public ActionResult SaveData(UserDetails userDetails) { ScryptEncoder encode = new ScryptEncoder(); UserDetailsContext context = new UserDetailsContext(); if (!ModelState.IsValid) { return(View("Index", userDetails)); } UserDetails userExistence = context.UserDetails.SingleOrDefault(x => x.Email == userDetails.Email); if (userExistence == null) { ViewBag.UserAlreadyExists = "User Does Not Exists"; return(View("Index")); } else if (!encode.Compare(userDetails.Password, userExistence.Password)) { ViewBag.UserAlreadyExists = "Incorrect Password"; return(View("Index")); } else if (encode.Compare(userDetails.Password, userExistence.Password)) { Session["UserId"] = userExistence.Id; Session["Email"] = userExistence.Email; Session["UserName"] = userExistence.UserName; ViewBag.msg = userExistence.UserName; return(RedirectToAction("Main", "Home")); } return(View("Index")); }
public ActionResult Login(LoginViewModel user) { ScryptEncoder encode = new ScryptEncoder(); FixesAppContext context = new FixesAppContext(); if (!ModelState.IsValid) { // return Content("call"); return(View("Login", user)); } var userExistence = context.Worker.SingleOrDefault(x => x.MobileNumber == user.MobileNumber); if (userExistence == null) { ViewBag.usernotexist = "User Does Not Exists"; return(View("Login")); } else if (!encode.Compare(user.Password, userExistence.Password)) { ViewBag.incorrectpassword = "******"; return(View("Login")); } else if (encode.Compare(user.Password, userExistence.Password)) { Session["workerId"] = userExistence.WorkerId; // ViewBag.msg = userExistence.UserName; Session["Mobile"] = user.MobileNumber; return(RedirectToAction("Main", "Worker")); } return(View("Login")); }
public void TestCompare() { var encoder = new ScryptEncoder(); var hashedPassword = encoder.Encode("MyPassword"); Assert.True(encoder.Compare("MyPassword", hashedPassword)); Assert.False(encoder.Compare("WrongPassword", hashedPassword)); }
public void TestBackwardCompatibility() { var encoder = new ScryptEncoder(); var hashedPassword = "******"; Assert.True(encoder.Compare("MyPassword", hashedPassword)); hashedPassword = "******"; Assert.True(encoder.Compare("MyPassword", hashedPassword)); }
public bool ValidateUser(string email, string pass) { try { var u = myDb.Yoga_User.Where(x => x.U_Email == email).Single(); bool isValidCustomer = encoder.Compare(pass, u.U_Password); return(isValidCustomer); } catch { return(false); } }
public ActionResult CambiarContraseñaUsers(Password changePass) { if (ModelState.IsValid) { ScryptEncoder encoder = new ScryptEncoder(); Usuarios usuarios = db.Usuarios.Find(changePass.idU); bool Validar = encoder.Compare(changePass.oldPass, usuarios.hash_password); if (Validar) { usuarios.hash_password = encoder.Encode(changePass.newPass); db.Entry(usuarios).State = EntityState.Modified; db.SaveChanges(); TempData["Success"] = "¡Contraseña modificada, por favor ingrese nuevamente!"; return(RedirectToAction("Cerrar", "Acceso")); } else { ViewBag.Error = "¡Las contraseñas no coinciden!"; return(View()); } } ViewBag.Error = "¡Ha ocurrido un error, intenta nuevamente!"; return(View()); }
public ActionResult Login(UserModel model) { ScryptEncoder encoder = new ScryptEncoder(); try { var validUser = GetUser(model.UserName); if (validUser == null) { ViewBag.result = "User email or password is invaild."; return(View()); } bool isValidUser = encoder.Compare(model.UserPassword, validUser.UserPassword); if (isValidUser) { Session["userName"] = validUser.UserName; return(RedirectToAction("Index", "Home")); } else { ViewBag.result = "User email or password is invaild."; return(View()); } } catch (Exception e) { ViewBag.Result = e.Message; return(View()); } }
