コード例 #1
0
        public void Should_ReturnPasswordSalt_When_UserIdIsValid()
        {
            // Arrange
            var gateway = new AuthenticationGateway();
            var userId  = 51;

            // Act
            var result = gateway.GetUserPasswordSalt(userId);

            // Assert
            result.Data.Should().BeOfType <PasswordSalt>();
        }
コード例 #2
0
        public void Should_ReturnNull_When_UserIdIsInvalid()
        {
            // Arrange
            var gateway = new AuthenticationGateway();
            var userId  = 500;

            // Act
            var result = gateway.GetUserPasswordSalt(userId);

            // Assert
            result.Data.Salt.Should().BeNullOrEmpty();
        }
コード例 #3
0
        public ResponseDto <bool> IsCredentialsValid(string username, string password)
        {
            var hasher = new PayloadHasher();

            using (var gateway = new AuthenticationGateway())
            {
                var accountResult = gateway.GetUserAccount(username);

                if (accountResult.Error != null)
                {
                    return(new ResponseDto <bool>()
                    {
                        Data = false,
                        Error = accountResult.Error
                    });
                }

                var saltResult = gateway.GetUserPasswordSalt(accountResult.Data.Id);

                if (saltResult.Error != null)
                {
                    return(new ResponseDto <bool>()
                    {
                        Data = false,
                        Error = saltResult.Error
                    });
                }

                var hashedPassword = hasher.Sha256HashWithSalt(saltResult.Data.Salt, password);
                if (hashedPassword == accountResult.Data.Password)
                {
                    return(new ResponseDto <bool>()
                    {
                        Data = true
                    });
                }
                else
                {
                    return(new ResponseDto <bool>()
                    {
                        Data = false,
                        Error = AuthenticationErrorMessages.USERNAME_PASSWORD_ERROR
                    });
                }
            }
        }
コード例 #4
0
        /// <summary>
        /// Validates whether the payload's credentials are valid.
        /// <para>
        /// @author: Brian Fann
        /// @updated: 4/24/18
        /// </para>
        /// </summary>
        /// <param name="payload">Payload of token</param>
        /// <returns>True if credentials are valid, false otherwise</returns>
        private ResponseDto <bool> ValidateCredentials(SsoTokenPayloadDto payload)
        {
            // Validate username and password
            var loginDto = new LoginDto(payload.Username, payload.Password);
            var accountValidationStrategy = new LoginPreLogicValidationStrategy(loginDto);
            var accountResult             = accountValidationStrategy.ExecuteStrategy();

            if (!accountResult.Data)
            {
                StoreInvalidToken();

                return(new ResponseDto <bool>()
                {
                    Data = false,
                    Error = accountResult.Error
                });
            }

            using (var gateway = new AuthenticationGateway())
            {
                var userAccountResult = gateway.GetUserAccount(payload.Username);

                if (userAccountResult.Error != null)
                {
                    return(new ResponseDto <bool>()
                    {
                        Data = false,
                        Error = userAccountResult.Error
                    });
                }

                var userAccount = userAccountResult.Data;

                var saltResult = gateway.GetUserPasswordSalt(userAccount.Id);

                // Check if salt exists
                if (saltResult.Error != null)
                {
                    return(new ResponseDto <bool>()
                    {
                        Data = false,
                        Error = saltResult.Error
                    });
                }

                // Hash the password and compare it against the database
                var hashedPassword     = new PayloadHasher().Sha256HashWithSalt(saltResult.Data.Salt, payload.Password);
                var isPasswordMatching = hashedPassword == userAccount.Password;

                if (!isPasswordMatching)
                {
                    return(new ResponseDto <bool>()
                    {
                        Data = false,
                        Error = AuthenticationErrorMessages.USERNAME_PASSWORD_ERROR
                    });
                }
            }

            // Credentials are valid at this point
            return(new ResponseDto <bool>()
            {
                Data = true
            });
        }
コード例 #5
0
        /// <summary>
        /// This Method contains all the logic that is implemented to authenticate the user with the database
        /// </summary>
        /// <param name="loginDto"></param>
        /// <returns>
        /// ResponseDto with the updated LoginDto
        /// </returns>
        public ResponseDto <LoginDto> LoginUser(LoginDto loginDto)
        {
            var loginPreLogicValidationStrategy = new LoginPreLogicValidationStrategy(loginDto);

            // Checking if the Dto has all the information it needs
            var validateLoginDtoResult = loginPreLogicValidationStrategy.ExecuteStrategy();

            if (!validateLoginDtoResult.Data)
            {
                return(new ResponseDto <LoginDto>
                {
                    Error = validateLoginDtoResult.Error
                });
            }

            // Pulling attempts from DB
            using (var gateway = new AuthenticationGateway())
            {
                var userAttemptsResult = gateway.GetFailedAttempt(loginDto.Username);
                // Checking if the gateway returns a false
                if (userAttemptsResult.Error != null)
                {
                    return(Error(userAttemptsResult.Error));
                }
                // If there is no Error then take the data out
                var userAttempts = userAttemptsResult.Data;

                // Checking if they already have 5 failed attempts 20 mins ago
                if (userAttempts == null)
                {
                    userAttempts = new FailedAttempts()
                    {
                        LastAttemptTime = DateTime.UtcNow,
                        Count           = 0
                    };
                }
                else if (userAttempts.Count >= 5)
                {
                    var timeToCompare = DateTime.UtcNow.Subtract(TimeSpan.FromMinutes(20));
                    if (!(userAttempts.LastAttemptTime.CompareTo(timeToCompare) < 0))
                    {
                        return(Error(AuthenticationErrorMessages.LOCKED_ACCOUNT));
                    }
                    userAttempts.Count = 0;
                }

                // Pull the User From DB
                // Getting the user's ID
                var userAccountResult = gateway.GetUserAccount(loginDto.Username);
                if (userAccountResult.Error != null)
                {
                    return(Error(userAccountResult.Error));
                }

                // If there are no Errors from the gateway assign the data to an object
                var userAccount = userAccountResult.Data;
                // Set UserAttempts Id with the UserAccount Id
                userAttempts.Id = userAccount.Id;

                // Getting the Salt associated with the ID
                var saltResult = gateway.GetUserPasswordSalt(userAccount.Id);
                if (saltResult.Error != null)
                {
                    return(Error(userAccountResult.Error));
                }

                // Check if user is Active
                if (userAccount.IsActive == null || userAccount.IsActive == false)
                {
                    return(Error(AuthenticationErrorMessages.INACTIVE_USER));
                }

                var password = loginDto.Password;
                // Hash and Salting the Password
                var hashedPassword = new PayloadHasher().Sha256HashWithSalt(saltResult.Data.Salt, password);

                // Checking if the Password is equal to what is in the DataBase
                var checkPasswordResult = hashedPassword == userAccount.Password;

                // If Password matches log the attempt and send loginDto back
                if (checkPasswordResult)
                {
                    userAttempts.Count = 0;
                    return(SuccessfulAttempt(userAttempts, loginDto));
                }

                // Checking if this is the 5th attempt to time stamp it
                if (++userAttempts.Count >= 5)
                {
                    userAttempts.LastAttemptTime = DateTime.UtcNow;
                }

                return(FailedAttempt(userAttempts, AuthenticationErrorMessages.USERNAME_PASSWORD_ERROR));
            }
        }