public void TestVerify()
{
var hash = PBKDF2.Hash("test");
Assert.IsFalse(PBKDF2.Verify(hash, "test1234"));
Assert.IsTrue(PBKDF2.Verify(hash, "test"));
}
public async Task <IActionResult> Create(RegisterViewModel model)
{
if (!Config.Values.AllowRegistrations)
{
return(Unauthorized());
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
string username = model.Username.ToLower();
if (await _uow.Users.Exists(username))
{
ModelState.AddModelError("username", "Username is already in use.");
return(BadRequest(ModelState));
}
string passwordHash = PBKDF2.Hash(model.Password);
await _uow.Users.AddAsync(new User
{
Username = username,
DisplayName = model.Username,
Password = passwordHash,
PublicKey = model.PublicKey,
PrivateKey = model.PrivateKey
});
return(Ok());
}
public async Task <IActionResult> Create([Bind("Name,Role")] User user, int LoginId, string Password)
{
if (LoginId < 10000000)
{
ModelState.AddModelError("CreateFailed", "Wrong insetion, length of loginID too short.");
}
if (ModelState.IsValid)
{
_context.Add(user);
await _context.SaveChangesAsync();
var login = new Login
{
LoginID = LoginId,
ActivationStatus = true,
PasswordHash = PBKDF2.Hash(Password),
UserID = user.UserID
};
_context.Add(login);
user.Login = login;
_context.Update(user);
await _context.SaveChangesAsync();
return(RedirectToAction(nameof(Index)));
}
return(View(user));
}
// logic for changing password
public void ChangePassword(Login login, string password)
{
var passwordHash = PBKDF2.Hash(password);
login.Password = passwordHash;
login.ModifyDate = DateTime.UtcNow;
}
public async Task ChangePasswordAsync(string username, string newPassword)
{
username = username.ToLower();
await Client.Cypher
.Match("(user:User)")
.Where((User user) => user.Username == username)
.Set("user.password = {password}")
.WithParam("password", PBKDF2.Hash(newPassword))
.ExecuteWithoutResultsAsync();
}
internal void ChangePassword(string oldPass, string newPass)
{
if (PBKDF2.Verify(Password, oldPass))
{
Password = PBKDF2.Hash(newPass);
}
else
{
throw new Exception("Wrong password entered!");
}
}
public void TestHashingOutput()
{
var salt = new byte[16];
var hash = PBKDF2.Hash("test", salt: salt);
Assert.AreEqual("AAAAAAAAAAAAAAAAAAAAAKdxg3v6h4MevEEaW1d8kjFK+4wW0E2l1gDrVn6R26xa", hash);
var hash2 = PBKDF2.Hash(Encoding.UTF8.GetBytes("test"), salt: salt);
Assert.AreEqual("AAAAAAAAAAAAAAAAAAAAAKdxg3v6h4MevEEaW1d8kjFK+4wW0E2l1gDrVn6R26xa", Convert.ToBase64String(hash2));
}
public async Task <ObjectId> Create([FromForm] string name, [FromForm] string json, [FromForm] string password)
{
var quiz = new Quiz
{
Name = name,
Json = json,
Password = PBKDF2.Hash(password)
};
await new Database().QuizCollection.InsertOneAsync(quiz);
return(quiz.Id);
}
public async Task <IActionResult> ChangePassword(string password1, string password2)
{
var userID = HttpContext.Session.GetString(nameof(Model.Login.UserID));
var login = await _context.Logins.FirstOrDefaultAsync(x => x.UserID == userID);
login.PasswordHash = PBKDF2.Hash(password1);
login.ModifyDate = DateTime.UtcNow;
await _context.SaveChangesAsync();
return(RedirectToAction("Profile", "Customers", null));
}
public async Task <IActionResult> ChangePassword(int?customerID, string newPassword)
{
Login login = await _context.Logins.Where(x => x.CustomerID == customerID).FirstOrDefaultAsync();
// Check if not old password
if (PBKDF2.Verify(login.PasswordHash, newPassword))
{
ModelState.AddModelError(nameof(login.PasswordHash), "New password cannot be the same the old password");
return(View(login));
}
login.PasswordHash = PBKDF2.Hash(newPassword);
login.ModifyDate = DateTime.UtcNow;
await _context.SaveChangesAsync();
return(RedirectToAction(nameof(Details), login.CustomerID));
}
public async Task <IActionResult> ChangePassword(string oldPassword, string newPassword, string confirmPassword)
{
var customer = await _context.Logins.FindAsync(CustomerID.ToString());
var login = await _context.Logins.Include(x => x.Customer).FirstOrDefaultAsync(x => x.CustomerID == CustomerID);
