public ActionResult Continue(string validator, string email) { // Time now on seconds (UNIX TIME) var dateU = Convert.ToInt32(DateTimeOffset.Now.ToUnixTimeSeconds()); // Searching the user on newUsers table using the email and verifying if the expiration time are passed var resultToken = db.newUsers.Where(x => x.newUser_email == email && x.newUser_expires >= dateU).FirstOrDefault(); // Checking the validator bool tokenCheck = BCryptHelper.CheckPassword(validator, resultToken.newUser_token); if (tokenCheck == false) { // If NOT valid throw new TokenOrValidationException(); } else if (tokenCheck == true) { // If is valid // Searching the user on users table with the email and activate var resultUser = db.users.Where(x => x.user_email == resultToken.newUser_email).FirstOrDefault(); resultUser.active = true; db.newUsers.RemoveRange(db.newUsers.Where(x => x.newUser_email == resultUser.user_email)); db.SaveChanges(); ViewBag.message = "Done"; return(View()); } return(View()); }
public string SignIn(ISignInDto dto) { _signInDtoValidator.Check(dto); var user = _dao.GetUserByEmail(dto.Email); if (user == null || !BCryptHelper.CheckPassword(dto.Password, user.Password)) { throw new AuthenticationException(); } var handler = new JwtSecurityTokenHandler(); var now = DateTime.Now; return(handler.WriteToken(handler.CreateToken(new SecurityTokenDescriptor { Issuer = "MadrageBackEndChallengeIssuer", Audience = "MadrageBackEndChallengeAudience", SigningCredentials = _signingCredentials, Subject = new ClaimsIdentity(new GenericIdentity(user.Name, "SignIn"), new[] { new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()), new Claim(JwtRegisteredClaimNames.Email, user.Email) } ), NotBefore = now, Expires = now + TimeSpan.FromDays(3) }))); }
public bool Authenticate(string username, string password) { try { if (IsFirstLogIn()) { Employees.Add(new Model.Employee() { Username = username, Password = password, FirstName = "Admin", LastName = "Admin", Role = (byte)Role.Admin }); return(true); } using (var dataContext = GetDataContext()) { var user = dataContext.Persons.OfType <DB.Employee>().First(x => x.Username == username); if (BCryptHelper.CheckPassword(password, user.Password)) { return(true); } } } catch { } return(false); }
private void btnLogin_Click(object sender, EventArgs e) { using (MySqlCommand command = new MySqlCommand("SELECT `Username`, `Password` FROM `Login` WHERE `Username` = '" + txbUsername.Text + "';", connection)) { using (MySqlDataReader reader = command.ExecuteReader()) { if (reader.Read()) { if (BCryptHelper.CheckPassword(txbPassword.Text, reader.GetString("Password"))) { label3.Text = "Username and Password are valid!"; label3.ForeColor = Color.Green; this.Hide(); WikiParks f = new WikiParks(); f.Show(); } } else { label3.ForeColor = Color.Red; label3.Text = "Username Or Password are Invalid"; } } } }
public static bool Login(this SqlConnection connection, User user, string password) { var sqlQuery = @"SELECT Password FROM [User] WHERE Nickname = @user"; var hashedPassword = connection.QueryFirstOrDefault <string>(sqlQuery, new { user = user.Nickname }); if (hashedPassword == null) { Console.WriteLine("Invalid username, please try again."); return(false); } if (BCryptHelper.CheckPassword(password, hashedPassword.ToString())) { Console.WriteLine($"{user.Nickname} successfully logged in."); return(true); } else { Console.WriteLine("Invalid password, please try again."); return(false); } }
public static AccountModel AuthorizationAccount(string login, string password) { AccountModel accountModel = new AccountModel(); using (NpgsqlConnection conn = new NpgsqlConnection(connectionString)) { try { conn.Open(); NpgsqlCommand command = new NpgsqlCommand("SELECT id, password, buy_pers FROM server.accounts WHERE login = @login LIMIT 1;", conn); command.Parameters.AddWithValue("@login", login); command.ExecuteNonQuery(); NpgsqlDataReader reader = command.ExecuteReader(); reader.Read(); if (BCryptHelper.CheckPassword(password, reader.GetString(1))) { NAPI.Util.ConsoleOutput("Заебись"); accountModel.Id = reader.GetInt32(0); accountModel.Bay_Pers = reader.GetBoolean(2); return(accountModel); } } catch (Exception ex) { Globals.log.Trace(ex); NAPI.Util.ConsoleOutput("[EXCEPTION CreateCharacter] " + ex.Message); NAPI.Util.ConsoleOutput("[EXCEPTION CreateCharacter] " + ex.StackTrace); } return(accountModel); } }
