public static bool Login(UserPassModel userPass) { connection = new MySqlConnection(connectionString); connection.Open(); MySqlCommand query = new MySqlCommand("SELECT * FROM `users`.`users` WHERE username = @username", connection); query.Parameters.Add("@username", MySqlDbType.VarChar).Value = userPass.username; MySqlDataReader reader = query.ExecuteReader(); reader.Read(); if (reader.HasRows) { string hashFromDatabase = (string)reader["hash"]; byte[] salt = (byte[])reader["salt"]; reader.Close(); string hash = Convert.ToBase64String(KeyDerivation.Pbkdf2( password: userPass.password, salt: salt, prf: KeyDerivationPrf.HMACSHA1, iterationCount: 10000, numBytesRequested: 256 / 8)); if (hashFromDatabase.Equals(hash)) { return(true); } } return(false); }
public static UserPassModel ConvertUserToPost(this IdentityUser input) { var model = new UserPassModel(); var inputType = input.GetType().GetRealType(); var inputProperty = inputType.GetProperties(); var userType = typeof(IdentityUser); var userProperty = userType.GetProperties(); foreach (var p in inputProperty) { if (userProperty.Where(b => b.Name == p.Name).FirstOrDefault() != null) { try { p.SetValue(model, p.GetValue(input)); } catch { } continue; } var prop = p.GetContentPropertyByPropertyInfo(input); if (prop == null) { continue; } model.Properties.Add(prop); } model.Properties = model.Properties.OrderBy(b => b.SortOrder).ToList(); return(model); }
public static bool ValidateInfo(UserPassModel userPass) { Regex regex = new Regex("^(?=.{5,15}$)(?![_.])(?!.*[_.]{2})[a-zA-Z0-9._]+(?<![_.])$"); Match userMatch = regex.Match(userPass.username); Match passMatch = regex.Match(userPass.password); if (!userMatch.Success || !passMatch.Success) { return(false); } return(true); }
public IActionResult Index(UserPassModel userPass, [FromQuery] ParamModel param) { //Validate the parameters passed in the url string validationResposne = DatabaseContext.ValidateParams(param); if (!validationResposne.Equals("Valid")) { return(Ok(validationResposne)); } //Server side password validation if (userPass.username != null && userPass.password != null) { Regex regex = new Regex("(?![_.])(?!.*[_.]{2})[a-zA-Z0-9._]+(?<![_.])$"); Match userMatch = regex.Match(userPass.username); Match passMatch = regex.Match(userPass.password); if (!userMatch.Success || !passMatch.Success) { TempData["err"] = "Invalid 1"; return(View()); }//Validates username and password else if (DatabaseContext.ValidateUser(userPass.username, userPass.password)) { //Generate request token string request_token = DatabaseContext.GenerateToken(param.client_id); //redirects user to redirect_url with request code return(Redirect(param.redirect_uri + "?code=" + request_token)); } else { TempData["err"] = "Invalid 2"; return(View()); } } TempData["redirectErr"] = param.redirect_uri + "?error=access_denied&state=STATE"; ModelState.Remove("username"); ModelState.Remove("password"); return(View()); }
public AuthenticationModel ClientLogin(UserPassModel loginModel) { UserService service = new UserService(); AuthenticationModel authModel = new AuthenticationModel(); authModel.IsSchool = false; authModel.Authenticated = service.CheckJudgeLogin(loginModel.Username, service.HashPassword(loginModel.Username, loginModel.Password)); if (authModel.Authenticated) { return(authModel); } authModel.IsSchool = true; authModel.Authenticated = service.CheckSchoolLogin(loginModel.Username, service.HashPassword(loginModel.Username, loginModel.Password)); if (authModel.Authenticated) { return(authModel); } return(authModel); }
public static IdentityUser ConvertPostToUser(this UserPassModel input, IdentityUser user, bool deleteExistFile = true, List <string> oldFiles = null, List <string> newFiles = null) { var inputType = user.GetType().GetRealType(); var inputProperty = inputType.GetProperties(); var userType = typeof(IdentityUser); var userProperty = userType.GetProperties(); foreach (var p in inputProperty) { try { if (userProperty.Where(b => b.Name == p.Name).FirstOrDefault() != null) { continue; } p.SetPropertyValue(input, user, deleteExistFile, oldFiles, newFiles); } catch { } } return(user); }
public IActionResult Register(RegisterUserModel registerUser) { if (registerUser.username == null) { ModelState.Remove("username"); ModelState.Remove("password"); ModelState.Remove("confirmPassword"); return(View("Register")); } else { //User Db context to register user if (UserDatabaseContext.CheckUsername(registerUser.username)) { UserDatabaseContext.Register(registerUser); User user = new User(); user.username = registerUser.username; user.accessToken = UserDatabaseContext.GenerateAccessToken(registerUser.username); HttpContext.Session.SetString("user", JsonConvert.SerializeObject(user)); } else { TempData["err"] = "Username already exists"; return(View("Register")); } } UserPassModel userPass = new UserPassModel(); userPass.username = registerUser.username; userPass.password = registerUser.password; return(RedirectToAction("Login", userPass)); }
public IActionResult Login(UserPassModel userPass) { //string userString = HttpContext.Session.GetString("user"); if (userPass.username == null) { ModelState.Remove("username"); ModelState.Remove("password"); //auto sign in return(View("Login")); } else { if (ServerSideValidation.ValidateInfo(userPass)) { if (UserDatabaseContext.Login(userPass)) { //Use Db context to validate user name and pass TempData["User"] = userPass.username; User user = new User(); user.username = userPass.username; user.accessToken = UserDatabaseContext.GenerateAccessToken(userPass.username); HttpContext.Session.SetString("user", JsonConvert.SerializeObject(user)); return(RedirectToAction("Index")); } else { TempData["err"] = "Invalid username or password"; return(View()); } } return(View()); } }