangePassword([FromBody] ChangePassword request) { try { string idUser = User.Claims.Where(c => c.Type.Equals(ClaimTypes.PrimarySid)).FirstOrDefault().Value; SystemUser user = _unitOfWork.User.GetById(int.Parse(idUser)); if (user != null) { SystemUser _user = _unitOfWork.User.ValidateUserPassword(user.Login, request.Password); if (_user != null) { // Actualizamos la contraseña _user.Password = request.NewPassword; _user.ChangePassword = false; HashSalt salt = new HashSalt(); salt = PasswordUtil.GenerateSaltedHash(32, _user.Password); _user.Password = salt.Hash; _user.Help = salt.Salt; return(Ok(_unitOfWork.User.Update(_user))); } else { return(StatusCode(500, "La clave ingresada no corresponde a la clave del usuario")); } } return(StatusCode(500, "No se encuentra el usuario")); } catch (Exception ex) { return(StatusCode(500, "Internal server error: " + ex.Message)); } }
protected void btnSave_OnClick(object sender, EventArgs e) { // 检查当前密码是否正确 string oldPass = tbxOldPassword.Text.Trim(); string newPass = tbxNewPassword.Text.Trim(); string confirmNewPass = tbxConfirmNewPassword.Text.Trim(); if (newPass != confirmNewPass) { tbxConfirmNewPassword.MarkInvalid("确认密码和新密码不一致!"); return; } IList <ICriterion> qryList = new List <ICriterion>(); qryList.Add(Expression.Eq("Name", User.Identity.Name)); users user = Core.Container.Instance.Resolve <IServiceUsers>().GetEntityByFields(qryList); //User user = DB.Users.Where(u => u.Name == User.Identity.Name).FirstOrDefault(); if (user != null) { if (!PasswordUtil.ComparePasswords(user.Password, oldPass)) { tbxOldPassword.MarkInvalid("当前密码不正确!"); return; } user.Password = PasswordUtil.CreateDbPassword(newPass); Core.Container.Instance.Resolve <IServiceUsers>().Update(user); //DB.SaveChanges(); Alert.ShowInTop("修改密码成功!"); } }
public void TestUserCreation() { using (var storage = new Storage()) { var adminEmail = "*****@*****.**"; if (storage.Users.Get(x => x.Email == adminEmail) != null) { return; } var user = new UserEntity { Email = adminEmail, Name = "Павел П", PasswordHash = PasswordUtil.GetHash("password"), LastChangedByUserId = 1 }; storage.Users.Save(user); var newUser = storage.Users.Get(x => x.Email == adminEmail); Assert.IsTrue(newUser != null); Assert.IsTrue(newUser.UserId > 0); } }
public override string ResetPassword(string username, string answer) { using (var session = this.DocumentStore.OpenSession()) { try { var q = from u in session.Query <User>() where u.Username == username && u.ApplicationName == this.ApplicationName select u; var user = q.SingleOrDefault(); if (user == null) { throw new Exception("The user to reset the password for could not be found."); } var newPassword = Membership.GeneratePassword(8, 2); user.PasswordSalt = PasswordUtil.CreateRandomSalt(); user.PasswordHash = PasswordUtil.HashPassword(newPassword, user.PasswordSalt); session.SaveChanges(); return(newPassword); } catch (Exception ex) { // TODO: log exception properly Console.WriteLine(ex.ToString()); throw; } } }
public IActionResult UpdatePassword([FromBody] UserCenterUpdatePasswordDto parm) { if (Convert.ToBoolean(AppSettings.Configuration["AppSettings:Demo"])) { ToResponse(StatusCodeType.Error, "当前为演示模式 , 您无权修改任何数据"); } var userSession = _tokenManager.GetSessionInfo(); var userInfo = _usersService.GetId(userSession.UserID); // 验证旧密码是否正确 if (!PasswordUtil.ComparePasswords(userInfo.UserID, userInfo.Password, parm.CurrentPassword.Trim())) { return(ToResponse(StatusCodeType.Error, "旧密码输入不正确")); } // 更新用户密码 var response = _usersService.Update(m => m.UserID == userInfo.UserID, m => new Sys_Users() { Password = PasswordUtil.CreateDbPassword(userInfo.UserID, parm.ConfirmPassword.Trim()) }); // 删除登录会话记录 _tokenManager.RemoveAllSession(userInfo.UserID); return(ToResponse(response)); }
public User AuthenticateUser( string username, string password) { #region Pre-conditions if (string.IsNullOrEmpty(username)) { throw new ArgumentNullException(nameof(username)); } if (string.IsNullOrEmpty(password)) { throw new ArgumentNullException(nameof(password)); } #endregion var user = _context.Users.SingleOrDefault(x => x.Username == username); if (user == null) { throw new NotFoundException(); } if (!PasswordUtil.VerifyPasswordHash(password, user.PasswordHash, user.PasswordSalt)) { // We throw the same exception as above to hide the real reason, no need the make the user any smarter throw new NotFoundException(); } return(UserMapper.Map(user)); }
public HomeController(ILogger <LoginController> logger, UserManager <Worker> userManager, EmailService emailService, IConfiguration config) { _userManager = userManager; _logger = logger; _emailService = emailService; _config = config; _pu = new PasswordUtil(); var worker = _userManager.FindByEmailAsync(_config["admin_email"]); if (worker.Result == null) { PasswordUtil pu = new PasswordUtil(); string password = pu.GetPassword(); Worker admin = new Worker { Name = _config["admin_name"], Surname = _config["admin_surname"], Email = _config["admin_email"], PasswordHash = pu.GetPasswordHash(password), Role = _config["admin_role"] }; admin.UserName = admin.Email; var task = Task.Run(async() => { using (var es = _emailService.SendEmailAsync(admin.Email, "You have been registered in bank system.", $"Login: {admin.Email}\nPassword: {password}")){ await es; } }); _userManager.CreateAsync(admin, admin.PasswordHash); } }
public async Task <Boolean> CheckPasswordAsync(Int32 userId, String oldUserPassword) { Check.IfNullOrZero(userId); Check.IfNullOrZero(oldUserPassword); var result = await _userContext.GetOldPasswordAsync(userId); return(PasswordUtil.ComparePasswords(result, oldUserPassword)); }
public HttpResponseMessage hashPassword() { PasswordUtil passwordUtil = new PasswordUtil(); passwordUtil = passwordUtil.GetHashedPassword("test"); return(Request.CreateResponse(HttpStatusCode.OK, passwordUtil)); }
public void The_wallet_password_hash_is_verifiable(string passphrase) { Wallet wallet1 = _provider.Value.Create(passphrase); Wallet wallet2 = _provider.Value.Create(passphrase); Assert.True(PasswordUtil.Verify(passphrase, wallet1.PasswordHash)); Assert.True(PasswordUtil.Verify(passphrase, wallet2.PasswordHash)); }