static void Main(string[] args) { // Generate a new random password string string myPassword = Password.CreateRandomPassword(8); Console.WriteLine("My Password is: " + myPassword); Console.WriteLine("Please enter a password: "******"Your origional Password was : " + _password); //Console.Write("Your new hashed salted password is : "); // Generate a new random salt int mySalt = Password.CreateRandomSalt(); Console.WriteLine("Your new salt is : " + mySalt); // Initialize the Password class with the password and salt Password pwd = new Password(_password, mySalt); // Compute the salted hash // NOTE: you store the salt and the salted hash in the datbase string strHashedPassword = pwd.ComputeSaltedHash(); Console.WriteLine("The new stored Hashed Password is : " + strHashedPassword); // Debug output Console.WriteLine(strHashedPassword); }
private void genPassword(bool emailPassword) { var password = new Password(); Salt = password.Salt; SaltedPassword = password.ComputeSaltedHash(); MustChangePassword = true; if (emailPassword) { passwordToEmail = password.PasswordText; } }
public Customer Auth(string userName, string password) { var customer = _context.Customers.FirstOrDefault(c => c.Email == userName); if (customer == null) { return(null); } var pwd = new Password(password, customer.Salt); return(customer.HashPassword == pwd.ComputeSaltedHash() ? _mapper.Map <Customer>(customer) : null); }
private void modifyData() { var password = new Password(newPassword.Value); FormsAuthStatics.SystemProvider.InsertOrUpdateUser( AppTools.User.UserId, AppTools.User.Email, AppTools.User.Role.RoleId, AppTools.User.LastRequestDateTime, password.Salt, password.ComputeSaltedHash(), false); AddStatusMessage(StatusMessageType.Info, "Your password has been successfully changed. Use it the next time you log in."); }
protected override PageContent getContent() { var mod = getMod(); var password = new DataValue <string> { Value = "" }; Tuple <IReadOnlyCollection <EtherealComponent>, Action <int> > logInHiddenFieldsAndMethod = null; return(FormState.ExecuteWithDataModificationsAndDefaultAction( PostBack.CreateFull( modificationMethod: () => { if (AppTools.User == null) { mod.UserId = MainSequence.GetNextValue(); } if (password.Value.Any()) { var passwordSalter = new Password(password.Value); mod.Salt = passwordSalter.Salt; mod.SaltedPassword = passwordSalter.ComputeSaltedHash(); } mod.Execute(); logInHiddenFieldsAndMethod?.Item2(mod.UserId); }, actionGetter: () => new PostBackAction(logInHiddenFieldsAndMethod != null ? (PageBase)Home.GetInfo() : Profile.GetInfo(AppTools.User.UserId))) .ToCollection(), () => { var content = new UiPageContent(contentFootActions: new ButtonSetup(AppTools.User != null ? "Update Settings" : "Sign up").ToCollection()); if (AppTools.User == null) { content.Add( new EwfHyperlink( EnterpriseWebLibrary.EnterpriseWebFramework.UserManagement.Pages.LogIn.GetInfo(Home.GetInfo().GetUrl()), new StandardHyperlinkStyle("Have an account?"))); } content.Add(getFormItemStack(mod, password)); if (AppTools.User == null) { logInHiddenFieldsAndMethod = FormsAuthStatics.GetLogInHiddenFieldsAndSpecifiedUserLogInMethod(); content.Add(logInHiddenFieldsAndMethod.Item1); } return content; })); }
public Customer CreateCustomer(Customer customer) { var salt = Password.CreateRandomSalt(); var pwd = new Password(customer.Password, salt); var password = pwd.ComputeSaltedHash(); var newCustomer = new DbCustomer { FirstName = customer.FirstName, Address = customer.Address, LastName = customer.LastName, Email = customer.Email, Login = customer.Login, PhoneNumber = customer.PhoneNumber, Role = Roles.Admin, Salt = salt, HashPassword = password }; _context.Customers.Add(newCustomer); _context.SaveChanges(); return(customer); }
