static void Main(string[] args)
{
var credentialsDAO = new CredentialsDAO();
var allCredentials = credentialsDAO.FetchAllRecords();
foreach (var credential in allCredentials)
{
var salt = EncryptPassword.CreateSALT();
Console.WriteLine($"{credential.Password} + " +
$"{Convert.ToBase64String(EncryptPassword.CreateHASH(credential.Password, salt))} + " +
$"{salt}");
}
}
public bool IsValidPasswordHASH(Credentials enteredCredentials)
{
if (enteredCredentials == null)
{
return(false);
}
if (enteredCredentials.Email == null)
{
return(false);
}
if (enteredCredentials.Password == null)
{
return(false);
}
Credentials userCredentialsInDb = _CredentialsDAO.FindOneRecordBy(enteredCredentials.Email);
if (userCredentialsInDb == null)
{
return(false);
}
if (userCredentialsInDb.Password == null)
{
return(false);
}
if (userCredentialsInDb.SALT == null)
{
return(false);
}
string passwordFromDb = userCredentialsInDb.Password;
byte[] passwordFromForm = EncryptPassword.CreateHASH(enteredCredentials.Password, userCredentialsInDb.SALT);
if (SlowEquals(passwordFromDb.ConvertStringToByte(), passwordFromForm))
{
SetUserRoleAndCredentialId(userCredentialsInDb);
return(true);
}
return(false);
}
public IActionResult AddCredentialsAsAdmin([FromForm] Credentials newCredentials)
{
newCredentials.SALT = EncryptPassword.CreateSALT();
string hashedPassword = Convert.ToBase64String(EncryptPassword.CreateHASH(newCredentials.Password, newCredentials.SALT));
newCredentials.Password = hashedPassword;
var id = _credentialsDAO.AddRecordReturningID(newCredentials);
switch (newCredentials.Role)
{
case Role.Admin:
return(RedirectToAction("Index", "Admin", new { id }));
case Role.Mentor:
return(RedirectToAction("Create", "Mentor", new { id }));
case Role.Student:
return(RedirectToAction("Create", "Student", new { id }));
default:
return(View());
}
}