public ActionResult ChangePassword(string username, string currentPass, string newPass, string confirmPass) { if (username == null || currentPass == null || newPass == null || confirmPass == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } if (newPass != confirmPass) { TempData["Error"] = "Confirmation password does not match!"; return(RedirectToAction("ChangePassword")); } ScryptEncoder encoder = new ScryptEncoder(); var user = db.Users.Find(username); bool isValidPass = encoder.Compare(currentPass, user.Password); if (!isValidPass) { TempData["Error"] = "Current password is incorrect!"; return(RedirectToAction("ChangePassword")); } user.Password = encoder.Encode(newPass); if (db.SaveChanges() > 0) { TempData["SuccessMess"] = "Update successful"; } return(RedirectToAction("ChangePassword")); }
public IActionResult LoginUser([FromBody] LoginCredentials credentials) { var user = _dbCtx.UserAccounts.Where(x => x.AppUserName.Equals(credentials.Username)).FirstOrDefault(); var response = new AuthResponse(); if (user == null) { response.ResponseMessage = "Username is Incorrect or non-existent"; return(new UnauthorizedObjectResult(response)); } if (!_scryptHasher.Compare(credentials.Password, user.UserPassword)) { response.ResponseMessage = "Password is Incorrect"; return(new UnauthorizedObjectResult(response)); } var token = _tokenManager.IssueToken(user); if (token.Equals("")) { response.ResponseMessage = "Failed to generate Authentication token"; return(new NotFoundObjectResult(response)); } response.ResponseMessage = "Successful Login"; response.ResponseToken = token; return(new OkObjectResult(response)); }
public ActionResult Login(Users user) { // Note : Username and Password are same ScryptEncoder encoder = new ScryptEncoder(); // Find the user valid or not, and also check the role is admin or not var acc = AllUsers.CheckUser(user.Username, Roles.Admin); if (acc != null) { bool areEquals = false; // Compare what u typed with the hashed password which are saved inside the database areEquals = encoder.Compare(user.Password, acc.Password); // Check the password correct or not if (areEquals != false) { // After Login, i created two session to store id and username Session["AdminID"] = acc.ID; Session["Username"] = acc.Username; return(RedirectToAction("Users")); } else { ViewbagError("Invalid Username or Password"); } return(View()); } else { ViewbagError("Invalid Username or Password"); } return(View()); }
/// <inheritdoc /> public PasswordVerificationResult VerifyHashedPassword(TUser user, string hashedPassword, string providedPassword) { // check inputs if (string.IsNullOrEmpty(hashedPassword)) { throw new ArgumentException(nameof(hashedPassword)); } if (string.IsNullOrEmpty(providedPassword)) { throw new ArgumentException(nameof(providedPassword)); } // check password ScryptEncoder encoder = new ScryptEncoder(); bool isValid = encoder.Compare(providedPassword, hashedPassword); // return PasswordVerificationResult based on result of check if (isValid) { return(PasswordVerificationResult.Success); } return(PasswordVerificationResult.Failed); }
public ActionResult Login(Users model) { ScryptEncoder encoder = new ScryptEncoder(); string serviceUrl = string.Format("http://localhost:61866/EmployeeDetails.svc/GetUsers"); byte[] _data = proxy.DownloadData(serviceUrl); Stream _stream = new MemoryStream(_data); StreamReader reader = new StreamReader(_stream); string result = reader.ReadToEnd(); users = JsonConvert.DeserializeObject <List <Users> >(result); var Users = users.AsQueryable(); var ValidUser = (from c in users where c.UserName.Equals(model.UserName) select c).SingleOrDefault(); if (ValidUser == null) { ModelState.AddModelError("", "invalid Username or Password"); return(View()); } bool isValidUser = encoder.Compare(model.Password, ValidUser.Password); if (isValidUser) { FormsAuthentication.SetAuthCookie(model.UserName, false); return(RedirectToAction("Index", "Home")); } else { ViewBag.Error = "Username or password is invalid"; return(RedirectToAction("Login")); } }