public ActionResult Login(string login, string password) { if (ModelState.IsValid) { var user = UnitOfWork.Users.GetByLogin(login); if (user == null) { ModelState.AddModelError(String.Empty, "There is wrong login or password. Try again."); return(View()); } if (BCryptHelper.CheckPassword(password, user.Password)) { UserData.SetUserInfo(user); return(View("Index")); } ModelState.AddModelError(String.Empty, "There is wrong login or password. Try again."); return(View()); } ModelState.AddModelError(String.Empty, "There is wrong login or password. Try again."); return(View()); }
public LoginSummary SignIn(string username, string password) { using (var cxt = DataStore.GetDataStore()) { // Load the login details if exists //var login = cxt.Login.FirstOrDefault(x => x.Username.ToLower() == username); var login = ( from l in cxt.Login join p in cxt.Person on l.PersonID equals p.PersonID where l.Username == username select new LoginSummary() { FirstName = p.FirstName, LastName = p.LastName, LoginID = l.LoginID, Password = l.Password, Username = l.Username } ).FirstOrDefault(); var passwordVerified = BCryptHelper.CheckPassword(password, login?.Password); if (!passwordVerified) { throw new Exception("We either could not find your username or the password you entered is incorrect."); } return(login); } }
public static Librarian LibrarianLogin(string name, string pwd) { using (var context = new LibraryContext()) { var stringError = "Invalid name or password."; if (string.IsNullOrEmpty(name) || string.IsNullOrEmpty(pwd)) { throw new InvalidOperationException(stringError); } var librarian = context.Librarians.SingleOrDefault(l => l.Name.Equals(name)); if (librarian == null) { throw new InvalidOperationException(stringError); } var loginSuccess = BCryptHelper.CheckPassword(pwd, librarian.Password); if (!loginSuccess) { throw new InvalidOperationException(stringError); } return(librarian); } }
public IActionResult ChangePassword(ChangePasswordViewModel model) { if (model.NewPassword != model.ConfirmNewPassword) { ModelState.AddModelError("", "New Password does not match Confirm New Password"); return(View()); } var user = this._context.Users.FirstOrDefault(u => u.Id == model.UserId); if (user != null) { if (BCryptHelper.CheckPassword(model.OldPassword, user.Password) == false) { ModelState.AddModelError("", "Incorrect old Password."); return(View()); } user.Password = BCryptHelper.HashPassword(model.NewPassword, BCryptHelper.GenerateSalt(8)); user.LoginStatus = Infrastructures.Domain.Enums.LoginStatus.Active; this._context.Users.Update(user); this._context.SaveChanges(); return(RedirectPermanent("Notify")); } return(View()); }
public bool AnswerQuestion(int QuestionID, int AnswerID, string uniqueID) { if (BCryptHelper.CheckPassword("amazinglyunique", uniqueID)) { if (!db.AnsweredBy.Any(x => x.AnswerID == AnswerID && x.BrowserKey == uniqueID && x.QuestionID == QuestionID) && db.Answers.Any(x => x.AnswerID == AnswerID) && db.Questions.Any(x => x.QuestionID == QuestionID)) { AnsweredBy ab = new AnsweredBy(); ab.AnswerID = AnswerID; ab.BrowserKey = uniqueID; ab.QuestionID = QuestionID; db.AnsweredBy.Add(ab); db.SaveChanges(); Answer a = new Answer(); a = db.Answers.First(x => x.AnswerID == AnswerID); a.Count = a.Count + 1; db.SaveChanges(); return(true); } return(false); } return(false); }
private void CheckPassword(string password, string hashedPassword) { if (!BCryptHelper.CheckPassword(password, hashedPassword)) { throw new InvalidLoginAttemptException("Invalid credentials given"); } }
public static List <string> decryptFromFile(string path, string pass, byte[] key) { var payload = new List <string>(); using (var aes = Aes.Create()) { // Setup aes decryptor aes.Key = key; aes.Padding = PaddingMode.Zeros; using (FileStream file = File.OpenRead(path)) { // Read salt string salt = string.Empty; for (int i = 0; i < 29; i++) { salt += Convert.ToChar(file.ReadByte()); } // Read iv byte[] iv = new byte[16]; for (int i = 0; i < 16; i++) { iv[i] = Convert.ToByte(file.ReadByte()); } aes.IV = iv; ICryptoTransform alg = aes.CreateDecryptor(aes.Key, aes.IV); using (var crypto = new CryptoStream(file, alg, CryptoStreamMode.Read)) { // Read encoded verification hash var hash = new byte[31]; for (int i = 0; i < 31; i++) { hash[i] = Convert.ToByte(crypto.ReadByte()); } string hashed = salt + Encoding.UTF8.GetString(hash); if (BCryptHelper.CheckPassword(pass, hashed)) { using (var reader = new StreamReader(crypto)) { // Read encoded payload payload.Add(reader.ReadLine()); while (!reader.EndOfStream) { payload.Add(reader.ReadLine()); } } } else { return(VERIFICATION_ERROR); } } } } return(payload); }
