public async Task <IActionResult> PostPasswordRiskList([FromBody] Api.RiskPassword model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var riskPasswords = new List <RiskPassword>(); foreach (var item in model.RiskPasswords) { riskPasswords.Add(new RiskPassword { Id = await RiskPassword.IdFormat(new RiskPassword.IdKey { PasswordSha1Hash = item.PasswordSha1Hash }), Count = item.Count, CreateTime = DateTimeOffset.UtcNow.ToUnixTimeSeconds() }); } await masterService.SaveBulkAsync(riskPasswords); return(NoContent()); }
private async Task CheckPasswordRisk(string email, string password) { var passwordSha1Hash = password.Sha1Hash(); if (await masterRepository.ExistsAsync <RiskPassword>(await RiskPassword.IdFormat(new RiskPassword.IdKey { PasswordSha1Hash = passwordSha1Hash }))) { throw new PasswordRiskException($"Password has appeared in a data breach and is at risk, user '{email}'."); } }
public async Task <IActionResult> DeleteRiskPassword([FromBody] Api.RiskPasswordDelete riskPasswordDelete) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var ids = new List <string>(); foreach (var passwordSha1Hash in riskPasswordDelete.PasswordSha1Hashs) { ids.Add(await RiskPassword.IdFormat(passwordSha1Hash)); } await masterRepository.DeleteBulkAsync <RiskPassword>(ids); return(NoContent()); }
private async Task ValidatePasswordPolicy(string email, string password) { if (password.Length < RouteBinding.PasswordLength) { throw new PasswordLengthException($"Password is to short, user '{email}'."); } if (RouteBinding.CheckPasswordComplexity) { CheckPasswordComplexity(email, password); } if (RouteBinding.CheckPasswordRisk) { var passwordSha1Hash = Sha1Hash(password); if (await masterRepository.ExistsAsync <RiskPassword>(await RiskPassword.IdFormat(new RiskPassword.IdKey { PasswordSha1Hash = passwordSha1Hash }))) { throw new PasswordRiskException($"Password has appeared in a data breach and is at risk, user '{email}'."); } } }
public async Task <IActionResult> DeletePasswordRiskList(string passwordSha1Hash) { try { var passwordRiskList = new RiskPassword { Id = await RiskPassword.IdFormat(new RiskPassword.IdKey { PasswordSha1Hash = passwordSha1Hash }) }; await masterService.DeleteAsync(passwordRiskList); return(NoContent()); } catch (CosmosDataException ex) { if (ex.StatusCode == HttpStatusCode.NotFound) { logger.Warning(ex, $"Delete by password sha1 hash '{passwordSha1Hash}'."); return(NotFound()); } throw; } }
public async Task <ActionResult <Api.RiskPassword> > GetRiskPassword(string passwordSha1Hash) { try { if (!ModelState.TryValidateRequiredParameter(passwordSha1Hash, nameof(passwordSha1Hash))) { return(BadRequest(ModelState)); } var mRiskPassword = await masterRepository.GetAsync <RiskPassword>(await RiskPassword.IdFormat(passwordSha1Hash)); return(Ok(mapper.Map <Api.RiskPassword>(mRiskPassword))); } catch (CosmosDataException ex) { if (ex.StatusCode == HttpStatusCode.NotFound) { logger.Warning(ex, $"NotFound, Get '{typeof(Api.RiskPassword).Name}' by password SHA1 hash '{passwordSha1Hash}'."); return(NotFound(typeof(Api.RiskPassword).Name, passwordSha1Hash)); } throw; } }
public async Task <ActionResult <bool> > GetRiskPasswordTest(string password) { try { if (!ModelState.TryValidateRequiredParameter(password, nameof(password))) { return(BadRequest(ModelState)); } var passwordSha1Hash = password.Sha1Hash(); var mRiskPassword = await masterRepository.GetAsync <RiskPassword>(await RiskPassword.IdFormat(passwordSha1Hash)); return(Ok(true)); } catch (CosmosDataException ex) { if (ex.StatusCode == HttpStatusCode.NotFound) { return(Ok(false)); } throw; } }