public ActionResult Login(Admin admin) { ViewBag.msg1 = admin.PasswordUs; if (String.IsNullOrEmpty(admin.UserNameUs) || String.IsNullOrEmpty(admin.PasswordUs)) { return(View()); } ScryptEncoder encoder = new ScryptEncoder(); var valid = (from c in db.Admins where c.UserNameUs.Equals(admin.UserNameUs) select c).SingleOrDefault(); if (db.Admins.All(x => x.UserNameUs != admin.UserNameUs)) { ViewBag.Message1 = "The username " + admin.UserNameUs + " does not exists"; return(View()); } bool isvalid = encoder.Compare(admin.PasswordUs, valid.PasswordUs); if (valid != null && isvalid == true) { Session["IdUsSS"] = admin.IdUs.ToString(); Session["UserNameSS"] = admin.UserNameUs.ToString(); return(RedirectToAction("LoginInfo", "Home")); } else if (admin.PasswordUs.Length < 6) { return(View()); } else { ViewBag.Message1 = "Wrong Username or Password"; } return(View()); }
public ActionResult ChangePassword(string username, string currentPass, string newPass, string confirmPass) { if (username == null || currentPass == null || newPass == null || confirmPass == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } ScryptEncoder encoder = new ScryptEncoder(); var user = db.Users.Find(username); bool isValidPass = encoder.Compare(currentPass, user.Password); if (!isValidPass) { TempData["Current_Pass_Fail"] = true; return(RedirectToAction("Index")); } if (newPass != confirmPass) { TempData["Password_Not_Match"] = true; return(RedirectToAction("Index")); } user.Password = encoder.Encode(newPass); if (db.SaveChanges() > 0) { TempData["Notice_Save_Success"] = true; } return(RedirectToAction("Index")); }
public ActionResult Logine(Employee_Login employee_Login) { ViewBag.msg1 = employee_Login.password; ScryptEncoder encoder = new ScryptEncoder(); if (String.IsNullOrEmpty(employee_Login.id) || String.IsNullOrEmpty(employee_Login.password)) { return(View()); } else if (db.Employee_Login.All(x => x.id != employee_Login.id)) { ViewBag.Notification1 = "This employee id " + employee_Login.id + " does not exists"; return(View()); } var valid = (from c in db.Employee_Login where c.id.Equals(employee_Login.id) select c).SingleOrDefault(); var checkLogin = db.Employee_Login.Where(x => x.id.Equals(employee_Login.id)).FirstOrDefault(); bool isvalid = encoder.Compare(employee_Login.password, valid.password); if (checkLogin != null && isvalid == true) { Session["IdUsSS1"] = employee_Login.id.ToString(); //TempData["mydata"] =Session["IdUsSS1"]; return(RedirectToAction("emphome", "Home")); } else if (employee_Login.password.Length < 6) { return(View()); } else { ViewBag.Notification1 = "Incorrect Id or Password"; } return(View()); }
public bool VerifyPassword(string password, string hashedPassword) { ScryptEncoder encoder = new ScryptEncoder(); bool result = encoder.Compare(password, hashedPassword); return(result); }
public async Task <IActionResult> Login(string username, string password) { try { ScryptEncoder scryptEncoder = new ScryptEncoder(); usernameStatic = username; var admin = await _context.Admins.Where(x => x.AdminName.Equals(username)).FirstOrDefaultAsync(); bool isAdmin = scryptEncoder.Compare(password, admin.AdminHash); if (isAdmin == true) { HttpContext.Session.SetString("LoggedInAdmin", admin.AdminId.ToString()); return(View("Dashboard")); } else { ViewBag.Error = "Username and password do not match!"; return(View()); } } catch (Exception ex) { ViewBag.Error = ex.Message; return(View()); } }
public bool VerifyPasswordHash(string password, [NotNull] byte[] storedHash) { var hashString = Encoding.UTF8.GetString(storedHash); var encoder = new ScryptEncoder(); return(encoder.Compare(password, hashString)); }