public Mind(string Password) { if (!BCryptHelper.CheckPassword(Password, Protected)) { Shutdown(); return; } }
public string LoginFromPlugin(string Username, string Password) { if (BCryptHelper.CheckPassword(Password + "*)&h9", db.Users.First(u => u.Username == Username).Password)) { return("true"); } return("false"); }
// fungsi untuk melakukan penyamaan password dari user dgn yg ada di db public bool IsPasswordMatch(string NIK, string password) { using (dbccanEntities db = new dbccanEntities()) { var hashedPassword = GetUserPassword(NIK); return(BCryptHelper.CheckPassword(password, hashedPassword)); } }
// TODO ~needs rework/cleanup public IActionResult Login([FromBody] UserLoginModel input) { GetLogger().Info("Logging in."); try { var daoManager = HttpContext.RequestServices.GetService <DaoManager>(); var databaseUser = daoManager.UserDao.FindUserByMailAddress(input.MailAddress); if (databaseUser == null || !BCryptHelper.CheckPassword(input.Password, databaseUser.PasswordHash)) { return(BadRequest("Username or password is incorrect")); } if (databaseUser.Active == 0) { return(BadRequest("The account you are trying to login into seems to be deactivated. Please contact the webshop administrator to resolve this problem.")); } JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); byte[] key = Encoding.ASCII.GetBytes(_appSettings.Secret); // Obtain the users' role name string roleName = daoManager.RoleDao.Find(databaseUser.RoleId).Name; var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { // Store user id as claim new Claim(ClaimTypes.Sid, databaseUser.Id.ToString()), // Store user role as claim new Claim(ClaimTypes.Role, roleName) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; SecurityToken token = tokenHandler.CreateToken(tokenDescriptor); string tokenString = tokenHandler.WriteToken(token); // return basic user info (without password, id, etc...) and token to store client side object user = new { firstName = databaseUser.Firstname, lastName = databaseUser.Lastname, mailAddress = databaseUser.MailAddress, token = tokenString, role = roleName }; return(Ok(user)); } catch (MySqlException ex) { return(LogError(ex)); } }
public bool IsHashMatchesPlainText([NotNull] string hash, [NotNull] string plainText) { try { return(BCryptHelper.CheckPassword(plainText, hash)); } catch (BCrypt.SaltParseException) { return(BCryptHelper.CheckPassword(hash, plainText)); } }
public bool CheckPassword(string input) { if (password == null) { return(false); } return(BCryptHelper.CheckPassword(input, this.password)); }
private bool VerifyPasswordAnswer(BsonDocument user, string passwordAnswer) { if (PasswordFormat == MembershipPasswordFormat.Hashed) { return(BCryptHelper.CheckPassword(passwordAnswer, user["PasswordAnswer"].AsString)); } return(user["PasswordAnswer"].AsString == EncodePassword(passwordAnswer, PasswordFormat, user["Salt"].AsString)); }
public async Task <KeyValuePair <bool, AuthenticatedUser> > AuthenticateHidrogenian(AuthenticationVM auth) { _logger.LogInformation("AuthenticationService.AuthenticateHidrogenian - Service starts."); Hidrogenian hidrogenian; string role; try { hidrogenian = await _dbContext.Hidrogenian.FirstOrDefaultAsync( h => (auth.Email != null ? h.Email == auth.Email : h.UserName.ToLower() == auth.UserName ) && h.EmailConfirmed && h.RecoveryToken == null && h.TokenSetOn == null ); role = await(from rc in _dbContext.RoleClaimer join r in _dbContext.HidroRole on rc.RoleId equals r.Id where rc.HidrogenianId == hidrogenian.Id select r.RoleName).FirstOrDefaultAsync(); } catch (Exception e) { _logger.LogError("AuthenticationService.AuthenticateHidrogenian - Error: " + e); return(new KeyValuePair <bool, AuthenticatedUser>(false, null)); } if (!BCryptHelper.CheckPassword(auth.Password, hidrogenian.PasswordHash)) { return(new KeyValuePair <bool, AuthenticatedUser>(true, null)); } var unixTimeStamp = ((DateTimeOffset)DateTime.UtcNow).ToUnixTimeSeconds(); var authToken = GenerateHashedPasswordAndSalt(hidrogenian.Id + hidrogenian.Email + unixTimeStamp); var profile = await _dbContext.HidroProfile.FirstOrDefaultAsync(p => p.HidrogenianId == hidrogenian.Id); var expirationTime = ((DateTimeOffset)DateTime.UtcNow.AddSeconds( auth.TrustedAuth ? HidroConstants.TRUSTED_AUTH_EXPIRATION_TIME : HidroConstants.INTRUSTED_AUTH_EXPIRATION_TIME )).ToUnixTimeSeconds(); var avatar = profile.ProcessAvatarInfo(); var authUser = new AuthenticatedUser { UserId = hidrogenian.Id, Role = role, AuthToken = authToken.Key, Email = hidrogenian.Email, UserName = hidrogenian.UserName, FullName = profile.GivenName + ' ' + profile.FamilyName, Avatar = avatar?.Name, ExpirationTime = expirationTime }; return(new KeyValuePair <bool, AuthenticatedUser>(true, authUser)); }
private async Task <bool> VerifyUserLogin(string username, string password) { using (var session = _store.OpenAsyncSession()) { var user = await session.Query <AppUser>() .FirstOrDefaultAsync(u => u.Username == username); return(BCryptHelper.CheckPassword(password, user.PasswordHash)); } }
/// <summary> /// Returns true if the passed clear text password matches /// the passed keyword hash. /// </summary> /// <param name="pw">Clear text password</param> /// <param name="hash">Keyword hash</param> /// <returns>Match success state</returns> public static bool CompareStringToHash(string pw, string hash) { try { return(BCryptHelper.CheckPassword(pw, hash)); } catch (Exception) { return(false); } }
public void HashPassword_should_hash_unhashed_password() { var user = new User() { Password = "******" }; user.HashPassword(); Assert.IsTrue(BCryptHelper.CheckPassword("password", user.Password)); }
public async Task <ActionResult> Login(LoginViewModel model) { var getEmail = _userRepository.GetByEmail(model.Email); if (getEmail == null) { return(BadRequest("Email Wrong!")); } else { var check = BCryptHelper.CheckPassword(model.Password, getEmail.Password); if (check == false) { return(BadRequest("Wrong Password!"));; } else { // get role from user login using (var connection = new SqlConnection(_configuration.GetConnectionString("MyConnection"))) { var procName = "SP_GetRole"; parameters.Add("@email", model.Email); IEnumerable <LoginViewModel> data = connection.Query <LoginViewModel>(procName, parameters, commandType: CommandType.StoredProcedure); foreach (LoginViewModel users in data) { model.RoleName = users.RoleName; } } // create jwt var claims = new[] { new Claim("Email", model.Email), new Claim("RoleName", model.RoleName), new Claim("User_Id", getEmail.Id.ToString()) }; var signinKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(_configuration["Jwt:SigningKey"])); int expiryInMinutes = Convert.ToInt32(_configuration["Jwt:ExpiryInMinutes"]); var token = new JwtSecurityToken( issuer: _configuration["Jwt:Site"], audience: _configuration["Jwt:Site"], claims, expires: DateTime.UtcNow.AddDays(3), signingCredentials: new SigningCredentials(signinKey, SecurityAlgorithms.HmacSha256) ); return(Ok(new JwtSecurityTokenHandler().WriteToken(token))); } } }
public User Login(string username, string password) { foreach (User u in users) { if (u.Username == username && BCryptHelper.CheckPassword(password, u.Password)) { return(new User(u)); } } return(null); }
public bool VerifyUserLoginDetails(string userName, string password) { if (DoesUserExist(userName)) { var user = _civMoneyContext.Users.Where(users => users.UserName == userName).SingleOrDefault(); return(BCryptHelper.CheckPassword(password, user.PasswordHash)); } return(false); }
public Task <bool> CheckHashAsync(string clearText, string hash) { try { return(Task.Run(() => BCryptHelper.CheckPassword(clearText, hash))); } catch (ArgumentException) { return(Task.FromResult(false)); } }
public void TestVerifyPasswordSuccess() { Trace.Write("BCrypt.Verify w/ good passwords: "); for (var i = 0; i < _testVectors.Length / 3; i++) { var plain = _testVectors[i, 0]; var expected = _testVectors[i, 2]; Assert.True(BCryptHelper.CheckPassword(plain, expected)); Trace.Write("."); } Trace.WriteLine(""); }
public void TestVerifyPasswordWithDifferentRevisionsSuccess() { Trace.Write("BCrypt.Verify with good passwords from revisions a, x and y: "); for (var i = 0; i < _differentRevisionTestVectors.Length / 3; i++) { var plain = _differentRevisionTestVectors[i, 0]; var expected = _differentRevisionTestVectors[i, 2]; Assert.True(BCryptHelper.CheckPassword(plain, expected)); Trace.Write("."); } Trace.WriteLine(""); }