public CommandResult Register(UserRegisterCommand command)
{
bool exist = _repository.ExistName(command.Username);
if (exist)
{
return(new CommandResult(false, "Este nome já está cadastrado! "));
}
exist = _repository.ExistEmail(command.Email);
if (exist)
{
return(new CommandResult(false, "Este email já está cadastrado! "));
}
var user = new User(command.Username, command.Email, command.Password);
if (user.Invalid)
{
return(new CommandResult(false, string.Join(". ", Notifications)));
}
// Add Hash and Salt
var salt = SaltGenerator.Generate();
var hash = HashGenerator.Generate(user.Password, salt);
user.AddHash(hash, Convert.ToBase64String(salt));
user.AddEmailToken();
_repository.Register(user);
user.HidePassword();
return(new CommandResult(true, "Cadastro realizado! Valide seu e-mail. ", user));
}
public CommandResultToken Login(UserLoginCommand command)
{
var user = _repository.GetByNameOrEmail(command.Username);
if (user == null)
{
return(new CommandResultToken(false, "Login inválido! "));
}
var salt_tabela = user.Salt;
byte[] salt = Convert.FromBase64String(salt_tabela);
var hashPassword = HashGenerator.Generate(command.Password, salt); // <-- monta hash para comparação / login
user = _repository.Login(command.Username, hashPassword);
if (user == null)
{
return(new CommandResultToken(false, "Login inválido! "));
}
else if (user.EmailConfirm == false)
{
return(new CommandResultToken(false, "Necessário validar seu e-mail! "));
}
else if (user.Active == false)
{
return(new CommandResultToken(false, "Usuário inativo. Contacte o Administrador. "));
}
user.HidePassword();
return(new CommandResultToken(true, "Login efetuado com sucesso! ", user));
}
public void Test_ハッシュテキストの文字数チェック(string password)
{
var hash = HashGenerator.Generate(password);
// 64 文字であることをチェック
Assert.AreEqual(hash.Length, 64);
}
public CommandResult UpdatePassword(UserUpdatePasswordCommand command, string currentUser)
{
var user = _repository.GetByNameOrEmail(command.Username);
if (user == null)
{
return(new CommandResult(false, "Login inválido! "));
}
var salt_tabela = user.Salt;
byte[] salt = Convert.FromBase64String(salt_tabela);
var hashPassword = HashGenerator.Generate(command.Password, salt);
if (user.Password != hashPassword)
{
return(new CommandResult(false, "Senha antiga não confere. "));
}
// add new hash and salt
hashPassword = HashGenerator.Generate(command.NewPassword, salt);
user.UpdatePassword(command.NewPassword);
if (user.Invalid)
{
return(new CommandResult(false, string.Join(". ", Notifications)));
}
_repository.UpdatePassword(user.Username, hashPassword);
user.HidePassword();
return(new CommandResult(true, "Senha alterada com sucesso! ", user));
}
public void Test_生成時のハッシュ値長さのエラーチェック(string password, int size)
{
Assert.Throws <ArgumentOutOfRangeException>(() =>
{
var hash = HashGenerator.Generate(password, size);
});
}
public void Test_生成時のパスワードのエラーチェック(string password, int size)
{
Assert.Throws <ArgumentNullException>(() =>
{
var hash = HashGenerator.Generate(password, size);
});
}
private static User[] CreateUsers()
{
var user1 = new User
{
UserName = "******",
FirstName = "John",
LastName = "Smith",
Password = HashGenerator.Generate("qwe123")
};
var user2 = new User
{
UserName = "******",
FirstName = "Jack",
LastName = "Black",
Password = HashGenerator.Generate("qwe123")
};
var user3 = new User
{
UserName = "******",
FirstName = "Paul",
LastName = "Blue",
Password = HashGenerator.Generate("qwe123")
};
var users = new[] { user1, user2, user3 };
return(users);
}
public void ReturnEmptyHashForEmptyInput(string input)
{
var hashGenerator = new HashGenerator();
var hash = hashGenerator.Generate(input);
Assert.Equal(string.Empty, hash);
}
public void Generate_ShouldReturnHashSpecifySize()
{
int size = 10;
var generator = new HashGenerator();
var result = generator.Generate(inputString, size);
Assert.Equal(size, result.Length);
}
public void Test_ハッシュテキストの再現性チェック(string password, int count)
{
var hash1 = HashGenerator.Generate(password);
for (var i = 0; i < count; i++)
{
var hash2 = HashGenerator.Generate(password);
Assert.AreEqual(hash1, hash2, $"ハッシュ値が一致しません。hash1={hash1}, hash2={hash2}");
}
}
public string GetImageUrl(string email)
{
var emailHash = hashGenerator.Generate(email);
if (string.IsNullOrWhiteSpace(emailHash))
{
return(null);
}
return($"{ServiceAddress}{emailHash}{SizeParam}");
}
public void GenerateHashForEmail()
{
var email = "*****@*****.**";
var hashGenerator = new HashGenerator();
var hash = hashGenerator.Generate(email);
Assert.NotNull(hash);
Assert.NotEmpty(hash);
Assert.Equal("7bd021685b66a1edc08a268bafd22bb8", hash);
}
public ChangePasswordResult ChangePassword(ChangePasswordRequest changePasswordRequest)
{
var user = this.GetUserByName(changePasswordRequest.UserName);
if (user.Password != HashGenerator.Generate(changePasswordRequest.OldPassword))
{
return(new ChangePasswordResult("Invalid username or password"));
}
// TODO: provide way to check password strength
