C# (CSharp) IPwnedPasswordsClient.HasPasswordBeenPwned Exemples

Exemple #1

Fichier : UserService.cs Projet : Layfully/QuizyfyAPI

    public async Task <BasicResult> Register(UserRegisterRequest request)
    {
        var user = _mapper.Map <User>(request);

        if (await _userRepository.GetUserByUsername(request.Username) != null)
        {
            return(new BasicResult {
                Errors = new[] { "Username: "******" is already taken" }
            });
        }

        if (await _userRepository.GetUserByEmail(request.Email) != null)
        {
            return(new BasicResult {
                Errors = new[] { "Email: " + user.Email + " is already taken" }
            });
        }

        if (await _pwnedPasswordsClient.HasPasswordBeenPwned(request.Password))
        {
            return(new BasicResult {
                Errors = new[] { "This password has been leaked in data leak. Please use different password." }
            });
        }

        Hash.Create(request.Password.Normalize(NormalizationForm.FormKC), out byte[] passwordHash, out byte[] passwordSalt);

        user.PasswordHash      = passwordHash;
        user.PasswordSalt      = passwordSalt;
        user.VerificationToken = Guid.NewGuid().ToString();

        _userRepository.Add(user);

        if (!await _userRepository.SaveChangesAsync())
        {
            return(new BasicResult {
                Errors = new[] { "User registration failed." }
            });
        }

        var sendConfirmationResponse = await _mailService.SendConfirmationEmailTo(user);

        if (sendConfirmationResponse.StatusCode != HttpStatusCode.Accepted)
        {
            _userRepository.Delete(user);
            await _userRepository.SaveChangesAsync();

            return(new BasicResult {
                Errors = new[] { "Sending registration email failed." + await sendConfirmationResponse.Body.ReadAsStringAsync() + " ----- Headers ------ " + sendConfirmationResponse.Headers.ToString() }
            });
        }

        return(new BasicResult {
            Success = true
        });
    }

Exemple #2

        /// <inheritdoc />
        public async Task <IdentityResult> ValidateAsync(UserManager <TUser> manager, TUser user, string password)
        {
            var isPwned = false;

            if (!string.IsNullOrEmpty(password))
            {
                isPwned = await _client.HasPasswordBeenPwned(password);
            }

            var result = isPwned
                ? IdentityResult.Failed(Describer.PwnedPassword())
                : IdentityResult.Success;

            return(result);
        }

Exemple #3

        /// <inheritdoc />
        public async Task <IdentityResult> ValidateAsync(UserManager <TUser> manager, TUser user, string password)
        {
            var isPwned = false;

            if (!string.IsNullOrEmpty(password))
            {
                isPwned = await _client.HasPasswordBeenPwned(password);
            }

            var result = isPwned
                ? IdentityResult.Failed(new IdentityError
            {
                Code        = "PwnedPassword",
                Description = _options.ErrorMessage,
            })
                : IdentityResult.Success;

            return(result);
        }

Exemple #4

Fichier : Program.cs Projet : robinske/pwned-cs

        public async Task Verify(string password)
        {
            var result = await _client.HasPasswordBeenPwned(password);

            Console.WriteLine(result);
        }