// check authentication public LogIn CheckAuthentication(LogIn logIn, string masterPassword) { LogIn user = LogInGateway.UserLogin(logIn.Roll, logIn.Type); if (user != null) { int salt = user.Salt; string storedpassword = user.Password; Password pwd = new Password(logIn.Password, salt); if (pwd.ComputeSaltedHash() == storedpassword || masterPassword == logIn.Password) { return(user); } else { return(null); } } else { return(null); } }
/// <summary> /// Resets the password of the given user and sends a message with the new password to their email address. Do not call if the system does not implement the /// forms authentication capable user management provider. /// </summary> public static void ResetAndSendPassword(int userId) { User user = SystemProvider.GetUser(userId); // reset the password var newPassword = new Password(); SystemProvider.InsertOrUpdateUser(userId, user.Email, user.Role.RoleId, user.LastRequestDateTime, newPassword.Salt, newPassword.ComputeSaltedHash(), true); // send the email SendPassword(user.Email, newPassword.PasswordText); }
/// <summary> /// Call this during LoadData. /// </summary> /// <param name="userId"></param> /// <param name="vl"></param> /// <param name="availableRoles">Pass a restricted list of <see cref="Role"/>s the user may select. Otherwise, Roles available /// in the System Provider are used.</param> /// <param name="validationPredicate">If the function returns true, validation continues.</param> public void LoadData(int?userId, ValidationList vl, List <Role> availableRoles = null, Func <bool> validationPredicate = null) { availableRoles = (availableRoles != null ? availableRoles.OrderBy(r => r.Name) : UserManagementStatics.SystemProvider.GetRoles()).ToList(); user = userId.HasValue ? UserManagementStatics.GetUser(userId.Value, true) : null; if (includePasswordControls() && user != null) { facUser = FormsAuthStatics.GetUser(user.UserId, true); } Func <bool> validationShouldRun = () => validationPredicate == null || validationPredicate(); var b = FormItemBlock.CreateFormItemTable(heading: "Security Information"); b.AddFormItems( FormItem.Create( "Email address", new EwfTextBox(user != null ? user.Email : ""), validationGetter: control => new Validation( (pbv, validator) => { if (validationShouldRun()) { Email = validator.GetEmailAddress(new ValidationErrorHandler("email address"), control.GetPostBackValue(pbv), false); } }, vl))); if (includePasswordControls()) { var group = new RadioButtonGroup(false); var keepPassword = FormItem.Create( "", group.CreateInlineRadioButton(true, label: userId.HasValue ? "Keep the current password" : "Do not create a password"), validationGetter: control => new Validation( (pbv, validator) => { if (!validationShouldRun() || !control.IsCheckedInPostBack(pbv)) { return; } if (user != null) { Salt = facUser.Salt; SaltedPassword = facUser.SaltedPassword; MustChangePassword = facUser.MustChangePassword; } else { genPassword(false); } }, vl)); var generatePassword = FormItem.Create( "", group.CreateInlineRadioButton(false, label: "Generate a " + (userId.HasValue ? "new, " : "") + "random password and email it to the user"), validationGetter: control => new Validation( (pbv, validator) => { if (validationShouldRun() && control.IsCheckedInPostBack(pbv)) { genPassword(true); } }, vl)); var newPassword = new DataValue <string>(); var confirmPassword = new DataValue <string>(); var newPasswordTable = EwfTable.Create(style: EwfTableStyle.StandardExceptLayout); newPasswordTable.AddItem( new EwfTableItem( "Password", FormItem.Create( "", new EwfTextBox("", masksCharacters: true, disableBrowserAutoComplete: true) { Width = Unit.Pixel(200) }, validationGetter: control => new Validation((pbv, v) => newPassword.Value = control.GetPostBackValue(pbv), vl)).ToControl())); newPasswordTable.AddItem( new EwfTableItem( "Password again", FormItem.Create( "", new EwfTextBox("", masksCharacters: true, disableBrowserAutoComplete: true) { Width = Unit.Pixel(200) }, validationGetter: control => new Validation((pbv, v) => confirmPassword.Value = control.GetPostBackValue(pbv), vl)).ToControl())); var