Esempio n. 1
0
        public void TestTwoHashes()
        {
            // Arrange
            SecurityHandler securityHandler = new SecurityHandler();
            User            userOne         = new User()
            {
                Email = "*****@*****.**", Password = "******"
            };
            User userTwo = new User()
            {
                Email = "*****@*****.**", Password = "******"
            };
            // Act
            string userOnePass = securityHandler.HashPassword(userOne.Password);
            string userTwoPass = securityHandler.HashPassword(userOne.Password);

            // Assert
            Assert.AreNotEqual(userOnePass, userTwoPass);
        }
Esempio n. 2
0
        public void TestCompareDifferentPassword()
        {
            // Arrange
            SecurityHandler securityHandler = new SecurityHandler();
            User            userOne         = new User()
            {
                Email = "*****@*****.**", Password = "******"
            };
            // Act
            string userOnePass  = securityHandler.HashPassword(userOne.Password);
            bool   samePassword = securityHandler.ArePasswordsSame(userOnePass, "def456");

            // Assert
            Assert.IsFalse(samePassword);
        }
Esempio n. 3
0
        // Inserts a user
        public string InsertUser(User userObj)
        {
            string          result       = "";
            SecurityHandler secHandler   = new SecurityHandler();
            string          userPassword = secHandler.HashPassword(userObj.Password);
            bool            taken        = EmailIsTaken(userObj.Email);

            if (!taken)
            {
                try
                {
                    using (SqlConnection con = new SqlConnection(_connectionString))
                    {
                        // Insert query
                        string query = "INSERT INTO users(email,password) VALUES(@email, @password)";
                        using (SqlCommand cmd = new SqlCommand(query))
                        {
                            cmd.Connection = con;
                            // opening connection
                            con.Open();
                            // Passing parameter values
                            cmd.Parameters.AddWithValue("@email", userObj.Email);
                            cmd.Parameters.AddWithValue("@password", userPassword);

                            // Executing insert query
                            result = cmd.ExecuteNonQuery() >= 1 ? "success" : "failure";
                        }
                    }
                }
                catch
                {
                    return(result = "");
                }
            }
            else
            {
                result = "email address is taken";
            }
            return(result);
        }