public PasswordVerificationResult VerifyHashedPassword(ApplicationUser user, string hashedPassword, string providedPassword) { if (_encoder.Compare(providedPassword, hashedPassword)) { return(PasswordVerificationResult.Success); } return(PasswordVerificationResult.Failed); }
public bool IsHashValid(string currentInput, string hashedInputWithSalt) { string saltString = hashedInputWithSalt.Substring(0, hashedInputWithSalt.Length - hashLength); string hashString = hashedInputWithSalt.Substring(hashedInputWithSalt.Length - hashLength, hashLength); ScryptEncoder encoder = new ScryptEncoder(16384, 8, 1); return(encoder.Compare(saltString + currentInput, hashString)); }
/// <inheritdoc/> public override bool Compare(string hash) { if (digest != null) { return(digest.Equals(hash)); } ScryptEncoder scrypt = new ScryptEncoder(65536, 8, 1, ISecureRandomProvider.rngCryptoService); return(scrypt.Compare(input, hash)); }
public bool Authenticate() { string ipAddress = this.GetIPAddress(); string getCount = @"SELECT COUNT(id) FROM [dbo].[User] WHERE [username] = @username"; int count = Convert.ToInt32(Database.Scalar(getCount, new System.Collections.Generic.Dictionary <string, object> { { "@username", this.Username } })); if (count < 1) { this.EnterLogin(ipAddress, true); return(false); } string getSalt = @"SELECT [salt] FROM [dbo].[User] WHERE [username] = @username"; string salt = (string)Database.Scalar(getSalt, new System.Collections.Generic.Dictionary <string, object> { { "@username", this.Username } }); string getHashed = @"SELECT [password] FROM [dbo].[User] WHERE [username] = @username"; string hashed = (string)Database.Scalar(getHashed, new System.Collections.Generic.Dictionary <string, object> { { "@username", this.Username } }); ScryptEncoder encoder = new ScryptEncoder(); bool passwordsMatch = encoder.Compare(salt + this.EnteredPassword, hashed); if (passwordsMatch) { this.EnterLogin(ipAddress); // set up the static variables here this.SetupGlobalVars(); return(true); } this.EnterLogin(ipAddress, true); return(false); }
public bool Check(string senha, string hash) { ScryptEncoder s = new ScryptEncoder(); if (!s.IsValid(hash)) { return(false); } return(s.Compare(senha, hash)); }
//compare the user password for security public Boolean VerifyPassword(string password = "", string hpassword = "") { try { return(encoder.Compare(password, hpassword)); } catch (Exception) { throw; } }
public ActionResult Passupd(Admin admin) { using (DBuserSignupLoginEntities3 db = new DBuserSignupLoginEntities3()) { ViewBag.msg1 = admin.PasswordUs; ViewBag.msg2 = admin.NewPasswordUs; ViewBag.msg3 = admin.ReNewPasswordUs; if (String.IsNullOrEmpty(admin.IdUs.ToString()) || String.IsNullOrEmpty(admin.PasswordUs) || String.IsNullOrEmpty(admin.NewPasswordUs) || String.IsNullOrEmpty(admin.ReNewPasswordUs) || admin.NewPasswordUs != admin.ReNewPasswordUs) { return(View(admin)); } else if (db.Admins.All(x => x.IdUs != admin.IdUs)) { ViewBag.Message1 = "The admin with id " + admin.IdUs + " does not exists"; return(View(admin)); } var valid = (from c in db.Admins where c.IdUs.Equals(admin.IdUs) select c).SingleOrDefault(); ScryptEncoder encoder = new ScryptEncoder(); bool isvalid = encoder.Compare(admin.PasswordUs, valid.PasswordUs); if (valid != null) { Admin admin1 = db.Admins.Where(x => x.IdUs == admin.IdUs).FirstOrDefault(); if (admin1 != null && isvalid && admin.NewPasswordUs == admin.ReNewPasswordUs) { Admin k = db.Admins.Find(admin1.IdUs); String s1 = admin1.UserNameUs; db.Admins.Remove(k); db.SaveChanges(); String k1 = admin.NewPasswordUs; String k2 = encoder.Encode(k1); db.Admins.Add(new Admin() { IdUs = admin.IdUs, UserNameUs = s1, PasswordUs = k2, NewPasswordUs = k2, RePasswordUs = k2, ReNewPasswordUs = k2 }); db.SaveChanges(); TempData["message"] = "Password for admin Id " + admin.IdUs + " has been updated successfully!"; return(RedirectToAction("Passupd", "Home")); } else { ViewBag.Message1 = "Old password is incorrect"; } } } return(View()); }