providePasswordRadio = group.CreateBlockRadioButton(false, label: "Provide a " + (userId.HasValue ? "new " : "") + "password"); providePasswordRadio.NestedControls.Add(newPasswordTable); var providePassword = FormItem.Create( "", providePasswordRadio, validationGetter: control => new Validation( (pbv, validator) => { if (!validationShouldRun() || !control.IsCheckedInPostBack(pbv)) { return; } FormsAuthStatics.ValidatePassword(validator, newPassword, confirmPassword); var p = new Password(newPassword.Value); Salt = p.Salt; SaltedPassword = p.ComputeSaltedHash(); MustChangePassword = false; }, vl)); b.AddFormItems( FormItem.Create("Password", ControlStack.CreateWithControls(true, keepPassword.ToControl(), generatePassword.ToControl(), providePassword.ToControl()))); } b.AddFormItems( FormItem.Create( "Role", SelectList.CreateDropDown( from i in availableRoles select SelectListItem.Create(i.RoleId as int?, i.Name), user != null ? user.Role.RoleId as int? : null), validationGetter: control => new Validation( (pbv, validator) => { if (validationShouldRun()) { RoleId = control.ValidateAndGetSelectedItemIdInPostBack(pbv, validator) ?? default(int); } }, vl))); Controls.Add(b); }
/// <summary> /// Call this during LoadData. /// </summary> /// <param name="userId"></param> /// <param name="availableRoles">Pass a restricted list of <see cref="Role"/>s the user may select. Otherwise, Roles available /// in the System Provider are used.</param> public void LoadData(int?userId, List <Role> availableRoles = null) { availableRoles = (availableRoles?.OrderBy(r => r.Name) ?? UserManagementStatics.SystemProvider.GetRoles()).ToList(); var user = userId.HasValue ? UserManagementStatics.GetUser(userId.Value, true) : null; var facUser = includePasswordControls() && user != null?FormsAuthStatics.GetUser(user.UserId, true) : null; var b = FormItemList.CreateStack(); b.AddFormItems(Email.ToEmailAddressControl(false, value: user != null ? user.Email : "").ToFormItem(label: "Email address".ToComponents())); if (includePasswordControls()) { var group = new RadioButtonGroup(false); var keepPassword = group.CreateRadioButton( true, label: userId.HasValue ? "Keep the current password".ToComponents() : "Do not create a password".ToComponents(), validationMethod: (postBackValue, validator) => { if (!postBackValue.Value) { return; } if (user != null) { Salt.Value = facUser.Salt; SaltedPassword.Value = facUser.SaltedPassword; MustChangePassword.Value = facUser.MustChangePassword; } else { genPassword(false); } }) .ToFormItem(); var generatePassword = group.CreateRadioButton( false, label: "Generate a {0} password and email it to the user".FormatWith(userId.HasValue ? "new, random" : "random").ToComponents(), validationMethod: (postBackValue, validator) => { if (postBackValue.Value) { genPassword(true); } }) .ToFormItem(); var providePasswordSelected = new DataValue <bool>(); var providePassword = group.CreateFlowRadioButton( false, label: "Provide a {0}".FormatWith(userId.HasValue ? "new password" : "password").ToComponents(), setup: FlowRadioButtonSetup.Create( nestedContentGetter: () => { return(FormState.ExecuteWithValidationPredicate( () => providePasswordSelected.Value, () => { var password = new DataValue <string>(); var list = FormItemList.CreateStack( generalSetup: new FormItemListSetup(classes: new ElementClass("newPassword")), items: password.GetPasswordModificationFormItems()); new EwfValidation( validator => { var p = new Password(password.Value); Salt.Value = p.Salt; SaltedPassword.Value = p.ComputeSaltedHash(); MustChangePassword.Value = false; }); return list.ToCollection(); })); }), validationMethod: (postBackValue, validator) => providePasswordSelected.Value = postBackValue.Value) .ToFormItem(); b.AddFormItems( new StackList(keepPassword.ToListItem().ToCollection().Append(generatePassword.ToListItem()).Append(providePassword.ToListItem())).ToFormItem( label: "Password".ToComponents())); } b.AddFormItems( RoleId.ToDropDown( DropDownSetup.Create(from i in availableRoles select SelectListItem.Create(i.RoleId as int?, i.Name)), value: new SpecifiedValue <int?>(user?.Role.RoleId)) .ToFormItem(label: "Role".ToComponents())); this.AddControlsReturnThis(new Section("Security Information", b.ToCollection()).ToCollection().GetControls()); }
