public void ShoudReturnHashOfSpecifiedLength(string word, int saltLen, int hashLen, int iter) { string res = SaltHash.GetSaltedHash(word, saltLen, hashLen, iter); byte[] testBytes = Convert.FromBase64String(res); Assert.Equal(saltLen + hashLen, testBytes.Length); }
/// <summary> /// Edita un usuario existente. /// </summary> /// <param name="usr">Datos del usuario.</param> /// <param name="changePassword">Indica si se le cambió el password.</param> public void Editar(Usuario usr, bool changePassword) { using (var modelo = new GESTOR_DOCUMENTAL()) { Usuario usrEditar = modelo.Usuario.Where(o => o.IdUsuario == usr.IdUsuario).FirstOrDefault(); if (usrEditar != null) { usrEditar.Alias = usr.Alias; usrEditar.Nombre = usr.Nombre; usrEditar.IdGrupo = usr.IdGrupo; usrEditar.IdDepartamento = usr.IdDepartamento; usrEditar.IdArea = usr.IdArea; usrEditar.IdGrupoLector = usr.IdGrupoLector; usrEditar.FechaEdicion = DateTime.Now; usrEditar.IdUsuarioEdicion = Util.Sesion.Current.IdUsuario; if (changePassword) { SaltHash sh = Crypto.CrearHash(usr.Password); usrEditar.Password = Convert.ToBase64String(sh.hash); usrEditar.Salt = Convert.ToBase64String(sh.salt); } modelo.SaveChanges(); } } }
public async Task <UserModel> FindByUserNameAsync(string userName) { return(await Task.FromResult <UserModel>(new UserModel() { UserName = userName, PasswordHash = SaltHash.HashPassword("abc123") })); }
public ActionResult Create([Bind(Include = "UserID,UserName,MobileNo,DOB,Address,Email,Password")] User user) { if (ModelState.IsValid) { SaltHash sh = new SaltHash(); user.Password = sh.ComputeHash(user.Password, null, null); db.Users.Add(user); db.SaveChanges(); return(RedirectToAction("Index")); } return(View(user)); }
/// <summary> /// Inserta un nuevo usuario. /// </summary> /// <param name="usr"></param> public void Insertar(Usuario usr) { using (var modelo = new GESTOR_DOCUMENTAL()) { SaltHash sh = Crypto.CrearHash(usr.Password); usr.Password = Convert.ToBase64String(sh.hash); usr.Salt = Convert.ToBase64String(sh.salt); usr.Activo = true; usr.FechaCreacion = DateTime.Now; usr.IdUsuarioCreacion = Util.Sesion.Current.IdUsuario; modelo.Usuario.Add(usr); modelo.SaveChanges(); } }
/// <summary> /// Retorna true si el usuario existe y coincide el password, de lo contrario false. /// </summary> /// <param name="usr"></param> /// <returns></returns> public bool Validar(Usuario usr) { using (var modelo = new GESTOR_DOCUMENTAL()) { if (modelo.Usuario.Where(o => o.Alias == usr.Alias && o.Activo == true).Count() > 0) { var usrAutenticar = modelo.Usuario.Where(o => o.Alias == usr.Alias && o.Activo == true).FirstOrDefault(); var pass = Convert.FromBase64String(usrAutenticar.Password); var salt = Convert.FromBase64String(usrAutenticar.Salt); var sh = new SaltHash(salt, pass); return(Crypto.VerificarPassword(sh, usr.Password)); } return(false); } }
public async Task <IActionResult> Login([FromBody] LoginModel model) { if (!ModelState.IsValid) { return(BadRequest(new { error = "Bad State" })); } // TODO: Replace with actual lookup UserModel user = await new UserManager().FindByUserNameAsync(model.UserName); if (user == null) { return(BadRequest(new { error = "User does not exist" })); } if (!SaltHash.VerifyHash(user.PasswordHash, model.Password)) { return(BadRequest(new { error = "Invalid password" })); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim("UserId", user.UserName), }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Tokens:Key"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( _config["Tokens:Issuer"], _config["Tokens:Issuer"], claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: creds ); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), expires = token.ValidTo })); }
public void ShouldReturnEmpty(string word, int saltLen, int hashLen, int iter) { string res = SaltHash.GetSaltedHash(word, saltLen, hashLen, iter); Assert.Equal(0, res.Length); }