public string Login(LoginDTO loginDTO) { var cryptoPassword = CryptoPassword.GetSha(loginDTO.Password); var user = _context.Users.FirstOrDefault(x => x.Email == loginDTO.Email && x.Password == cryptoPassword); if (user == null) { throw new ServiceException(ExceptionMessages.USER_NOT_FOUND); } if (!user.IsActive) { throw new ServiceException(ExceptionMessages.USER_NOT_ACTIVE); } var tokenHandler = new JwtSecurityTokenHandler(); var tokenKey = this._configuration.GetValue <string>("Token_Key"); var tokenKeyByte = Encoding.ASCII.GetBytes(tokenKey); SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor() { Subject = new ClaimsIdentity(new Claim[] { new Claim("Name", user.Name), new Claim("Surname", user.Surname), new Claim("Email", user.Email), new Claim("Id", Convert.ToString(user.Id)), }), Expires = DateTime.UtcNow.AddHours(24), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(tokenKeyByte), SecurityAlgorithms.HmacSha512) }; var securityToken = tokenHandler.CreateToken(tokenDescriptor); string token = tokenHandler.WriteToken(securityToken); return(token); }
public void TestCryptPassword() { CryptoPassword crypto = new CryptoPassword(); string clearPassword = "******"; string encryptedPassword = crypto.Hash(clearPassword); Assert.AreNotEqual(clearPassword, encryptedPassword); }
public void TestRandomSaltInEncryption() { CryptoPassword crypto = new CryptoPassword(); string password = "******"; string firstEncrypt = crypto.Hash(password); string secondEncrypt = crypto.Hash(password); Assert.AreNotEqual(firstEncrypt, secondEncrypt); }
private string GetDecryptedPassword(Profile p, string publicKey) { var cp = new CryptoPassword { EncryptedPassword = p.Password, IV = p.IV, Salt = p.Salt, KeyPhrase = publicKey }; return(Cryptographer.Decrypt(cp)); }
public void TestPasswordVerifyWithGoodPassword() { CryptoPassword crypto = new CryptoPassword(); string clearPassword = "******"; string encryptedPassword = crypto.Hash(clearPassword); bool verify = crypto.Verify(clearPassword, encryptedPassword); Assert.AreEqual(true, verify); }
public async Task <bool> LoginAccountAsync(Account account) { var criptoPassword = CryptoPassword.HashMD5(account.Password); var hasAny = await _context.Accounts.AnyAsync(x => x.UserName == account.UserName && x.Password == criptoPassword); if (!hasAny) { return(false); } return(true); }
public void TestPasswordVerifyWithWrongPassword() { CryptoPassword crypto = new CryptoPassword(); string actualPassword = "******"; string wrongPassword = "******"; string encryptedPassword = crypto.Hash(actualPassword); bool verify = crypto.Verify(wrongPassword, encryptedPassword); Assert.AreEqual(false, verify); }
public ActionResult <string> NewUser(RegisterUserModel registerModel) { var user = new User { Email = registerModel.Email, Name = registerModel.Name, Password = CryptoPassword.GetPasswordHash(registerModel.Password) }; var result = _repository.AddUser(user); return(result); }
public ActionResult <LoginResult> SignIn(LoginModel loginModel) { var loginResult = new LoginResult(); string userHash = CryptoPassword.GetPasswordHash(loginModel.Password); User user = _repository.GetUserByEmail(loginModel.Email); if (userHash == user?.Password) { Authenticate(user); loginResult.Success = true; } return(loginResult); }
/// <summary> /// Check if the username and the password of the user is correct /// </summary> /// <param name="login"></param> /// <returns>True if OK</returns> /// <returns>Exception if not OK</returns> public bool LoginDb(Login login) { CheckData loginCheck = new CheckData(); DbConnection connection = new DbConnection(); CryptoPassword c = new CryptoPassword(); //Check if the fields aren't empty loginCheck.CheckLoginField(login.userEmail, login.password); //Check if the userEmail exist in the database if (!connection.CheckEmail(userEmail)) { return(false); } //Get the password form the database from the validated userEmail var hashedPassword = connection.GetUserPassword(userEmail); //Return true or false if the input password match or not the database password return(c.Verify(password, hashedPassword)); }
public void Register(RegisterDTO registerDTO) { User user = new User { Name = registerDTO.Name, Surname = registerDTO.Surname, Email = registerDTO.Email, Password = CryptoPassword.GetSha(registerDTO.Password), UpdatedDate = null, ConfirmationKey = CryptoPassword.GetSha(registerDTO.Email), IsActive = false }; _context.Users.Add(user); _context.SaveChanges(); string bodyHtml = $"<html> <head> <body> Üyeliğiniz aktif olması için <a href=http://localhost:5000/api/User/userActivate?confirmationKey={user.ConfirmationKey}&mail={user.Email}> bu </a> linke tıklayınız </body> </head> </html> "; string subject = "USER-ACTIVATION"; this.sendEmail(bodyHtml, subject, user.Email); }
/// <summary> /// Register new users in the database, also check if the username is already used. /// </summary> /// <param name="reg">Contains userEmail, username and a password</param> /// <returns>True: Everything OK</returns> /// public bool RegisterInDb(Register reg) { DbConnection connection = new DbConnection(); CryptoPassword c = new CryptoPassword(); string hashedPassword = c.Hash(password); CheckData registerCheck = new CheckData(); try { if (!registerCheck.CheckRegisterField(reg.userEmail, reg.password, reg.passwordCheck)) { return(false); } if (!registerCheck.VerifRegister(reg.userEmail, reg.password)) { return(false); } if (connection.CheckIfUserEmailExistInDb(userEmail)) { return(false); } if (!connection.InsertDataInDb(username, userEmail, hashedPassword)) { return(false); } } catch (InvalidEmailAddressException e) { MessageBox.Show(e.Message); return(false); } catch (EmptyFieldException e) { MessageBox.Show(e.Message); return(false); } catch (EmailTooShortException e) { MessageBox.Show(e.Message); return(false); } catch (PasswordTooShortException e) { MessageBox.Show(e.Message); return(false); } catch (UserEmailAlreadyExistException e) { MessageBox.Show(e.Message); return(false); } catch (MySqlException e) { MessageBox.Show("Un erreur est survenu lors de la connection avec la base de donnée"); return(false); } return(true); }
private string Cryptography(string password) { return(CryptoPassword.HashMD5(password)); }