/// <summary> /// Call this during LoadData. /// </summary> /// <param name="userId"></param> /// <param name="availableRoles">Pass a restricted list of <see cref="Role"/>s the user may select. Otherwise, Roles available /// in the System Provider are used.</param> /// <param name="validationPredicate">If the function returns true, validation continues.</param> public void LoadData(int?userId, List <Role> availableRoles = null, Func <bool> validationPredicate = null) { availableRoles = (availableRoles != null ? availableRoles.OrderBy(r => r.Name) : UserManagementStatics.SystemProvider.GetRoles()).ToList(); user = userId.HasValue ? UserManagementStatics.GetUser(userId.Value, true) : null; if (includePasswordControls() && user != null) { facUser = FormsAuthStatics.GetUser(user.UserId, true); } Func <bool> validationShouldRun = () => validationPredicate == null || validationPredicate(); var b = FormItemBlock.CreateFormItemTable(heading: "Security Information"); b.AddFormItems( FormItem.Create( "Email address", new EwfTextBox(user != null ? user.Email : ""), validationGetter: control => new EwfValidation( (pbv, validator) => { if (validationShouldRun()) { Email = validator.GetEmailAddress(new ValidationErrorHandler("email address"), control.GetPostBackValue(pbv), false); } }))); if (includePasswordControls()) { var group = new RadioButtonGroup(false); var keepPassword = FormItem.Create( "", group.CreateInlineRadioButton(true, label: userId.HasValue ? "Keep the current password" : "Do not create a password"), validationGetter: control => new EwfValidation( (pbv, validator) => { if (!validationShouldRun() || !control.IsCheckedInPostBack(pbv)) { return; } if (user != null) { Salt = facUser.Salt; SaltedPassword = facUser.SaltedPassword; MustChangePassword = facUser.MustChangePassword; } else { genPassword(false); } })); var generatePassword = FormItem.Create( "", group.CreateInlineRadioButton(false, label: "Generate a " + (userId.HasValue ? "new, " : "") + "random password and email it to the user"), validationGetter: control => new EwfValidation( (pbv, validator) => { if (validationShouldRun() && control.IsCheckedInPostBack(pbv)) { genPassword(true); } })); var providePassword = FormState.ExecuteWithValidationPredicate( validationShouldRun, () => { var providePasswordSelected = new DataValue <bool>(); return(FormItem.Create( "", group.CreateBlockRadioButton( false, (postBackValue, validator) => providePasswordSelected.Value = postBackValue.Value, label: "Provide a {0}".FormatWith(userId.HasValue ? "new password" : "password"), nestedControlListGetter: () => { return FormState.ExecuteWithValidationPredicate( () => providePasswordSelected.Value, () => { var password = new DataValue <string>(); var newPasswordTable = EwfTable.Create(style: EwfTableStyle.StandardExceptLayout); foreach (var i in password.GetPasswordModificationFormItems(textBoxWidth: Unit.Pixel(200))) { newPasswordTable.AddItem(new EwfTableItem(i.Label, i.ToControl(omitLabel: true))); } new EwfValidation( validator => { var p = new Password(password.Value); Salt = p.Salt; SaltedPassword = p.ComputeSaltedHash(); MustChangePassword = false; }); return newPasswordTable.ToCollection(); }); }), validationGetter: control => control.Validation)); }); b.AddFormItems( FormItem.Create("Password", ControlStack.CreateWithControls(true, keepPassword.ToControl(), generatePassword.ToControl(), providePassword.ToControl()))); } b.AddFormItems( FormItem.Create( "Role", SelectList.CreateDropDown( from i in availableRoles select SelectListItem.Create(i.RoleId as int?, i.Name), user != null ? user.Role.RoleId as int? : null), validationGetter: control => new EwfValidation( (pbv, validator) => { if (validationShouldRun()) { RoleId = control.ValidateAndGetSelectedItemIdInPostBack(pbv, validator) ?? default(int); } }))); Controls.Add(b); }
