public void TestSearchableHashedString() { // set the Salt. It will be used in this test. Environment.SetEnvironmentVariable("MORPHIC_HASH_SALT_PRIMARY", "SALT1:361e665ef378ab06031806469b7879bd"); var saltAsB64 = "Nh5mXvN4qwYDGAZGm3h5vQ=="; Environment.SetEnvironmentVariable("MORPHIC_ENC_KEY_PRIMARY", "ENCKEY:CE2BED7EF7A3871AD87EE80116D360A9FA368B6A7790E9D0D4D314ED83B9AB5E"); var testString = "thequickbrownfoxjumpedoverthelazydog"; var searchHash = new SearchableHashedString(testString); var hashDbString = searchHash.ToCombinedString(); Assert.NotNull(hashDbString); Assert.Contains(saltAsB64, hashDbString); var testString2 = testString + testString; var searchHash2 = new SearchableHashedString(testString2); var hashDbString2 = searchHash2.ToCombinedString(); Assert.NotNull(hashDbString2); Assert.False(searchHash.Equals(testString2)); Assert.True(searchHash2.Equals(testString2)); Assert.Equal(searchHash2.ToCombinedString(), SearchableHashedString.FromCombinedString(searchHash2.ToCombinedString()).ToCombinedString()); }
public UsernameCredential(string userId, string username, string password) { Id = Guid.NewGuid().ToString(); UserId = userId; Username = new SearchableHashedString(username); PasswordHash = new HashedData(password); }
private const int DefaultExpiresSeconds = 30 * 24 * 60 * 60; // 2592000 seconds in 30 days public OneTimeToken(string userId, int expiresInSeconds = DefaultExpiresSeconds) { Id = Guid.NewGuid().ToString(); token = NewToken(); Token = new SearchableHashedString(token); UserId = userId; ExpiresAt = DateTime.UtcNow + new TimeSpan(0, 0, expiresInSeconds); }
public async Task Post() { var request = await Request.ReadJson <PasswordResetRequestRequest>(); if (request.GRecaptchaResponse == "") { throw new HttpError(HttpStatusCode.BadRequest, BadPasswordRequestResponse.MissingRequired(new List <string> { "g_captcha_response" })); } if (!await recaptcha.ReCaptchaPassed("requestpasswordreset", request.GRecaptchaResponse)) { throw new HttpError(HttpStatusCode.BadRequest, BadPasswordRequestResponse.BadReCaptcha); } if (request.Email == "") { throw new HttpError(HttpStatusCode.BadRequest, BadPasswordRequestResponse.MissingRequired(new List <string> { "email" })); } if (!User.IsValidEmail(request.Email)) { throw new HttpError(HttpStatusCode.BadRequest, BadPasswordRequestResponse.BadEmailAddress); } var db = Context.GetDatabase(); var user = await db.UserForEmail(request.Email, ActiveSession); if (user != null) { var hash = user.Email.Hash !.ToCombinedString(); logger.LogInformation("Password reset requested for userId {userId} {EmailHash}", user.Id, hash); jobClient.Enqueue <PasswordResetEmail>(x => x.SendEmail(user.Id, Request.ClientIp())); } else { var hash = new SearchableHashedString(request.Email).ToCombinedString(); logger.LogInformation("Password reset requested but no email matching {EmailHash}", hash); jobClient.Enqueue <UnknownEmailPasswordResetEmail>(x => x.SendEmail( request.Email, Request.ClientIp())); } }
public static async Task <OneTimeToken?> TokenForToken(this Database db, string email, Database.Session?session = null) { var hash = new SearchableHashedString(email).ToCombinedString(); return(await db.Get <OneTimeToken>(t => t.Token == hash, session)); }
public static async Task <User?> UserForEmail(this Database db, string email, Database.Session?session = null) { string hash = new SearchableHashedString(email).ToCombinedString(); return(await db.Get <User>(a => a.Email.Hash ! == hash, session)); }