//Validation
Manager.ValidatePassword(oldPassword, newPassword, confirmPassword);
if (!ModelState.IsValid)
{
return(View(customer));
}
login.UpdatePassword(PBKDF2.Hash(newPassword));
await _context.SaveChangesAsync(); //save changes
return(RedirectToAction(nameof(PasswordChanged)));
}
public (string, string) ChangePassword(string oldpassword, string newpassword, string confirmnewpassword)
{
if (!PBKDF2.Verify(Password, oldpassword))
{
return("PasswordChangeFailed", "Old password entered is incorrect.");
}
if (oldpassword == newpassword)
{
return("PasswordChangeFailed", "Old password and new password cannot be same.");
}
if (newpassword != confirmnewpassword)
{
return("PasswordChangeFailed", "New password and confirmed new password do not match");
}
Password = PBKDF2.Hash(newpassword);
ModifyDate = DateTime.UtcNow;
return("PasswordChangeSuccess", "Password changed successfully.");
}
public async Task <IActionResult> ChangePassword(string oldpass, string newpass, string newpass2)
{
var id = HttpContext.Session.GetInt32(nameof(Customer.CustomerID));
var login = await _loginRepo.GetAlternative(id);
if (!PBKDF2.Verify(login.PasswordHash, oldpass) || newpass != newpass2 || oldpass == newpass)
{
ModelState.AddModelError("ChangeFailed", "Couldn't reset password, please try again.");
return(View());
}
//converts to hash to put in the db
string hash = PBKDF2.Hash(newpass);
login.PasswordHash = hash;
login.ModifyDate = DateTime.UtcNow;
_loginRepo.Save();
TempData["changed"] = "password";
return(RedirectToAction("Success"));
}
//POST
public async Task <IActionResult> OnPostAsync()
{
if (!ModelState.IsValid)
{
return(Page());
}
//パスワードをハッシュ化する
this.Diary.pass = PBKDF2.Hash(this.Diary.pass).ToString();
//日記、その他の項目を初期設定する。(id, noteは、POSTされた値を使用する)
this.Diary.pub = PUBLICITY.pub;
this.Diary.last = DateTime.Now;
this.Diary.excha = EXCHA.disable;
this.Diary.writa = WRITA.able;
this.Diary.retTime = DateTime.Now;
this.Diary.exid = null;
//DBへ保存する
_context.diaries.Add(Diary);
try {
await _context.SaveChangesAsync();
} catch (DbUpdateException ex) {
_logger.Log(LogLevel.Error, ex.Message);
//id重複確認
if (_context.diaries.Any(e => e.Id == Diary.Id))
{
this.message = "エラー:既に使用されているIDです";
return(Page());
}
else
{
throw;
}
}
return(RedirectToPage("/Account/Login"));
}
public void PBKDF2テスト2(string pass1, string pass2)
{
string hash = PBKDF2.Hash(pass1).ToString();
Assert.False(PBKDF2.Verify(pass2, hash));
}
public byte[] GeneratePasswordHash(string pwd, byte[] salt)
{
return(PBKDF2.Hash($"{this.UID}.{this.Id}", pwd, salt));
}
public async Task <IActionResult> CreateAsync(string email, string password)
{
Login login = new Login {
Email = email, PasswordHash = PBKDF2.Hash(password), Activate = false, Code = GenerateCode()
};
_context.Logins.Add(login);
AppUser user = new AppUser {
Email = login.Email
};
_context.Appusers.Add(user);
try
{
await _context.SaveChangesAsync();
using (var client = new AmazonSimpleEmailServiceClient(awsAccessKey, awsSecretKey, RegionEndpoint.USEast1))
{
var sendRequest = new SendEmailRequest
{
Source = senderAddress,
Destination = new Destination
{
ToAddresses =
new List <string> {
email
}
},
Message = new Message
{
Subject = new Content(subject),
Body = new Body
{
Html = new Content
{
Charset = "UTF-8",
Data = HtmlBody(login.Code)
},
Text = new Content
{
Charset = "UTF-8",
Data = TextBody(login.Code)
}
}
},
};
try
{
var response = client.SendEmailAsync(sendRequest);
ViewBag.Message = String.Format("Send Email successfully");
}
catch (Exception ex)
{
ViewBag.Message = String.Format("Send Email fails: " + ex.Message);
}
}
}
catch (Exception)
{
ModelState.AddModelError("Insert", "Sign up failed, email has been token.");
}
return(View());
}
public async Task UpdatePasswordAsync(Login login, string password)
{
login.PasswordHash = PBKDF2.Hash(password);
await _context.SaveChangesAsync();
}
public void TestRandomSalt()
{
Assert.AreNotEqual(PBKDF2.Hash("test"), PBKDF2.Hash("test"));
}