Esempio n. 1
0
        public void CanCheckThatPasswordGivenIsSameAsHashedPassword()
        {
            using (var db = ConnectionHelper.CreateSqlConnection())
            {
                var userName = "******";
                var password = "******";
                var fullName = "John Squarepants";

                HashPassword hashpassword   = new HashPassword();
                var          passwordHashed = hashpassword.Hashpassword(password);
                var          hashpasswordThatWillbeChecked = hashpassword.Hashpassword(password);

                db.Execute("INSERT INTO \"Users\" (username, password, fullname) VALUES(@userName, @passwordHashed, @fullName)", new { userName, passwordHashed, fullName });
                var user = db.Query <string>("SELECT \"password\" FROM \"Users\"");

                try
                {
                    foreach (var person in user.Reverse())
                    {
                        Assert.IsTrue(hashpassword.CovertPasswordBack(person, password));
                        break;
                    }
                }
                finally
                {
                    // Delete them from the table
                    db.Execute("DELETE FROM \"Users\" WHERE \"username\" = @userName", new { userName });
                }
            }
        }
        public override void OnActionExecuting(ActionExecutingContext filterContext)
        {
            var req = filterContext.HttpContext.Request;
            var userNameAndPassword = AuthenticationHelper.ExtractUsernameAndPassword(req);
            var Hashpassword        = new HashPassword();

            if (userNameAndPassword != null)
            {
                UserRepository userRepository = new UserRepository();
                var            users          = userRepository.GetAllUsers();

                foreach (var person in users)
                {
                    if (person.username == userNameAndPassword.Username)
                    {
                        if (Hashpassword.CovertPasswordBack(person.password, userNameAndPassword.Password))
                        {
                            return;
                        }
                    }
                }
            }
            const string realm = "MyFace";

            filterContext.HttpContext.Response.AddHeader("WWW-Authenticate", $"Basic realm=\"{realm}\"");
            filterContext.Result = new HttpUnauthorizedResult();
        }
Esempio n. 3
0
        public ActionResult Login(Users login)
        {
            var users = new Users();
            var UR    = new UserRepository();
            var HP    = new HashPassword();

            users = UR.GetUser(login);

            if (users.username == login.username)
            {
                if (HP.CovertPasswordBack(users.password, login.password))
                {
                    Session["User"] = users;
                }
            }
            return(RedirectToAction("Index", "UserList"));
        }