public void CanCheckThatPasswordGivenIsSameAsHashedPassword() { using (var db = ConnectionHelper.CreateSqlConnection()) { var userName = "******"; var password = "******"; var fullName = "John Squarepants"; HashPassword hashpassword = new HashPassword(); var passwordHashed = hashpassword.Hashpassword(password); var hashpasswordThatWillbeChecked = hashpassword.Hashpassword(password); db.Execute("INSERT INTO \"Users\" (username, password, fullname) VALUES(@userName, @passwordHashed, @fullName)", new { userName, passwordHashed, fullName }); var user = db.Query <string>("SELECT \"password\" FROM \"Users\""); try { foreach (var person in user.Reverse()) { Assert.IsTrue(hashpassword.CovertPasswordBack(person, password)); break; } } finally { // Delete them from the table db.Execute("DELETE FROM \"Users\" WHERE \"username\" = @userName", new { userName }); } } }
public override void OnActionExecuting(ActionExecutingContext filterContext) { var req = filterContext.HttpContext.Request; var userNameAndPassword = AuthenticationHelper.ExtractUsernameAndPassword(req); var Hashpassword = new HashPassword(); if (userNameAndPassword != null) { UserRepository userRepository = new UserRepository(); var users = userRepository.GetAllUsers(); foreach (var person in users) { if (person.username == userNameAndPassword.Username) { if (Hashpassword.CovertPasswordBack(person.password, userNameAndPassword.Password)) { return; } } } } const string realm = "MyFace"; filterContext.HttpContext.Response.AddHeader("WWW-Authenticate", $"Basic realm=\"{realm}\""); filterContext.Result = new HttpUnauthorizedResult(); }
public ActionResult Login(Users login) { var users = new Users(); var UR = new UserRepository(); var HP = new HashPassword(); users = UR.GetUser(login); if (users.username == login.username) { if (HP.CovertPasswordBack(users.password, login.password)) { Session["User"] = users; } } return(RedirectToAction("Index", "UserList")); }