public bool Verify(string plainText, string hashText) { ScryptEncoder encoder = new ScryptEncoder(); if (encoder.Compare(plainText, hashText)) { return(true); } else { return(false); } }
public Task <bool> CheckHashAsync(string clearText, string hash) { ScryptEncoder encoder = new ScryptEncoder(_scryptIterations, _blockCount, _threadCount); try { return(Task.Run(() => encoder.Compare(clearText, hash))); } catch (ArgumentException) { return(Task.FromResult(false)); } }
public void TestEncode() { int iterationCount = 2; for (int i = 0; i < 15; i++) { var encoder = new ScryptEncoder(iterationCount, 8, 1); var hashedPassword = encoder.Encode("MyPassword"); Assert.True(encoder.Compare("MyPassword", hashedPassword)); iterationCount *= 2; } }
public async Task <IActionResult> LoginParticulier([FromBody] DTO.LoginDTO loginDTO) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var authParticuliers = _context.Particuliers; ScryptEncoder encoder = new ScryptEncoder(); Particulier particulierFound = authParticuliers.FirstOrDefault(par => par.Mail == loginDTO.Mail); if (particulierFound == null) { return(NotFound()); } if (!encoder.Compare(loginDTO.MotDePasse, particulierFound.MotDePasse)) { return(Unauthorized()); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, particulierFound.Mail), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), }; // Create the JWT security token and encode it. JwtSecurityToken jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials ); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); // Serialize and return the response var response = new { access_token = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; return(Ok(response)); }
protected async override Task <HttpResponseMessage> SendAsync(HttpRequestMessage Request, CancellationToken CancelToken) { if (null != Request.Headers.Authorization) { // IF we have a "Basic" Authorization header, we need to login // ELSE we need to let the SessionToken cookie have a wack at it, so we do nothing if (Request.Headers.Authorization.Scheme.ToUpper() == "BASIC") { string authData = Encoding.UTF8.GetString(Convert.FromBase64String(Request.Headers.Authorization.Parameter)); // Do Basic Auth UserDataStore Users = new UserDataStore(); IUser FoundUser = (await Users.Get("EmailAddress", authData.Substring(0, authData.IndexOf(':')))).FirstOrDefault(); // EmailAddress is a unique key, so we can only find one if (null != FoundUser) { ScryptEncoder scryptEncoder = new ScryptEncoder(); // IF Basic Auth Succeeds if (scryptEncoder.Compare(Encoding.UTF8.GetString(Convert.FromBase64String(Request.Headers.Authorization.Parameter)), FoundUser.PasswordHash)) { // Set Principle Thread.CurrentPrincipal = new GenericPrincipal(new DevSpaceIdentity(FoundUser), null); Request.GetRequestContext().Principal = Thread.CurrentPrincipal; } // ELSE Basic Auth Fails else { // return 401 return(new HttpResponseMessage(System.Net.HttpStatusCode.Unauthorized)); } } // Complete the request. We'll set the login cookie on the way out HttpResponseMessage Response = await base.SendAsync(Request, CancelToken); CookieHeaderValue SessionCookie = new CookieHeaderValue("SessionToken", (await Users.CreateSession((Thread.CurrentPrincipal.Identity as DevSpaceIdentity).Identity)).SessionToken.ToString()); #if DEBUG == false SessionCookie.Secure = true; #endif SessionCookie.HttpOnly = true; Response.Headers.AddCookies(new CookieHeaderValue[] { SessionCookie }); return(Response); } } return(await base.SendAsync(Request, CancelToken)); }