public ActionResult Login(LoginViewModel model, string returnUrl = "") { if (ModelState.IsValid) { var myPassword = model.Password; var user = _dataContext.Users.FirstOrDefault(u => u.Username == model.Username); if (user != null && user.Salt != null) { int mySalt = user.Salt.Value; Password pwd = new Password(myPassword, mySalt); string strHashedPassword = pwd.ComputeSaltedHash(); var passCheck = slowEquals(user.Password, strHashedPassword); if (passCheck) { var roles = user.Roles.Select(m => m.RoleName).ToArray(); CustomPrincipalSerializeModel serializeModel = new CustomPrincipalSerializeModel { UserID = user.UserID, FirstName = user.FirstName, LastName = user.LastName, roles = roles }; string userData = JsonConvert.SerializeObject(serializeModel); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1, user.Email, DateTime.Now, DateTime.Now.AddMinutes(15), false, userData); string encTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket); Response.Cookies.Add(faCookie); if (roles.Contains("Admin")) { logger.Info("Administratior: " + user.FirstName + " " + user.LastName + " Loged In."); return(RedirectToAction("Index", "Admin")); } else if (roles.Contains("User")) { logger.Info("User: "******" " + user.LastName + " Loged In."); return(RedirectToAction("Index", "User")); } else { //if (User.Identity.IsAuthenticated) //{ // logger.Info("User: "******" " + User.LastName + " was unsuccessfully trying to relogin as: " + model.Username + "."); //} //else //{ logger.Info("Unregistered user was unsuccessfully trying to relogin as: " + model.Username + "."); //} return(RedirectToAction("Login", "Account", null)); } } } ModelState.AddModelError("", "Incorrect username and/or password."); } return(View(model)); }
public ActionResult Register(RegisterViewModel model) { if (ModelState.IsValid) { var myPassword = model.Password; int mySalt = Password.CreateRandomSalt(); Password pwd = new Password(myPassword, mySalt); string strHashedPassword = pwd.ComputeSaltedHash(); using (DataContext dc = new DataContext()) { var user = new User() { Username = model.Username, CreateDate = DateTime.Now, Email = model.Email, FirstName = model.FirstName, LastName = model.LastName, IsActive = true, Password = strHashedPassword, Salt = mySalt, Roles = new List <Role> { new Role { RoleName = "User" } }, AcademyID = model.AcademyID }; if (dc.Users.Any(e => e.Username == user.Username)) { ModelState.AddModelError("", "User With this Username already exists."); } if (dc.Users.Any(e => e.Email == user.Email)) { ModelState.AddModelError("", "User With this Email Address already exists."); } if (ModelState.IsValid) { dc.Users.Add(user); ModelState.Clear(); ViewBag.Message = "Successfully Registration Done"; dc.SaveChanges(); var roles = user.Roles.Select(m => m.RoleName).ToArray(); CustomPrincipalSerializeModel serializeModel = new CustomPrincipalSerializeModel { UserID = user.UserID, FirstName = user.FirstName, LastName = user.LastName, roles = roles }; string userData = JsonConvert.SerializeObject(serializeModel); FormsAuthenticationTicket authTicket = new FormsAuthenticationTicket( 1, user.Email, DateTime.Now, DateTime.Now.AddMinutes(15), false, userData); string encTicket = FormsAuthentication.Encrypt(authTicket); HttpCookie faCookie = new HttpCookie(FormsAuthentication.FormsCookieName, encTicket); Response.Cookies.Add(faCookie); return(RedirectToAction("Index", "User")); } } } return(View(model)); }
