private void BtnClickLogin(object sender, RoutedEventArgs e)
{
var userManager = new UserManager();
var masterPasswordManager = new MasterPasswordManager();
var emailController = new EmailController();
var user = userManager.Retrieve(EmailTxtBox.Text);
if (!emailController.IsEmailInUse(EmailTxtBox.Text))
{
MessageBox.Show("No Account exists with this email");
return;
}
if (masterPasswordManager.CompareHash(Encoding.ASCII.GetBytes(PasswordTxtBox.Password), user.Id))
{
MainWindow main = new MainWindow(user.Id);
_window.Visibility = Visibility.Hidden;
main.Show();
}
else
{
MessageBox.Show("Failed to login");
}
}
private void BtnClickCreate(object sender, RoutedEventArgs e)
{
var userManager = new UserManager();
EmailController emailController = new EmailController();
var masterPasswordManager = new MasterPasswordManager();
var isValidEmail = emailController.IsValidEmail(EmailTxtBox.Text);
if (isValidEmail)
{
MessageBox.Show(emailController.ErrorMessage);
return;
}
if (emailController.IsEmailInUse(EmailTxtBox.Text))
{
MessageBox.Show(emailController.ErrorMessage);
return;
}
if (ConfirmPasswordTxtBox.Password != PasswordTxtBox.Password)
{
return;
}
userManager.Create(FirstNameTxtBox.Text, LastNameTxtBox.Text, EmailTxtBox.Text);
masterPasswordManager.Create(userManager.Retrieve(EmailTxtBox.Text).Id, PasswordTxtBox.Password);
MessageBox.Show("Account Created");
Window.MainLogin.Content = new Login(Window);
}
public ActionResult ConfigureApplication(ConfigurationViewModel model)
{
// Double Check - If the Application is alread configured, redirect to home
if (new MasterPasswordManager().Exists())
{
return(Redirect("~/"));
}
// ViewModel Validation
if (!ModelState.IsValid)
{
return(View(model));
}
// Do Configuration
MasterPasswordManager mpManager = new MasterPasswordManager();
// Generate
string mp = mpManager.Generate(model.Username, model.Password);
// Save
mpManager.Save(mp);
return(Redirect("~/Account/ConfigureApplicationSuccess"));
}
public void ReturnsTrueIfTheHashMatches(string hash, bool expected)
{
var masterPasswordManager = new MasterPasswordManager();
var actual = masterPasswordManager.CompareHash(Encoding.ASCII.GetBytes(hash), _testUser.Id);
Assert.AreEqual(expected, actual);
}
public void ReturnsTheCorrectHash(string password)
{
var masterPasswordManager = new MasterPasswordManager();
var hash = Hash.GenerateHash(Encoding.ASCII.GetBytes(password), _testMPassword.Salt, _testMPassword.Iterations, 16);
masterPasswordManager.CompareHash(Encoding.ASCII.GetBytes(password), _testUser.Id, out byte[] key);
Assert.AreEqual(true, Hash.CompareHash(hash, key));
}
public void WhenAPasswordIsRetrivedByIdItIsTheCorrectPassword()
{
var masterPasswordManager = new MasterPasswordManager();
using (var db = new PasswordManagerContext())
{
var expectedPassword = db.MasterPasswords.Find(_testMPassword.Id);
var actualPassword = masterPasswordManager.RetrieveByUserId(_testUser.Id);
Assert.AreEqual(expectedPassword.Hash, actualPassword.Hash);
}
}
public void WhenAPasswordIsUpdatedTheDatabaseWillShowTheChange()
{
var masterPasswordManager = new MasterPasswordManager();
using (var db = new PasswordManagerContext())
{
var oldHash = _testMPassword.Hash;
var salt = Hash.GenerateSalt(20);
var hashPassword = Hash.GenerateHash(Encoding.ASCII.GetBytes("ThisIsAStrongPassword123"), salt, 1000, 16);
masterPasswordManager.Update(_testMPassword.Id, hashPassword, salt);
Assert.AreEqual(false, Hash.CompareHash(db.MasterPasswords.Find(_testMPassword.Id).Hash, oldHash));
}
}
public void WhenAPasswordIsDeletedTheDatabaseIsUpdated()
{
var masterPasswordManager = new MasterPasswordManager();
using (var db = new PasswordManagerContext())
{
var numberOfPasswordsBefore = db.MasterPasswords.Count();
masterPasswordManager.Delete(db.MasterPasswords.Where(mp => mp.UserId == _testUser.Id).FirstOrDefault().Id);
var numberOfPasswordsAfter = db.MasterPasswords.Count();
Assert.AreEqual(numberOfPasswordsBefore - 1, numberOfPasswordsAfter);
}
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
// Check If the Application is not Configured
if (!new MasterPasswordManager().Exists())
{
return(Redirect("/Account/ConfigureApplication"));
}
// ViewModel Validation
if (!ModelState.IsValid)
{
return(View(model));
}
// Validade
bool isValid = new MasterPasswordManager().Validade(model.Username, model.Password);
if (isValid)
{
// Authenticate
var ident = new ClaimsIdentity(
new[] {
new Claim(ClaimTypes.NameIdentifier, model.Username),
new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "ASP.NET Identity", "http://www.w3.org/2001/XMLSchema#string"),
new Claim(ClaimTypes.Name, model.Username),
// Create 2 Claims for UA and IP Security
new Claim("UA", this.Request.UserAgent),
new Claim("IP", this.Request.UserHostAddress),
// optionally you could add roles if any
new Claim(ClaimTypes.Role, "Admin"),
},
DefaultAuthenticationTypes.ApplicationCookie);
HttpContext.GetOwinContext().Authentication.SignIn(new AuthenticationProperties {
IsPersistent = false
}, ident);
return(Redirect("~/"));
}
else
{
ModelState.AddModelError("Validation", "Invalid Password");
ViewBag.Error = "Invalid Password";
return(View());
}
}
public void WhenAPasswordIsCreatedTheDatabaseIsUpdated()
{
var masterPasswordManager = new MasterPasswordManager();
using (var db = new PasswordManagerContext())
{
db.MasterPasswords.RemoveRange(db.MasterPasswords.Where(mp => mp.UserId == _testUser.Id));
db.SaveChanges();
var numberOfUsersBefore = db.MasterPasswords.Count();
masterPasswordManager.Create(_testUser.Id, "ThisIsAStrongPassword123");
var numberOfUsersAfter = db.MasterPasswords.Count();
Assert.AreEqual(numberOfUsersBefore + 1, numberOfUsersAfter);
}
}
private void BtnClickContinue(object sender, RoutedEventArgs e)
{
var masterPasswordManager = new MasterPasswordManager();
if (masterPasswordManager.CompareHash(Encoding.ASCII.GetBytes(MPasswordTxtBox.Password), _userId, out byte[] key))