user.Password = HashGenerator.Generate(changePasswordRequest.NewPassword);
this.session.Save(user);
return(new ChangePasswordResult());
}
public LoginResult <TUserViewModel> LoginUser <TUserViewModel>(LoginRequest loginRequest)
where TUserViewModel : PizzaUserViewModel, new()
{
this.session.Clear();
var user = this.GetUserByName(loginRequest.UserName);
if (user == null || user.Password != HashGenerator.Generate(loginRequest.Password))
{
return(new LoginResult <TUserViewModel>());
}
var userViewModel = Injector.CreateViewModelFromPersistenceModel <TUser, TUserViewModel>(user);
return(new LoginResult <TUserViewModel>(userViewModel));
}
private void InsertOwner()
{
using var db = new Db();
var authorEntity = new AuthorEntity {
Name = _ownerName.Split(" ")[0],
Surname = _ownerName.Split(" ")[1],
Id = HashGenerator.Generate(_ownerName)
};
try
{
db.Insert(authorEntity, "authors");
}
catch (Exception)
{
//Ignored
}
}
static void Main(string[] args)
{
// create a new hash generator
var hashGenerator = new HashGenerator();
Console.WriteLine("Enter a password: "******"Your hash is: {hash}");
Console.WriteLine($"Hash length: {hash.ToString().Length}");
Console.WriteLine();
Console.WriteLine("Enter a password to see if it matches or -1 to quit.");
while (true)
{
var match = Console.ReadLine();
if (match == "-1")
{
break;
}
Console.WriteLine();
// validates the second input against the hash
Console.WriteLine($"Password match: {hashGenerator.Validate(hash, match)}");
}
}
public static void InitializeUsers(AppDbContext context)
{
if (context.User.Any())
{
return;
}
// Admin
var user = new User("admin", "*****@*****.**", "123456", "admin", true, true);
var salt = SaltGenerator.Generate();
var hash = HashGenerator.Generate(user.Password, salt);
user.AddHash(hash, Convert.ToBase64String(salt));
context.Add(user);
context.SaveChanges();
// User
user = new User("user", "*****@*****.**", "123456", "user", true, true);
salt = SaltGenerator.Generate();
hash = HashGenerator.Generate(user.Password, salt);
user.AddHash(hash, Convert.ToBase64String(salt));
context.Add(user);
context.SaveChanges();
}
public CommandResult ResetPassword(string email)
{
var user = _repository.GetByNameOrEmail(email);
if (user == null)
{
return(new CommandResult(false, "Email não encontrado. "));
}
user.PasswordGenerate();
var randomPassword = user.Password;
// Add new Hash and Salt
var salt = SaltGenerator.Generate();
var hash = HashGenerator.Generate(user.Password, salt);
user.AddHash(hash, Convert.ToBase64String(salt));
_repository.ResetPassword(user);
user.AddPassword(randomPassword);
return(new CommandResult(true, "Senha temporária enviada no e-mail! ", user));
}
public void Test_ハッシュ値の文字数変更チェック(string password, int size)
{
var hash = HashGenerator.Generate(password, size);
Assert.AreEqual(hash.Length, size);
}
public OperationResult <Model.BusinessEntities.PetitionEmailVote> CreateEmailVoteRequest(EmailVote vote)
{
OperationResult <Model.BusinessEntities.PetitionEmailVote> emailVoteRequestResult;
Func <EDEntities, OperationResult <Model.BusinessEntities.PetitionEmailVote> > procedure = (db) =>
{
OperationResult <Model.BusinessEntities.PetitionEmailVote> result;
var emailVote = db.PetitionEmailVotes.SingleOrDefault(v => v.PetitionID == vote.ID && v.Email == vote.Email);
if (emailVote != null)
{
var votedPetition = db.Petitions.SingleOrDefault(p => p.ID == vote.ID);
result = emailVote.IsConfirmed
? OperationResult <Model.BusinessEntities.PetitionEmailVote> .Fail(
int.Parse(PetitionVoteOperationResult.AlreadyVotedCode),
PetitionVoteOperationResult.AlreadyVotedMessage)
: OperationResult <Model.BusinessEntities.PetitionEmailVote> .Success(
int.Parse(PetitionVoteOperationResult.WaitingConfirmationCode),
string.Format(PetitionVoteOperationResult.WaitingConfirmationMessage, emailVote.Email),
new Model.BusinessEntities.PetitionEmailVote(emailVote, votedPetition));
return(result);
}
emailVote = new PetitionEmailVote
{
PetitionID = vote.ID,
Email = vote.Email,
CreatedDate = DateTime.Now,
IsConfirmed = false,
Hash = HashGenerator.Generate()
};
db.PetitionEmailVotes.Add(emailVote);
db.SaveChanges();
var petition = new Model.BusinessEntities.Petition(db.Petitions.SingleOrDefault(p => p.ID == emailVote.PetitionID));
var clientEmailVote =
new Model.BusinessEntities.PetitionEmailVote()
{
ID = emailVote.ID,
Petition = petition,
Hash = emailVote.Hash,
Email = emailVote.Email,
CreatedDate = emailVote.CreatedDate,
IsConfirmed = emailVote.IsConfirmed
};
result = OperationResult <Model.BusinessEntities.PetitionEmailVote> .Success(
int.Parse(PetitionVoteOperationResult.EmailVoteRequestCreatedCode),
string.Format(PetitionVoteOperationResult.EmailVoteRequestCreatedMessage, emailVote.Email),
clientEmailVote);
return(result);
};
emailVoteRequestResult = DbExecuter.Execute(procedure);
return(emailVoteRequestResult);
}
public void Test_16進数以外の文字を含んでいないかのチェック(string password)
{
var hash = HashGenerator.Generate(password);
Assert.That(hash, Does.Match("^[0-9|a-f]+$"));
}