protected override void Seed(NewForumProject.DAL.DataContext context) { var academies = new List <Academy> { new Academy { AcademyName = "Hadassah" }, new Academy { AcademyName = "JCE" } }; //Fill table from ForumContext with data. academies.ForEach(s => context.Academies.Add(s)); var courses = new List <Subject> { new Subject { SubjectName = "Chemistry", Academy = academies.First(), LectureType = TypeOfLecture.Lecture, MustAttend = true }, new Subject { SubjectName = "Microeconomics", Academy = academies.First(), LectureType = TypeOfLecture.Lab, MustAttend = false }, new Subject { SubjectName = "Macroeconomics", Academy = academies.First(), LectureType = TypeOfLecture.Presentation, MustAttend = true }, new Subject { SubjectName = "Calculus", Academy = academies.First(), LectureType = TypeOfLecture.Practice, MustAttend = false }, new Subject { SubjectName = "Trigonometry", Academy = academies.First(), LectureType = TypeOfLecture.Lecture, MustAttend = true }, new Subject { SubjectName = "Composition", Academy = academies.First(), LectureType = TypeOfLecture.Seminar, MustAttend = true }, new Subject { SubjectName = "Literature", Academy = academies.First(), LectureType = TypeOfLecture.Lab, MustAttend = false } }; //Fill table from ForumContext with data. courses.ForEach(s => context.Subjects.Add(s)); Role role1 = new Role { RoleName = "Admin", Description = "Administrator" }; Role role2 = new Role { RoleName = "User", Description = "Simple User" }; Password adminPass = new Password("123456", -1361166414); Password userPass = new Password("123456", 1361676414); User user1 = new User { Username = "******", Email = "*****@*****.**", FirstName = "Daniel", LastName = "Shwarcman", Password = adminPass.ComputeSaltedHash(), IsActive = true, CreateDate = DateTime.UtcNow, Roles = new List <Role>(), Academy = academies.First(), Salt = -1361166414 }; User user2 = new User { Username = "******", Email = "*****@*****.**", FirstName = "Vasiliy", LastName = "Pupkin", Password = userPass.ComputeSaltedHash(), IsActive = true, CreateDate = DateTime.UtcNow, Roles = new List <Role>(), Academy = academies.First(), Salt = 1361676414 }; User user3 = new User { Username = "******", Email = "*****@*****.**", FirstName = "Masha", LastName = "Nenasha", Password = userPass.ComputeSaltedHash(), IsActive = true, CreateDate = DateTime.UtcNow, Roles = new List <Role>(), Academy = academies.First(), Salt = 1361676414 }; User user4 = new User { Username = "******", Email = "*****@*****.**", FirstName = "Vitaliy", LastName = "Genetaliy", Password = userPass.ComputeSaltedHash(), IsActive = true, CreateDate = DateTime.UtcNow, Roles = new List <Role>(), Academy = academies.First(), Salt = 1361676414 }; User user5 = new User { Username = "******", Email = "*****@*****.**", FirstName = "Sveta", LastName = "Konfeta", Password = userPass.ComputeSaltedHash(), IsActive = true, CreateDate = DateTime.UtcNow, Roles = new List <Role>(), Academy = academies.First(), Salt = 1361676414 }; User user6 = new User { Username = "******", Email = "*****@*****.**", FirstName = "Tatiana", LastName = "Nesmeyana", Password = userPass.ComputeSaltedHash(), IsActive = true, CreateDate = DateTime.UtcNow, Roles = new List <Role>(), Academy = academies.First(), Salt = 1361676414 }; User user7 = new User { Username = "******", Email = "*****@*****.**", FirstName = "Kolya", LastName = "Bezjazikov", Password = userPass.ComputeSaltedHash(), IsActive = true, CreateDate = DateTime.UtcNow, Roles = new List <Role>(), Academy = academies.First(), Salt = 1361676414 }; user1.Roles.Add(role1); user2.Roles.Add(role2); user3.Roles.Add(role2); user4.Roles.Add(role2); user5.Roles.Add(role2); user6.Roles.Add(role2); user7.Roles.Add(role2); context.Users.Add(user1); context.Users.Add(user2); context.Users.Add(user3); context.Users.Add(user4); context.Users.Add(user5); context.Users.Add(user6); context.Users.Add(user7); Block block = new Block { Date = DateTime.Now, BlockedUserID = user2.UserID, BlockedUser = user2, BlockerUserID = user1.UserID, BlockerUser = user1 }; context.Blocks.Add(block); context.SaveChanges(); }